www.gjsentinel.com Open in urlscan Pro
192.104.183.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gjsentinel.com/
Effective URL:
https://www.gjsentinel.com/
Submission: On December 14 via manual (December 14th 2023, 2:16:18 am UTC) from IN — Scanned from DE

Summary HTTP 274 Redirects Links 55 Behaviour Indicators

Summary

This website contacted 77 IPs in 9 countries across 59 domains to perform 274 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is www.gjsentinel.com.
TLS certificate: Issued by GTS CA 1P5 on November 29th 2023. Valid for: 3 months.

This is the only time www.gjsentinel.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 11	192.104.183.109 192.104.183.109	10668 (LEE-ASN) (LEE-ASN)
40	104.16.132.24 104.16.132.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	146.190.197.191 146.190.197.191	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2600:9000:205... 2600:9000:2057:7000:b:7fc4:98c0:21	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:206... 2600:9000:206f:4200:18:a82e:7180:93a1	16509 (AMAZON-02) (AMAZON-02)
2	62.151.178.57 62.151.178.57	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
3	99.86.4.105 99.86.4.105	16509 (AMAZON-02) (AMAZON-02)
2	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	18.239.69.131 18.239.69.131	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:eff8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.71 99.86.4.71	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1	23.15.178.153 23.15.178.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:215... 2600:9000:2156:4a00:3:1a27:3000:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:480... 2a02:26f0:480:b94::268b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6811:c276	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.211.9.91 23.211.9.91	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
4	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2.17.22.169 2.17.22.169	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.239.64.29 18.239.64.29	16509 (AMAZON-02) (AMAZON-02)
2	52.216.113.213 52.216.113.213	16509 (AMAZON-02) (AMAZON-02)
19 25	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:1200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
4 5	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2 3	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:4b11:4b0e:f335:7576	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.214.242.160 52.214.242.160	16509 (AMAZON-02) (AMAZON-02)
1 1	3.120.54.195 3.120.54.195	16509 (AMAZON-02) (AMAZON-02)
1	18.245.60.44 18.245.60.44	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1	52.55.140.111 52.55.140.111	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.97.171 2.18.97.171	16625 (AKAMAI-AS) (AKAMAI-AS)
1	63.32.253.3 63.32.253.3	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
9 24	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
3 5	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	18.66.122.62 18.66.122.62	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
6	44.205.189.117 44.205.189.117	14618 (AMAZON-AES) (AMAZON-AES)
2	74.208.21.154 74.208.21.154	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
3	2600:9000:223... 2600:9000:223c:5a00:8:4487:bd00:93a1	16509 (AMAZON-02) (AMAZON-02)
3	167.235.124.59 167.235.124.59	24940 (HETZNER-AS) (HETZNER-AS)
1	34.223.74.168 34.223.74.168	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.98 18.66.97.98	16509 (AMAZON-02) (AMAZON-02)
9	18.66.97.40 18.66.97.40	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.28 13.32.121.28	16509 (AMAZON-02) (AMAZON-02)
20	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
2	18.245.60.124 18.245.60.124	16509 (AMAZON-02) (AMAZON-02)
4	99.81.179.193 99.81.179.193	16509 (AMAZON-02) (AMAZON-02)
2 2	52.28.254.225 52.28.254.225	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
2 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	216.52.2.86 216.52.2.86	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	34.248.55.250 34.248.55.250	16509 (AMAZON-02) (AMAZON-02)
3 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.19.245.101 2.19.245.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1	54.93.159.119 54.93.159.119	16509 (AMAZON-02) (AMAZON-02)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:dff8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
274	77

11 192.104.183.109 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

gjsentinel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gjsentinel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.190.197.191 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

grandjunctiondailysentinel-co.newsmemory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:7000:b:7fc4:98c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1wcopahj6rhb7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:206f:4200:18:a82e:7180:93a1 (United States)

ASN16509 (AMAZON-02, US)

discovery.evvnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.151.178.57 (Spain)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: cldsrv21.wehaaserver.com

westerncolorado.jobs	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-105.fra6.r.cloudfront.net

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.69.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-131.ams58.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:eff8 (United States)

ASN13335 (CLOUDFLARENET, US)

experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

secure.geotix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.15.178.153 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-15-178-153.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:4a00:3:1a27:3000:93a1 (United States)

ASN16509 (AMAZON-02, US)

discoverevvnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:b94::268b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c276 (United States)

ASN13335 (CLOUDFLARENET, US)

c2.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.211.9.91 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-9-91.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.22.169 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-22-169.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.64.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-64-29.ams58.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.113.213 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 35.204.158.49 (Groningen, Netherlands) 19 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:1200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 46.228.174.117 (United Kingdom) 4 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:4b11:4b0e:f335:7576 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.242.160 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-242-160.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.54.195 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-54-195.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-44.fra60.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.55.140.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-140-111.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.97.171 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-97-171.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.253.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-253-3.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.185.162 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.171.53 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.122.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-62.fra60.r.cloudfront.net

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 44.205.189.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-189-117.compute-1.amazonaws.com

analytics-prd.aws.wehaa.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.208.21.154 (United States)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)

static.wehaacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:5a00:8:4487:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.mktg.evvnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.124.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0037.cxense.com

p1cluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
comcluster.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.cxense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.223.74.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-74-168.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-98.fra56.r.cloudfront.net

img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.97.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-40.fra56.r.cloudfront.net

images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-28.fra60.r.cloudfront.net

media.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.60.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-124.fra60.r.cloudfront.net

x.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.81.179.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-179-193.eu-west-1.compute.amazonaws.com

yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.254.225 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-225.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.254 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.55.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-55-250.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.245.101 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-245-101.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.159.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-159-119.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:dff8 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	townnews.com bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 17221	540 KB
37	doubleclick.net 9 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	543 KB
35	googlesyndication.com 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	203 KB
28	simpli.fi 19 redirects tag.simpli.fi — Cisco Umbrella Rank: 4333 i.simpli.fi — Cisco Umbrella Rank: 3745 um.simpli.fi — Cisco Umbrella Rank: 780	14 KB
24	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 7459 trends.revcontent.com — Cisco Umbrella Rank: 1899 img.revcontent.com — Cisco Umbrella Rank: 9953 images.revcontent.com — Cisco Umbrella Rank: 8620 media.revcontent.com — Cisco Umbrella Rank: 12030 x.revcontent.com — Cisco Umbrella Rank: 54316 yeet.revcontent.com — Cisco Umbrella Rank: 8461	195 KB
11	evvnt.com discovery.evvnt.com — Cisco Umbrella Rank: 33365 cdn.prod.mktg.evvnt.com — Cisco Umbrella Rank: 42959	255 KB
11	gjsentinel.com 1 redirects gjsentinel.com www.gjsentinel.com	232 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	646 KB
10	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	734 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	42 KB
7	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
7	cxense.com cdn.cxense.com — Cisco Umbrella Rank: 5183 p1cluster.cxense.com — Cisco Umbrella Rank: 9278 comcluster.cxense.com — Cisco Umbrella Rank: 4661 id.cxense.com — Cisco Umbrella Rank: 10741	82 KB
6	wehaa.net analytics-prd.aws.wehaa.net — Cisco Umbrella Rank: 78094	2 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	161 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	4 KB
5	google.com 1 redirects ampcid.google.com — Cisco Umbrella Rank: 2783 www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693	2 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 306 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 614 aax.amazon-adsystem.com — Cisco Umbrella Rank: 410	75 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 560	3 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1681	35 KB
4	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1355 insight.adsrvr.org — Cisco Umbrella Rank: 557	5 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 491	461 B
3	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 339	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6765 ampcid.google.de — Cisco Umbrella Rank: 85078	932 B
3	lijit.com 2 redirects ce.lijit.com — Cisco Umbrella Rank: 835 ap.lijit.com — Cisco Umbrella Rank: 650	2 KB
3	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 372	1 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 546	1 KB
3	tinypass.com experience.tinypass.com — Cisco Umbrella Rank: 8812 cdn.tinypass.com — Cisco Umbrella Rank: 6343 buy.tinypass.com — Cisco Umbrella Rank: 6802	117 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1299	326 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 818	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	129 KB
2	wehaacdn.com static.wehaacdn.com — Cisco Umbrella Rank: 99227	759 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1661	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 408	140 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2174	880 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 499 d.agkn.com — Cisco Umbrella Rank: 686	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
2	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	950 B
2	amazonaws.com s3.amazonaws.com	30 KB
2	discoverevvnt.com discoverevvnt.com — Cisco Umbrella Rank: 33372	5 KB
2	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5869 api.livechatinc.com — Cisco Umbrella Rank: 5344	27 KB
2	geotix.com secure.geotix.com — Cisco Umbrella Rank: 254876	6 KB
2	westerncolorado.jobs westerncolorado.jobs	5 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	554 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	608 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 1765	199 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1340	176 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 138	544 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 848	446 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1556	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 846
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6102	175 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	237 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 544	67 KB
1	piano.io c2.piano.io — Cisco Umbrella Rank: 5667	1 KB
1	cloudfront.net d1wcopahj6rhb7.cloudfront.net	144 KB
1	newsmemory.com grandjunctiondailysentinel-co.newsmemory.com	39 KB
274	59

	Domain	Requested by
40	bloximages.newyork1.vip.townnews.com	www.gjsentinel.com
25	um.simpli.fi	19 redirects www.gjsentinel.com
23	cm.g.doubleclick.net	8 redirects 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com googleads.g.doubleclick.net
20	pagead2.googlesyndication.com	www.gjsentinel.com 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net www.googletagservices.com
12	tpc.googlesyndication.com	www.gjsentinel.com 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
10	s0.2mdn.net	6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com www.gjsentinel.com s0.2mdn.net
10	www.googletagmanager.com	www.gjsentinel.com www.googletagmanager.com westerncolorado.jobs
10	www.gjsentinel.com	www.gjsentinel.com
9	images.revcontent.com	www.gjsentinel.com
8	discovery.evvnt.com	www.gjsentinel.com discovery.evvnt.com
6	analytics-prd.aws.wehaa.net	westerncolorado.jobs
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.gjsentinel.com
4	c1.adform.net	4 redirects
4	yeet.revcontent.com	assets.revcontent.com
4	ad.doubleclick.net	www.gjsentinel.com
4	trends.revcontent.com	assets.revcontent.com
4	ib.adnxs.com	2 redirects www.gjsentinel.com googleads.g.doubleclick.net
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	cdn.segment.com	www.gjsentinel.com cdn.segment.com
4	cdn.cxense.com	cdn.tinypass.com cdn.cxense.com
4	fonts.gstatic.com	fonts.googleapis.com
3	cdn.prod.mktg.evvnt.com	www.gjsentinel.com
3	6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	region1.google-analytics.com	www.googletagmanager.com
3	us-u.openx.net	www.gjsentinel.com googleads.g.doubleclick.net
3	pixel.rubiconproject.com	2 redirects www.gjsentinel.com
3	www.google.com	1 redirects 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com tpc.googlesyndication.com
3	googleads.g.doubleclick.net	1 redirects 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
3	eb2.3lift.com	2 redirects www.gjsentinel.com
3	sync.1rx.io	3 redirects
3	c.amazon-adsystem.com	www.gjsentinel.com c.amazon-adsystem.com
3	assets.revcontent.com	www.gjsentinel.com assets.revcontent.com
3	securepubads.g.doubleclick.net	www.gjsentinel.com securepubads.g.doubleclick.net
2	insight.adsrvr.org	js.adsrvr.org
2	sync.teads.tv	googleads.g.doubleclick.net
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pm.w55c.net	2 redirects
2	x.revcontent.com	assets.revcontent.com
2	www.googletagservices.com	6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
2	static.wehaacdn.com	westerncolorado.jobs
2	www.google.de	www.gjsentinel.com
2	loadm.exelator.com	1 redirects www.gjsentinel.com
2	idsync.rlcdn.com	www.gjsentinel.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects www.gjsentinel.com
2	sync.targeting.unrulymedia.com	1 redirects www.gjsentinel.com
2	s3.amazonaws.com	www.gjsentinel.com
2	discoverevvnt.com	discovery.evvnt.com
2	secure.geotix.com	d1wcopahj6rhb7.cloudfront.net
2	js.adsrvr.org	www.gjsentinel.com
2	westerncolorado.jobs	www.gjsentinel.com westerncolorado.jobs
2	tag.simpli.fi	www.gjsentinel.com
2	www.gstatic.com	www.gjsentinel.com
2	fonts.googleapis.com	www.gjsentinel.com westerncolorado.jobs
1	buy.tinypass.com	cdn.tinypass.com
1	x.bidswitch.net	6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
1	secure.adnxs.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	match.360yield.com	6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
1	media.revcontent.com	www.gjsentinel.com
1	img.revcontent.com	www.gjsentinel.com
1	id.cxense.com	cdn.cxense.com
1	comcluster.cxense.com	cdn.cxense.com
1	api.segment.io	cdn.segment.com
1	p1cluster.cxense.com	cdn.cxense.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ampcid.google.de	www.google-analytics.com
1	www.googleadservices.com	1 redirects
1	ce.lijit.com	www.gjsentinel.com
1	bcp.crwdcntrl.net	www.gjsentinel.com
1	stags.bluekai.com	www.gjsentinel.com
1	sync.bfmio.com	www.gjsentinel.com
1	sync.intentiq.com	www.gjsentinel.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	www.gjsentinel.com
1	s.ad.smaato.net	www.gjsentinel.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	api.livechatinc.com	cdn.livechatinc.com
1	i.simpli.fi	tag.simpli.fi
1	ampcid.google.com	www.google-analytics.com
1	ads.pubmatic.com	assets.revcontent.com
1	c2.piano.io	cdn.tinypass.com
1	cdn.livechatinc.com	www.gjsentinel.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	cdn.tinypass.com	experience.tinypass.com
1	experience.tinypass.com	www.gjsentinel.com
1	d1wcopahj6rhb7.cloudfront.net	www.gjsentinel.com
1	grandjunctiondailysentinel-co.newsmemory.com	www.gjsentinel.com
1	gjsentinel.com	1 redirects
274	93

This site contains links to these domains. Also see Links.

Domain
grandjunctiondailysentinel-co.newsmemory.com
subscriptions.gjsentinel.com
www.legacy.com
westerncolorado.jobs
secure.adpay.com
westerncolorado.realestate
new.evvnt.com
gjsentinel.enotice.io
1073theoutlaw.com
junction1015.com
thebeat943.com
1047lajefa.com
legacy.memoriams.com
gjsentinel.column.us
gjsentinel.secondstreetapp.com
www.970tix.com
970tix.com
www.google.com
www.thcpalisade.com
wshga.com
www.budsltd.com
www.remax.com
www.grocerysmarts.com
smeagol.revcontent.com
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
grand-junction-media.display-pages.com
www.microsoft.com
www.mozilla.org
bloxcms.com
bloxdigital.com

Subject Issuer	Validity	Valid
gjsentinel.com GTS CA 1P5	`2023-11-29` - `2024-02-27`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.newsmemory.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-02` - `2024-04-01`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
discovery.evvnt.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
westerncolorado.jobs R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
revcontent.com Amazon RSA 2048 M02	`2023-05-18` - `2024-06-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-13` - `2024-08-12`	a year	crt.sh
geotix.com Cloudflare Inc ECC CA-3	`2023-04-03` - `2024-04-02`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-02-20` - `2024-03-20`	a year	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-08-15`	a year	crt.sh
discoverevvnt.com Amazon RSA 2048 M02	`2023-12-10` - `2025-01-08`	a year	crt.sh
*.cxense.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-13`	a year	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2023-03-27` - `2024-03-26`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-26` - `2024-11-26`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-10`	9 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.aws.wehaa.net Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
static.wehaacdn.com R3	`2023-10-31` - `2024-01-29`	3 months	crt.sh
cdn.prod.mktg.evvnt.com Amazon RSA 2048 M01	`2023-06-07` - `2024-07-05`	a year	crt.sh
*.segment.io Amazon RSA 2048 M03	`2023-12-13` - `2025-01-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.gjsentinel.com/
Frame ID: AE7AB4E118FC9F76106ACD722AD90343
Requests: 181 HTTP requests in this frame

Frame: https://westerncolorado.jobs/places/widget/widget:1/type:300x600
Frame ID: 336D34F27EA03D661BE9EE5178FDB51F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 134B0934D1AC62B62628A7ABE77019E1
Requests: 4 HTTP requests in this frame

Frame: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A002BA0BEC02DFAA3F6C79607FEA3BAB
Requests: 1 HTTP requests in this frame

Frame: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8D171F7C920E1C47BAA746426253A7E5
Requests: 14 HTTP requests in this frame

Frame: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3FAC4CA21A34CF040AC3DB6989F1FE48
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGK3o7vgBMAE&v=APEucNXGMlJYIlEF8wm7_nBWxZlymm7AAeJLr2Im_AqOVAbE83X8eruIuO784KQsRVKQemYzvphL2IotYG9xoaqBzxHZ5CZscTQ56FA1fqF2Jc8Wgt3eBPWkm4Po3oC9HuDdYULegt5wGJgPG23hHW_KjjczZXvrUFFAitsMVCfQwXJ8__K5_J0
Frame ID: CDEF3CEC4248924DC8397159B5679E58
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A4C144F23B9E77C58879A27D1534DBF0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNVugC3xv8FILRnfKU45jIApvrvRVvUvMLubSVnkkjL_6yAurcLgUwneIuvuprW1EMA786uYpYcMphyBhSF81kQHuoyAvsvypZIrM4QckPKXdMuDxyM1VKPf8goxbZHd3vhTkqGMr64aoh0PMzieBIa8P6iuV1fNXs5Us6Nd0Mo7KIjN34E
Frame ID: E98107E154153FD337ED1364FBFF578E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BD793DBE9275214B5E5A0E96F90DE749
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 583231FB85F31D0E11C2C5E2377D7E47
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 9194C573B3A8FDAD2A1D1FAD491DBF7E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250
Frame ID: E3B9F15B82775400C380B2574DBC80C8
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: B5D1F605AD687C33D02CB6237526230C
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=va5jfn8&ref=https%3A%2F%2Fwww.gjsentinel.com%2F&upid=8iynjks&upv=1.1.0
Frame ID: 4C9CFA181782AEFC49CA7F2A96D8BE99
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.gjsentinel.com%2F&upid=vo84dfa&upv=1.1.0
Frame ID: 72FE55C58E52F051B31731929710F805
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 474FCF8A50C9145F7A0D02E416285C6A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F5897139DE8E13DD01F7E74895B9C39D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

gjsentinel.com | Grand Junction news, sports, entertainment, shopping and more.Article with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticlesimagesVideosCommentedArticle with imagesArticle with imagesArticle with imagesArticle with imagesImage galleryImage galleryImage galleryImage galleryImage galleryImage galleryImage galleryVideoArticle with imagesVideoVideoArticle with imagesVideoArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with imagesArticle with images

Page URL History Show full URLs

http://gjsentinel.com/ HTTP 301
https://www.gjsentinel.com/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

274
Requests

86 %
HTTPS

36 %
IPv6

59
Domains

93
Subdomains

77
IPs

9
Countries

5095 kB
Transfer

10732 kB
Size

59
Cookies

55 Outgoing links

These are links going to different origins than the main page.

URL: https://grandjunctiondailysentinel-co.newsmemory.com/
Title: Print Edition

Search URL Search Domain Scan URL

URL: https://subscriptions.gjsentinel.com/CircStore/Account/Login?returnUrl=%2FCircStore
Title: Subscriber Services

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/gjsentinel/browse
Title: Obits

Search URL Search Domain Scan URL

URL: http://www.legacy.com/celebration/gjsentinel/
Title: Celebrations

Search URL Search Domain Scan URL

URL: https://westerncolorado.jobs/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://secure.adpay.com/searchresults.aspx?p=2153&pcatid=2000
Title: Jobs

Search URL Search Domain Scan URL

URL: https://westerncolorado.realestate/
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://new.evvnt.com/?with_navbar&force_snap_sell&partner=GJSENTINEL&publisher_url:gjsentinel.com#/quick
Title: Promote Your Event

Search URL Search Domain Scan URL

URL: https://gjsentinel.enotice.io/place
Title: Place Notice

Search URL Search Domain Scan URL

URL: https://gjsentinel.enotice.io/search
Title: Search Notices

Search URL Search Domain Scan URL

URL: https://1073theoutlaw.com/
Title: 107.3 The Outlaw

Search URL Search Domain Scan URL

URL: https://junction1015.com/
Title: Junction 101.5

Search URL Search Domain Scan URL

URL: https://thebeat943.com/
Title: 94.3 The Beat

Search URL Search Domain Scan URL

URL: https://1047lajefa.com/
Title: La Jefa 104.7

Search URL Search Domain Scan URL

URL: https://subscriptions.gjsentinel.com/CircStore/Store/FindAddress
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://legacy.memoriams.com/network/grand-junction-daily-sentinel/obituary?utm_campaign=consumerdirect&utm_source=legacy&utm_medium=np_lp&utm_content=gjsentinel&_gl=1*uifbrv*_ga*MjEzNzk0OTI4NC4xNjQ1MDUwNjUx*_ga_9WHKS7T58D*MTY2OTgxNzg3MS4xLjAuMTY2OTgxNzg
Title: Place Obit

Search URL Search Domain Scan URL

URL: https://gjsentinel.column.us/search
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://gjsentinel.secondstreetapp.com/Older-and-Wiser-Headlines-Quiz-12-08/questions/4807154?allow-full-viewport=true
Title: Headline Quiz 12-08

Search URL Search Domain Scan URL

URL: https://www.970tix.com/

Search URL Search Domain Scan URL

URL: https://970tix.com/events/the-theatre-project-presents-elf-the-musical-12-15-2023
Title: The Theatre Project presents "Elf the Musical"

Search URL Search Domain Scan URL

URL: https://970tix.com/events/the-theatre-project-presents-elf-the-musical-12-16-2023
Title: The Theatre Project presents "Elf the Musical"

Search URL Search Domain Scan URL

URL: https://970tix.com/events/the-theatre-project-presents-elf-the-musical-12-16-2023-137745
Title: The Theatre Project presents "Elf the Musical"

Search URL Search Domain Scan URL

URL: https://970tix.com/events/cavalcades-monthly-variety-show-12-16-2023
Title: Cavalcade's Monthly Variety Show!

Search URL Search Domain Scan URL

URL: https://970tix.com/events/the-theatre-project-presents-elf-the-musical-12-17-2023
Title: The Theatre Project presents "Elf the Musical"

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//P.O.%20Box%2013%2BGrand%20Junction%2BCO%2B81501
Title: P.O. Box 13, Grand Junction, CO 81501

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//8714%20Cr%20300%2BParachute%2BCO%2B81635
Title: 8714 Cr 300, Parachute, CO 81635

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//1043%20N%20River%20Rd.%2BPalisade%2BCO%2B81526
Title: 1043 N River Rd., Palisade, CO 81526

Search URL Search Domain Scan URL

URL: https://www.thcpalisade.com/
Title: Website

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//393%20E%202nd%20St.%2BParachute%2BCO%2B81635
Title: 393 E 2nd St., Parachute, CO 81635

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//PO%20Box%201094%2BPaonia%2BCO%2B81428
Title: PO Box 1094, Paonia, CO 81428

Search URL Search Domain Scan URL

URL: https://wshga.com/
Title: Website

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//2034%20I-70%20Frontage%20Rd%2C%20Old%20US%20Highway%206%2BDe%20Beque%2BCO%2B81630
Title: 2034 I-70 Frontage Rd, Old US Highway 6, De Beque, CO 81630

Search URL Search Domain Scan URL

URL: https://www.budsltd.com/home/
Title: Website

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//%2B%2B%2B81505

Search URL Search Domain Scan URL

URL: https://www.remax.com/real-estate-agents/holly-alm-grand-junction-co/100008555
Title: Website

Search URL Search Domain Scan URL

URL: https://www.grocerysmarts.com/colorado/lists/indexgrandjunction.php?w80al2

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/v3/Oh0cFyrsGiOgATTs7INLgfVqzL-_AkMGLqwaQ-FDP1iUBShyabkAf9CTXLelCIZGB3rxTZbhyp3d0-Sh55Tw_tKDK-YLinJhECmOa6k3d3yyB_wUtZg4RyvxHDB9MpFz3h3YFTfan8W6ZiN3OVd8BWJvpG9ZcPOJd2WVtpLwlghpa3ioxgWBSFJjWb4khUxQ0pd3tMLJvawLEeaFS1784KM4YLP674HOmT1eUbZpYh6Ru5SQnhlN3Y24u3WlNUpqRHMQS82ohQMLFCdTEN0oADsklXJKEG6uhEg7xNhDz850UsB0M6k0twFEY_A_TQ7C3XrfVrkvjdPDoKMRCalFL8qHKkXZa95V501OrIx3bskCTXbPcKszpD7ivhl11MCt9x3cTqk_sDsbtSy95t36DY_R9eLeEpdf8VnEfMvDlUf1CVOJojj5Q3AHrjMZXnXK2yJHxBQgdqkDNMexRIYIDuVmw_lbld1SR8uv61YfJUa7BKRg9tCz9YiomD9i5RzJzIsMnkArq20vheY-h4xkEUaV7QroEtBAmAMsn2aL4qBotsjYO4c-lmsqm4m3KG9E05u_ZJdxCZuHWLNPYUYps4l80JIGf1jEND7-GgT62rH5GhDkBEHYNVIVjlksDdIDdin4g4KBeFqacnGGvZnQOYnfN4xtmtVnWA1xN7WVnVynuWX2LuzHi7SWTCQyFFaUhascTusNOFOhTljYfN8i-ylwqaAB3Msmt5j_1nWZgCNwpBh95shCijXkLQ8MCalQZSeOA4ZZ1ceHAKdjHFb6zECnRpoGgO_dKzDgRAi8eHDoQbb-7-A97gAmaVeRiuxLjGVB4b5rb3EUk3G3umKYHj1I8uFCd-A?p=GgFDMOvK6asGOiQ0ZjBiM2JiOS1hN2IzLTRiYmEtYjM4Yi04NTdhNDU4MzZlNDdCJDlmNTdhZjYxLTkwZGYtNGQ4My1hMDM2LTg0NDZiNDQyZWU5M0oLd2hpZS13YWxrZXJQ5pwJWMifDWIOZ2pzZW50aW5lbC5jb21qB2Rlc2t0b3CQAQHYAbKO8AGRAoXrUbgehes_qgIMODAuMjU1LjcuMTA56gIRCghncmF5X2ltcBIFZmFsc2U
Title: Eine Einfache Methode Zur Kniearthrose – Probieren Sie Es AusKnee Osteoarthritis Treatment

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/in7wepAQeCYkABigNeC23sk61IQEErETGNRrKujr3ZchB1umZxEpj69Hsh6ry4arouPJSI4446KJBxJWz03HrckrJbzrINqTYxX4OocWMLjQRvckxJB2ImRv8-BzKy-4TlRQMUVhaxtTR9oYbhAGsddg5zsI4lMX4XY64HRpIG5OrRmrN4TsC3KM9EWwHSU_vwuRZ65vMVNBcMUyLGyd8U14gFOCBY0kjZ4I7xy1x13yy06bMZySqiEcNL5gJfZrrwKn6rrZSyJCf4YYez9K3kQRe1uFRYSLMuHwnWEBYIFoh20C7BfUBBqzqlnwQJs64JSjltRRuhvpa1vkQalCH52zgWpza-f6JePK6ajUGHTqtJYJXpQhv4c0ZKwLOyYjyf1LyN4ZlGXIj4_m0zAYatwvuPxZHKnKqm0dAmyv9JsKBGBIlCwsqO45_s6URmroWBwMJDSB7qiJ-8qgTJN7p3vPqUm0pP5RdqZhDFw5SsAifdDEf8R4MnZ_JfVufe2F6skwdsSubHJ2yLvJVTS4HzpjPuf1vwN3vVVQ1o56Ms29v21IM_x6_UrxZR2gmxjE2lwbX069-0vPY9oWVoHdNSUGtRHGB860LaP7FvS8cr6O-BU?p=GgFDMOvK6asGOiQ0ZjBiM2JiOS1hN2IzLTRiYmEtYjM4Yi04NTdhNDU4MzZlNDdCJDlmNTdhZjYxLTkwZGYtNGQ4My1hMDM2LTg0NDZiNDQyZWU5M0oLd2hpZS13YWxrZXJQ5pwJWMifDWIOZ2pzZW50aW5lbC5jb21qB2Rlc2t0b3CQAQLYAbKO8AGRAoXrUbgehes_qgIMODAuMjU1LjcuMTA56gIRCghncmF5X2ltcBIFZmFsc2U
Title: Berlin Elektroautos Für Rentner: Der Preis Mag überraschenElectric Cars I Search Ads

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/y0iDT9GwoYl25SsdtsbqQHcxy8-MIDs5NvTn-ZckTT_Mh4ldIwY4K28DjR9_DaTHzSf6trs4uK1ixonKjga_eK8iPem9-OvbwomYzZOi2Q6fB1f91sG6bVptabLS99pY6EfujxKjKVfu9MHdCpR2GuuMhN17RjeFjd1RjLbHsS-PPl0nBwTzHrd9IagxXlgWfehcObUPS5Awy8Oz6OEz4iBBlRxJTEikNJIlHX7rleAiWi0zfpeC5JL5azPGUO8gMYKqmg8mYtk2qcIS4K8-bjHc47ePTVftpcKWW5qNpWKjqEmWtPxi24Gpy9gerIAZI4sBErjh1NbLRPeSPbsPuG-OmdSf17bps2yUIdnO3UXBjuT7OC1onY-SWMiWCInDDbuTPs-Sk1z1TSr3D9sywwqnxUQUaxh5f0lmpN2_csZSF-TBi6FU27l6f9k2S8BzwVIcF9zuD_-XndtHp4S4RLOp8v3t-8lOQrO3pjPqvL4enIx4BFRyCm-VKwnXvOAN4cT7xlUU6UoY21a0nofjpaIeHknRE71sQYnr4imjbYCqNWCFmH8bSP8KESMyk_fWIhGF4eTat8OuwvwPyN9sQw?p=GgFDMOvK6asGOiQ0ZjBiM2JiOS1hN2IzLTRiYmEtYjM4Yi04NTdhNDU4MzZlNDdCJDlmNTdhZjYxLTkwZGYtNGQ4My1hMDM2LTg0NDZiNDQyZWU5M0oLd2hpZS13YWxrZXJQ5pwJWMifDWIOZ2pzZW50aW5lbC5jb21qB2Rlc2t0b3CQAQPYAbKO8AGRAoXrUbgehes_qgIMODAuMjU1LjcuMTA56gIRCghncmF5X2ltcBIFZmFsc2U
Title: Dies Sind Bäder Einer Neuen Generation. Klicke Um Es Zu SehenBadewannen | Suchanzeigen

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/nz8sOEc8TF5zjG7bAiUrtRS1CqDST-rd9JS4QrOP-0cV8DiIn6y1522eWI4LHRSonkHNcpDSHHF85vO-DDAuR79VjKaaJF_It1LBwyoWJpy-H3BT_YNn752sUdmpHwTSu0R54unU7Gj9qo7V7usj3fp45biGD8gu63dDL7c1vU5uGODCJ1HEgS6v0OrVr1uWODWJNYAfF_zNchB_PlF4OR11-Zxx8wQMi7kHIq4_fxQwkAHs9WJI64xeE265lwR86RmDv36Jpgzz3DMaCWXxiSv-RgenbjsQ3-QGytw1L7qmuVaWqVsYwrlXEhXo5ZvEAceoHlnRh2bCIiUIa6CAt2iN0PYnOuVC7MDnCOwYfx6yyElnyz7lxKHIJ8ikgxFzSbggBwF5_5pUOuV39JxZyB_ZyyIC10BPGX28TSEWdPfVVRz6n3xC-eNLRcE51b7Pcrrs0vr9KPSmmyUTujXxwPbu7CWCI4v8MzhEI-7pkE_9D2e_lnINWI4geOPKuqOZ2iTq3YfQgeFEXX1vhZ5I_meSU6_yKkeU4r_1OPpBbX3jQ1kqFkpxxhffgaC4ox-JE8iyvoAxWjwDZhUJnsx-PGQhjyDpK7Pm?p=GgFDMOvK6asGOiQ0ZjBiM2JiOS1hN2IzLTRiYmEtYjM4Yi04NTdhNDU4MzZlNDdCJDlmNTdhZjYxLTkwZGYtNGQ4My1hMDM2LTg0NDZiNDQyZWU5M0oLd2hpZS13YWxrZXJQ5pwJWMifDWIOZ2pzZW50aW5lbC5jb21qB2Rlc2t0b3CQAQTYAbKO8AGRAoXrUbgehes_qgIMODAuMjU1LjcuMTA56gIRCghncmF5X2ltcBIFZmFsc2U
Title: When Neuropathy Hits, Try This (It's Genius!)WellnessGaze

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/f9M_qwstLjMv-YG9Wol3G0FKh7qR_VjxNa1vJWt-kVXzIbJfo3fqhCDrgLnB5cE1p2QZ4xNv4AJYpabTBiZDdVgT_QUHSmT84L3rxLgqHmmcKvGTnYp7oXwkneNprAsYlGWBQN39SCISGszKe_JBdiTxbu51UOuKS0Zok3akTxyF0lNyYqHuxxwRGVS64IDNzwhqlFCR2uXaB9j_6iR5LJJM3pJxtBioJ3BEM2crzfJp8HT7hYwOeN8svdTIBtALzmerBiUSpJcdewxTUHPw3eHYFKRrp0jmJ02qS9uZrkBrOPZ21kzS-YbDDpSTAGaQmDPXS2EDSuI5iDA95BOWf7S8tU2pYlHZJBAf9KfUUGVRTQFOhO1yORyivL7rvvL1G0YkQgG1K9otEvHRvGF9V4rX6U7O3cT4MmZsbaS1oAS0Hw_Rg247Is0uKPZc3L6x1FMwE_wQtdkD1pErLu0ZhVUwxPALLWNK0c4Xl9hUQE_v-hW5zph6XKTE0RM-VELLqvAl0GSS8LcH5S3VEaZJs3vzOv4TkngjLPUFu6Se3JUuWYbpBUU69npazwLChMx8lX8JBMyotgJ2E6p0QQAX8i_rpS03EASy6uU?p=GgFDMOvK6asGOiQ0ZjBiM2JiOS1hN2IzLTRiYmEtYjM4Yi04NTdhNDU4MzZlNDdCJDlmNTdhZjYxLTkwZGYtNGQ4My1hMDM2LTg0NDZiNDQyZWU5M0oLd2hpZS13YWxrZXJQ5pwJWMifDWIOZ2pzZW50aW5lbC5jb21qB2Rlc2t0b3CQAQXYAbKO8AGRAoXrUbgehes_qgIMODAuMjU1LjcuMTA56gIRCghncmF5X2ltcBIFZmFsc2U
Title: Do This to Restore 20/20 Vision at Home Naturally20/20 Vision

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/NaJlLjR3vIy70jDsImqjlNUaByHqBDxzWGQN7nRcMQ-8OnBQ3PHAgW98_66V5fErS8Ukgx8dwYv3WqibEGOT9_Qu2ZB5u0EQtZy-rZ643EiQs2kxOSc6m3Z5fYXsIE6gIbD0ExOpw-UG4XZfyWTehKAF7mU6wOrkuguV08d4N9cwZbJcCMbDAzTZUJYvKEAp1KF0YIP0agTABlqXt4eC1mD3JO-2cL6jUkNAnmnqMN9oUzX0UA_XABDdHexK3DrylzkrEZizPO8Og522i_Dp2T8WFvbf6SpMVva8lKXnzKp3kiSnfclqr8lu8KRbAIAH0_vr9GdZi0aPoPreTuH-AXALq68E_Q-ybtjc9qQTrVrWrCanaNi4iPZUZWP0sXjWabvJ4koPe8xeQYtFBXaDulv4edAFz6kffUfwzpLGLKe6JkwNxdx09fqRUyJYykP_iR4WO6yVM4MSRe09Yc0SiR5yNue3TnVDtbhxASF3dT7pRgm275PEV70vQbD3ngrRqbg4zelEWZQv_Ox91yzCH4lH7VtlPtYhiPYIWOi9TjyBXfLHU_6YoSfOmWL2EEP6xwNHEkiAZxvpMXijvjIsweOqegLBsSg?p=GgFDMOvK6asGOiQ0ZjBiM2JiOS1hN2IzLTRiYmEtYjM4Yi04NTdhNDU4MzZlNDdCJDlmNTdhZjYxLTkwZGYtNGQ4My1hMDM2LTg0NDZiNDQyZWU5M0oLd2hpZS13YWxrZXJQ5pwJWMifDWIOZ2pzZW50aW5lbC5jb21qB2Rlc2t0b3CQAQbYAbKO8AGRAoXrUbgehes_qgIMODAuMjU1LjcuMTA56gIRCghncmF5X2ltcBIFZmFsc2U
Title: Too Much Belly Fat? Drink This Before BedHealth Reporting Live

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/3vZlvGAJdXlXcQwC-P9nKuAYKfak_0cRADhMhmrSDqsl2rQeif8M9A4Ad92HgRMP_ygD0C0t7RWyGFbo9ugwXiOi36VY2vH2Bzf57vLVKNYooxAlRczTJCtBiyZwQLr9J2C-2jBZ-QiQKGAGwJM5yJcqaRvxym5uJtGiNDO4PDvZE-Yx9YJfNRPI71z1RVuXwTx_Lidqcde4Tl_IvxDIHF2APLpjCltqeiwaphZ215EzV4D54gIgDMfGQ2uDNrFmvH3kg7TxzUZJJuSIEjsZ4X4hcn9ec-feT4hRNw9wjdcBeLWVQAZRYK2NT1uFB5ftJYtieJAFb5mGq0-E7y3yCxoOP4a2jQ8wMPqxTP7RNn-1jBykrsPZrO-mt-omzAfEJ2qXtOkmxAgMZWJQMqHDNOwtnzTe0TBD_lGzaUZsGV4YfV-bEtq3dJsdr64ojPgCaouJqwP6pUsZ7YhdwXuTpIlqnR1Y_TIM2T2lFZyCO283RM0Bughpbhpbgtq4CND6qwZthwS4sLHlNQxOSuiDOiiTPmnjNGCv_Oj-VorpDZSQ4epln3QO9opbQN3zOa_uSpWdnXVSlENNQhk6pCwJS6qDMQXNhK6qzRhIZ5qBbKiK?p=GgFDMOvK6asGOiQ0ZjBiM2JiOS1hN2IzLTRiYmEtYjM4Yi04NTdhNDU4MzZlNDdCJDlmNTdhZjYxLTkwZGYtNGQ4My1hMDM2LTg0NDZiNDQyZWU5M0oLd2hpZS13YWxrZXJQ5pwJWMifDWIOZ2pzZW50aW5lbC5jb21qB2Rlc2t0b3CQAQfYAbKO8AGRAoXrUbgehes_qgIMODAuMjU1LjcuMTA56gIRCghncmF5X2ltcBIFZmFsc2U
Title: Annalena Baerbock 42, Lebt Jetzt Allein in Land BerlinCars&Yachts;

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/od23b3mu928scAhtB2ugNC8NaIlsae7jSog_iZrjEoZKiRGJalnwF3kr_o0kyeDXqb6hVyMdlioL7qtApUBlCrb66NrjabyobeP7F2LCZqZ_gbldx5LsxyAXryxBkQhCzzQp2u_WBP8OWSTZXRH8mcVubu3S9ZpeSWFOeUrL54vWdU5ctNB38A9jEWJOav0t5xD7NeBupxuYZC416xZgfM0jr08IIQnpM-wdD1yOav62z4JnT1yo4timcyPl7irN1h37NJmwlNJAgIEgrL27IZtZgh3buL8bTjMooIJyfBVcDhV4y00UDP8chB2EwCPNQ1bet95NlFlZrqc-Gws-vF__7NLFjE_EM1diDfhmosPLEl-jtuU1o_2_2QdPSTzi7xQz-mGp0gH8Ja8EQwa-x-G8bUNpWugfGczByraMWdHK4ovZNRsGPhsccsAgpwE5mA1WYuzkY6NGE9A?p=GgFDMOvK6asGOiQ0ZjBiM2JiOS1hN2IzLTRiYmEtYjM4Yi04NTdhNDU4MzZlNDdCJDlmNTdhZjYxLTkwZGYtNGQ4My1hMDM2LTg0NDZiNDQyZWU5M0oLd2hpZS13YWxrZXJQ5pwJWMifDWIOZ2pzZW50aW5lbC5jb21qB2Rlc2t0b3CQAQjYAbKO8AGRAoXrUbgehes_qgIMODAuMjU1LjcuMTA56gIRCghncmF5X2ltcBIFZmFsc2U
Title: Unlock Crypto Trading Profits in Just 60 Minutes!All About Crypto

Search URL Search Domain Scan URL

URL: https://smeagol.revcontent.com/cv/v3/8zNk1l7_5ZYtBy2uji1MBsDD_iFO3gZlFoCeOJQz0bhxeEdvxo1rLRd6nAAPQl6jISonBrslbETu7Ycru6IZB0IqMHunRX_cW50EfCT2AbMe7KImyo56L-dIgO0QU1xLOYlV9LTYBQvAtaCV52s-5IfuGlDSXYnlLIMYZOPhq6bw0vyWIaJI2HmjvaUrGBdJeSsmY2lL9d88Jsd28uGEUlskNmL86liYAOetrrJIGCuLiCdu2J-FDiEI5d9jTh2C_YmTyg2Cm23rlmOrXIHSWPrOZB6ae0jUvXb6T6rWewqYFtfbH1Was3yOCKUfShToE_pZt_Tscyq-Xyqh8TDLrS8hynWrbBRSE_jsYJrqnGFEopIbq9G-Gk39bTtNcLQwAZEqPq-GgaSPiiL9qQ9dR_W1Lj1JRfcwcISh9J_T5EvgbYDxdQtSNd8bLIoZfo9NkDRcCj_SDqs-7hoh8qqg2GaS9W4V?p=GgFDMOvK6asGOiQ0ZjBiM2JiOS1hN2IzLTRiYmEtYjM4Yi04NTdhNDU4MzZlNDdCJDlmNTdhZjYxLTkwZGYtNGQ4My1hMDM2LTg0NDZiNDQyZWU5M0oLd2hpZS13YWxrZXJQ5pwJWMifDWIOZ2pzZW50aW5lbC5jb21qB2Rlc2t0b3CQAQnYAbKO8AGRAoXrUbgehes_qgIMODAuMjU1LjcuMTA56gIRCghncmF5X2ltcBIFZmFsc2U
Title: Kaufen Sie Krypto Sicher Mit Ihrer Debit- Oder Kreditkarte!Paybis

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thedailysentinelgj/
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/DailySentinelGJ/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCKrfArVceDLyHeGhL59hR0w/featured
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gjdailysentinel/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://grand-junction-media.display-pages.com/
Title: Media Kit

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: BLOX Digital

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gjsentinel.com/ HTTP 301
https://www.gjsentinel.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=E0ED15E1695B4C9D9B33F6D484F10872

Request Chain 102

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/E0ED15E1695B4C9D9B33F6D484F10872 HTTP 302
https://sync.1rx.io/usersync/simplifi/E0ED15E1695B4C9D9B33F6D484F10872?zcc=1&cb=1702520171386 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e3ed3fdd-7c1d-41e6-93d1-8b4c4f5609aa-003

Request Chain 103

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=E0ED15E1695B4C9D9B33F6D484F10872&dongle=yf3

Request Chain 104

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=E0ED15E1695B4C9D9B33F6D484F10872

Request Chain 105

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=E0ED15E1695B4C9D9B33F6D484F10872 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=E0ED15E1695B4C9D9B33F6D484F10872

Request Chain 106

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=E0ED15E1695B4C9D9B33F6D484F10872 HTTP 302
https://d.agkn.com/pixel/10751/?che=1702520171440&ip=80.255.7.109&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219023204730000131962 HTTP 302
https://um.simpli.fi/aa_px?sk=219023204730000131962 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 107

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=E0ED15E1695B4C9D9B33F6D484F10872

Request Chain 110

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=E0ED15E1695B4C9D9B33F6D484F10872;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=E0ED15E1695B4C9D9B33F6D484F10872;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=-5240297278840291097

Request Chain 111

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=E0ED15E1695B4C9D9B33F6D484F10872&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=E0ED15E1695B4C9D9B33F6D484F10872&j=0&xl8blockcheck=1

Request Chain 113

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=E0ED15E1695B4C9D9B33F6D484F10872

Request Chain 114

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=E0ED15E1695B4C9D9B33F6D484F10872

Request Chain 115

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=E0ED15E1695B4C9D9B33F6D484F10872

Request Chain 116

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=E0ED15E1695B4C9D9B33F6D484F10872

Request Chain 117

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=E0ED15E1695B4C9D9B33F6D484F10872

Request Chain 118

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1702520170838&cv=7&fst=1702520170838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=258309854&cv=7&fst=1702520170838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=a2V6Zf70DafT9u8PtdOlkA4&sscte=1&crd=&pscrd=IhMIvtad8O2NgwMVp6n9Bx21aQni HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=258309854&cv=7&fst=1702520170838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIvtad8O2NgwMVp6n9Bx21aQni&is_vtc=1&ocp_id=a2V6Zf70DafT9u8PtdOlkA4&cid=CAQSGwAvHhf_XuHnFWJOY8ThZVXQexiNUANiShcnOg&random=274830068 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=258309854&cv=7&fst=1702520170838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIvtad8O2NgwMVp6n9Bx21aQni&is_vtc=1&ocp_id=a2V6Zf70DafT9u8PtdOlkA4&cid=CAQSGwAvHhf_XuHnFWJOY8ThZVXQexiNUANiShcnOg&random=274830068&ipr=y

Request Chain 120

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=E0ED15E1695B4C9D9B33F6D484F10872 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DE0ED15E1695B4C9D9B33F6D484F10872

Request Chain 121

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=E0ED15E1695B4C9D9B33F6D484F10872&expires=365

Request Chain 122

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=E0ED15E1695B4C9D9B33F6D484F10872

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEGNxEkZyJ1N9FRp3zIT37Wc&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E0ED15E1695B4C9D9B33F6D484F10872 HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 211

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAVMAX17SAYq8SiQPRTt_3s&google_cver=1&google_push=AXcoOmQv2HxKe1_eqq7eK2DVPSnzopMtlis4J3ZqfwpWLsZilpIFARQ3Gy14PTNZJ3vpBi6dwQ2dkAbIE0MFpIxXPiLWbSj4DAk HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAVMAX17SAYq8SiQPRTt_3s&google_cver=1&google_push=AXcoOmQv2HxKe1_eqq7eK2DVPSnzopMtlis4J3ZqfwpWLsZilpIFARQ3Gy14PTNZJ3vpBi6dwQ2dkAbIE0MFpIxXPiLWbSj4DAk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjlONTZzWjUxUmRCZ001&google_gid=CAESEAVMAX17SAYq8SiQPRTt_3s&google_cver=1&google_push=AXcoOmQv2HxKe1_eqq7eK2DVPSnzopMtlis4J3ZqfwpWLsZilpIFARQ3Gy14PTNZJ3vpBi6dwQ2dkAbIE0MFpIxXPiLWbSj4DAk

Request Chain 212

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBGwYMlvDy6fvZHKGF-n0Sc&google_cver=1&google_push=AXcoOmSrGy0o1TyIbxe3b0JPC1MZoYY7f_ni0mW76Ms0BoiZ3XBTjRdHqWz4Y7KaZNJ8PnKT12zC2085Frt_uqx0qJumtW2KXE8 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBGwYMlvDy6fvZHKGF-n0Sc&google_cver=1&google_push=AXcoOmSrGy0o1TyIbxe3b0JPC1MZoYY7f_ni0mW76Ms0BoiZ3XBTjRdHqWz4Y7KaZNJ8PnKT12zC2085Frt_uqx0qJumtW2KXE8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE0ODk5NDEwNzE5MzA4MTU0Mg&google_push=AXcoOmSrGy0o1TyIbxe3b0JPC1MZoYY7f_ni0mW76Ms0BoiZ3XBTjRdHqWz4Y7KaZNJ8PnKT12zC2085Frt_uqx0qJumtW2KXE8

Request Chain 213

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOmNE6qpdYfb7AG8u_JuAt0&google_cver=1&google_push=AXcoOmRwfBQppDXtnuH-gCvVqr-VtiJmSjQ3j0RRgpwaNoazzhjSNMJIh-dTGOthv3orOaJX_-m1aZaBkCY4BlFuN5_RyGmN7pk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFE0S0pXSFUtWi01SEM5&google_push=AXcoOmRwfBQppDXtnuH-gCvVqr-VtiJmSjQ3j0RRgpwaNoazzhjSNMJIh-dTGOthv3orOaJX_-m1aZaBkCY4BlFuN5_RyGmN7pk

Request Chain 214

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBJhgFow9eTkF0n-jkVzj3A&google_cver=1&google_push=AXcoOmRU_p9hZ_Fllu55yhBePhDFVH5t3rKN9Vsp4kaCmakOIi44X2rpneBZSAvmiGxNq5V2BmropiERBt4AdddF8xw6BO9hPA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBJhgFow9eTkF0n-jkVzj3A&google_push=AXcoOmRU_p9hZ_Fllu55yhBePhDFVH5t3rKN9Vsp4kaCmakOIi44X2rpneBZSAvmiGxNq5V2BmropiERBt4AdddF8xw6BO9hPA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBJhgFow9eTkF0n-jkVzj3A&google_hm=ZXplbCcKMkYXM8RaAOmoowAACK8AAAAB&google_nid=index&google_push=AXcoOmRU_p9hZ_Fllu55yhBePhDFVH5t3rKN9Vsp4kaCmakOIi44X2rpneBZSAvmiGxNq5V2BmropiERBt4AdddF8xw6BO9hPA

Request Chain 215

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOuM6hS_OppMzVm6R5NRZmU&google_cver=1&google_push=AXcoOmR4IXp8eisbc3m9hOx0Xmu4_U3riXoLkkfsS_XnbSg9IyHEI0b-brHJ7aguJc8325RVyXcsd9zhJzvLcm3oi1OYwd2f5aE HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOuM6hS_OppMzVm6R5NRZmU&google_cver=1&google_push=AXcoOmR4IXp8eisbc3m9hOx0Xmu4_U3riXoLkkfsS_XnbSg9IyHEI0b-brHJ7aguJc8325RVyXcsd9zhJzvLcm3oi1OYwd2f5aE&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR4IXp8eisbc3m9hOx0Xmu4_U3riXoLkkfsS_XnbSg9IyHEI0b-brHJ7aguJc8325RVyXcsd9zhJzvLcm3oi1OYwd2f5aE&google_hm=H0TosGZHju-wM0aDSsKb7Rva

Request Chain 217

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEPJjdn2JoUa7WuWU_DHWTew&google_cver=1&google_push=AXcoOmQ9FHNLwzobHS8HkshNOqnvpExxATQfEc9xkKNmF1f_K6bSDx_mecYlOstzYy-x-8Fcwp0zzFhTwqFhw08HYHDz6NotipA HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-e3ed3fdd-7c1d-41e6-93d1-8b4c4f5609aa-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQ9FHNLwzobHS8HkshNOqnvpExxATQfEc9xkKNmF1f_K6bSDx_mecYlOstzYy-x-8Fcwp0zzFhTwqFhw08HYHDz6NotipA%26google_hm%3DA-PtP918HUHmk9GLTE9WCao HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ9FHNLwzobHS8HkshNOqnvpExxATQfEc9xkKNmF1f_K6bSDx_mecYlOstzYy-x-8Fcwp0zzFhTwqFhw08HYHDz6NotipA&google_hm=A-PtP918HUHmk9GLTE9WCao

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL74p05wqbNI8MTwRD8N-q4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL74p05wqbNI8MTwRD8N-q4&google_cver=1&C=1

Request Chain 221

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXplbCcKMkYXM8RaAOmoowAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL74p05wqbNI8MTwRD8N-q4&google_cver=1

Request Chain 222

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHWgLylaE3ok48pLblhBbE4&google_cver=1

Request Chain 223

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI4OTY0NTkxNzk2Mzc3MDg0NQ%3D%3D

Request Chain 224

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHWNb9qS8cPHV8D74_LApR4&google_cver=1

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEPOyDMsntoJ8obfNkKESqNw&google_cver=1

Request Chain 228

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIJ5upBJznG2pMueik_UEB8&google_cver=1&google_push=AXcoOmTNMTCOm7kZ_-lXMnBjz82cpk0MBoPdy_j1ogJOIx_Q_ZalISXAwkcK9h3ZGE2lc8GXczOWINw2SVxOxRkJ-gt1IcNHGE4e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTNMTCOm7kZ_-lXMnBjz82cpk0MBoPdy_j1ogJOIx_Q_ZalISXAwkcK9h3ZGE2lc8GXczOWINw2SVxOxRkJ-gt1IcNHGE4e&google_hm=GFMfMXjSTs6N27ovwdeEAm0

Request Chain 229

https://ads.travelaudience.com/google_pixel?google_gid=CAESEL5SlNuprzQsLqW14LVmKBM&google_cver=1&google_push=AXcoOmSAJdfsIXgg0T6dOu6WeczUm2KmxVZlUp2yKAwUR9PtkMeuZItroFj8KqnxSfJyqzHaxdQEqeBvnf0o08xEJd9mlLByeBMEPQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=npXtyW6USt8HabSu2-VYvA&google_push=AXcoOmSAJdfsIXgg0T6dOu6WeczUm2KmxVZlUp2yKAwUR9PtkMeuZItroFj8KqnxSfJyqzHaxdQEqeBvnf0o08xEJd9mlLByeBMEPQ

Request Chain 230

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBGwYMlvDy6fvZHKGF-n0Sc&google_cver=1&google_push=AXcoOmTm49VhDTj0v_4YN2PgsIRRKQm5XH1KkN6EgT6-yHUJfZ8osaHj0Xb8atokZBJCcUaculJWBvUAzcSE9EMY93zCX0E3N_Mm HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBGwYMlvDy6fvZHKGF-n0Sc&google_cver=1&google_push=AXcoOmTm49VhDTj0v_4YN2PgsIRRKQm5XH1KkN6EgT6-yHUJfZ8osaHj0Xb8atokZBJCcUaculJWBvUAzcSE9EMY93zCX0E3N_Mm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAxNTQ3MDMzNDAyOTQ5NTQ0Nw&google_push=AXcoOmTm49VhDTj0v_4YN2PgsIRRKQm5XH1KkN6EgT6-yHUJfZ8osaHj0Xb8atokZBJCcUaculJWBvUAzcSE9EMY93zCX0E3N_Mm

Request Chain 231

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOmNE6qpdYfb7AG8u_JuAt0&google_cver=1&google_push=AXcoOmRSLmhnTSY-AfyDKWplkyggBuHtr9kPYZUz_KOQyaLayL391rAmxlcGjZJQ0J0EJUhADYNZZlNsTMOKzIy6nQoMFQ1Nsv9cuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFE0S0pXSzEtMVMtQ0EwQg==&google_push=AXcoOmRSLmhnTSY-AfyDKWplkyggBuHtr9kPYZUz_KOQyaLayL391rAmxlcGjZJQ0J0EJUhADYNZZlNsTMOKzIy6nQoMFQ1Nsv9cuA

Request Chain 232

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBOBlJUL12x0v47dhNcKUnA&google_cver=1&google_push=AXcoOmRV9BIKrdTZ5DM0Ki-kSVhJxZHybFkcWz-ojGsjNaJVPqC2oIx-6bc8XqwHwShCBUsdO0GH4jcgKs1vunk_j6MeSAyh_RiZtQ HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRV9BIKrdTZ5DM0Ki-kSVhJxZHybFkcWz-ojGsjNaJVPqC2oIx-6bc8XqwHwShCBUsdO0GH4jcgKs1vunk_j6MeSAyh_RiZtQ&google_gid=CAESEBOBlJUL12x0v47dhNcKUnA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzMwNTg2MjQ5NDk3MjQ1MzYxMDQ0&google_push=AXcoOmRV9BIKrdTZ5DM0Ki-kSVhJxZHybFkcWz-ojGsjNaJVPqC2oIx-6bc8XqwHwShCBUsdO0GH4jcgKs1vunk_j6MeSAyh_RiZtQ

Request Chain 233

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEE4sYIvnzkqkr8_5dUX3xps&google_cver=1&google_push=AXcoOmROt45osqu_m1h7s56yPUQjzXw3v_GJfmRaxMik8WDHZitfVXjnqU_dN-0_GvZEMAkVxISFgzF-Eu2zQ5voBXjjhGr0r6bvuGc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjI4OTY0NTkxNzk2Mzc3MDg0NQ%3D%3D&google_gid=CAESEE4sYIvnzkqkr8_5dUX3xps&google_cver=1&google_push=AXcoOmROt45osqu_m1h7s56yPUQjzXw3v_GJfmRaxMik8WDHZitfVXjnqU_dN-0_GvZEMAkVxISFgzF-Eu2zQ5voBXjjhGr0r6bvuGc

274 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gjsentinel.com/
Redirect Chain

http://gjsentinel.com/
https://www.gjsentinel.com/

784 KB
96 KB

680ms
233ms

Document
text/html

192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

1cb2a2d8aa15555b90d46a1674b7003ff961e1ed4770b0971f6c90dcc0f3087b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 284
cache-control: public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
content-encoding: gzip
content-length: 96609
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 02:11:24 GMT
etag: W/70bebb26e3f4424beb1f72b433a32d10
last-modified: Thu, 14 Dec 2023 02:11:17 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.72.2; app11; 7.22s; 8.4M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xrds-location: https://www.gjsentinel.com/tncms/xrds/
x-xss-protection: 1; mode=block

Redirect headers

age: 590
cache-control: public, max-age=10
content-encoding: gzip
content-length: 1544
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 02:06:18 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location: https://www.gjsentinel.com/
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.72.2; app4; 0.02s; 1M
x-vcache: HIT
x-xrds-location: https://www.gjsentinel.com/tncms/xrds/
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
35 KB 352ms
74ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 237139
cross-origin-resource-policy: cross-origin
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174fdcf58d8-TXL
expires: Sat, 30 Nov 2024 06:40:59 GMT

GET
H2 200 user.js Show response
www.gjsentinel.com/shared-content/art/tncms/user/ 3 KB
2 KB 228ms
226ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gjsentinel.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:12:26 GMT
content-encoding: gzip
last-modified: Tue, 12 Dec 2023 23:50:47 GMT
x-vcache: HIT
age: 223
etag: W/"6578f1d7-c46"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1437
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 348ms
71ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1017
cross-origin-resource-policy: cross-origin
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174fdd058d8-TXL
expires: Wed, 30 Oct 2024 06:28:09 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 33 KB
13 KB 319ms
42ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 237139
cross-origin-resource-policy: cross-origin
last-modified: Tue, 28 Nov 2023 17:50:06 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6566284e-841f"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174cdb258d8-TXL
expires: Sat, 30 Nov 2024 06:55:29 GMT

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 346ms
69ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1017
cross-origin-resource-policy: cross-origin
last-modified: Mon, 27 Nov 2023 14:35:13 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6564a921-2d77"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174fdd358d8-TXL
expires: Thu, 28 Nov 2024 12:08:48 GMT

GET
H2 200 application.3c64d611e594b45dd35b935162e79d85.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 349ms
73ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.3c64d611e594b45dd35b935162e79d85.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 237139
cross-origin-resource-policy: cross-origin
last-modified: Mon, 27 Nov 2023 14:35:13 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6564a921-1102"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174fdd458d8-TXL
expires: Thu, 28 Nov 2024 10:20:11 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
952 B 344ms
68ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 237139
cross-origin-resource-policy: cross-origin
last-modified: Tue, 28 Nov 2023 17:50:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6566284d-9b8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174fdd158d8-TXL
expires: Fri, 29 Nov 2024 12:34:05 GMT

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 314ms
40ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1018
cross-origin-resource-policy: cross-origin
last-modified: Tue, 28 Nov 2023 17:50:04 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6566284c-1ac2e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174cdaa58d8-TXL
expires: Fri, 29 Nov 2024 08:14:38 GMT

GET
H2 200 layout.9509b461cedc7767649ee83a5b35c177.css
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
28 KB 318ms
44ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.9509b461cedc7767649ee83a5b35c177.css

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2c680964b28dc283f3518e21720cd2f886e7bdb8d2f5b47809ef836c337d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 237139
cross-origin-resource-policy: cross-origin
last-modified: Mon, 27 Nov 2023 14:35:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6564a924-26683"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174cdab58d8-TXL
expires: Wed, 27 Nov 2024 20:01:50 GMT

GET
H2 200 theme-basic.a7351649a9c39f0af7c6d288a87ef140.css
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 41 KB
8 KB 315ms
41ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.a7351649a9c39f0af7c6d288a87ef140.css

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20cb7e97cdd2bd5b3175038e3c8730a3d639c7b951f803d1cd215e662eea50f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 237139
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Nov 2023 15:29:56 GMT
x-vcache: MISS
server: cloudflare
etag: W/"654cfaf4-a317"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174cdac58d8-TXL
expires: Wed, 27 Nov 2024 08:15:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 137ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cabin&family=Roboto+Condensed:wght@400;700&family=Lora:wght@400;600&display=swap

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4445042b22af60d9807b2c1a3cd379bd349aa10dd4b014a179d7bbf721654e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 02:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:16:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 02:16:09 GMT

GET
H2 200 tables.css
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/live/libraries/flex/components/site/resources/styles/ 25 KB
4 KB 311ms
38ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/live/libraries/flex/components/site/resources/styles/tables.css?_dc=1687834124

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce64f356606d13a8e97922a3af94ec24dc9cd583b78c9dce842fe25cd59eb642

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 175389
cross-origin-resource-policy: cross-origin
last-modified: Tue, 27 Jun 2023 02:48:44 GMT
x-vcache: MISS
server: cloudflare
etag: W/"649a4e0c-651a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174cdad58d8-TXL
expires: Thu, 28 Nov 2024 12:08:48 GMT

GET
H2 200 flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 928 B
507 B 312ms
39ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a69ce83f86f2e80772d4e867c6d46d9aac905c7554a9300222eefa80e34c24bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1017
cross-origin-resource-policy: cross-origin
last-modified: Fri, 27 Oct 2023 21:37:41 GMT
x-vcache: MISS
server: cloudflare
etag: W/"653c2da5-3a0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174cdaf58d8-TXL
expires: Fri, 08 Nov 2024 10:35:25 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 308ms
35ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 62830
cross-origin-resource-policy: cross-origin
last-modified: Fri, 13 Oct 2023 13:11:35 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65294207-183e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174cdb058d8-TXL
expires: Wed, 30 Oct 2024 11:31:00 GMT

GET
H2 200 tntslider.61e562ee97efb10698d15f5cee4962dc.css
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
1 KB 310ms
37ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/tntslider.61e562ee97efb10698d15f5cee4962dc.css

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3636b95d15f61f445c9454c7e75a8cd46c8d549a80d0595868280967bfc02d41

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 237139
cross-origin-resource-policy: cross-origin
last-modified: Tue, 28 Nov 2023 17:50:09 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65662851-1411"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174cdb158d8-TXL
expires: Fri, 29 Nov 2024 11:36:54 GMT

GET
H2 200 access.d7adebba498598b0ec2c.js Show response
www.gjsentinel.com/shared-content/art/tncms/api/ 70 KB
29 KB 224ms
222ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gjsentinel.com/shared-content/art/tncms/api/access.d7adebba498598b0ec2c.js
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365

Request headers

Referer: https://www.gjsentinel.com/
Origin: https://www.gjsentinel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:11:11 GMT
content-encoding: gzip
last-modified: Wed, 06 Dec 2023 17:55:11 GMT
x-vcache: HIT
age: 298
etag: W/"6570b57f-1164b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 29242
service-worker-allowed: /

GET
H2 200 tables.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/live/libraries/flex/components/site/resources/scripts/ 604 B
406 B 342ms
70ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/live/libraries/flex/components/site/resources/scripts/tables.js?_dc=1689167183

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6cd99a9385854f92fc620284f506647e1d50ae35c98252bba2cc9ddbefc4efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 175388
cross-origin-resource-policy: cross-origin
last-modified: Wed, 12 Jul 2023 13:06:23 GMT
x-vcache: MISS
server: cloudflare
etag: W/"64aea54f-25c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174fdd758d8-TXL
expires: Tue, 19 Nov 2024 12:20:03 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 182ms
84ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e63dfd72f01c32504b8e4c4732245737ed6ced15af3ff626049afba0b089274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29159
x-xss-protection: 0
server: cafe
etag: 94 / 19705 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 02:16:09 GMT

GET
H2 200 tntslider.963435075b4f73d8d6f71cfdc577ff04.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 22 KB
6 KB 46ms
39ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/tntslider.963435075b4f73d8d6f71cfdc577ff04.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0223bcc696052dd207c54b33d2f057ecbd158ff5c48e7471bd34ec3aef2fde0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 175388
cross-origin-resource-policy: cross-origin
last-modified: Fri, 08 Dec 2023 14:49:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65732cdf-5834"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f175ae5058d8-TXL
expires: Tue, 10 Dec 2024 16:01:26 GMT

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 45ms
38ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1620292
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Nov 2023 15:29:52 GMT
x-vcache: MISS
server: cloudflare
etag: W/"654cfaf0-dbe"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f175ae5158d8-TXL
expires: Sun, 10 Nov 2024 10:23:10 GMT

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 46ms
40ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 237136
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Nov 2023 15:29:52 GMT
x-vcache: MISS
server: cloudflare
etag: W/"654cfaf0-1baf"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f175be5258d8-TXL
expires: Fri, 15 Nov 2024 06:10:34 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 141ms
45ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 22:53:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Dec 2024 22:53:13 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 137ms
41ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:34:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 434476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 01:34:53 GMT

GET
H2 200 messaging.js Show response
www.gjsentinel.com/shared-content/art/tncms/api/ 2 KB
1 KB 135ms
129ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gjsentinel.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:11:04 GMT
content-encoding: gzip
last-modified: Tue, 12 Dec 2023 23:50:47 GMT
x-vcache: HIT
age: 305
etag: W/"6578f1d7-9cb"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=10
accept-ranges: bytes
content-length: 885
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 207 B
279 B 346ms
73ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1017
cross-origin-resource-policy: cross-origin
last-modified: Tue, 28 Nov 2023 17:50:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65662850-cf"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f174fdda58d8-TXL
expires: Fri, 29 Nov 2024 11:36:54 GMT

GET
H2 200 tracking.js Show response
www.gjsentinel.com/shared-content/art/tncms/ 3 KB
1 KB 224ms
223ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gjsentinel.com/shared-content/art/tncms/tracking.js
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:14:00 GMT
content-encoding: gzip
last-modified: Tue, 12 Dec 2023 23:50:47 GMT
x-vcache: HIT
age: 129
etag: W/"6578f1d7-a3a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1157
service-worker-allowed: /

GET
H2 200 fontawesome.568f3d1ab17b33ce05854081baadadac.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 268 KB
98 KB 53ms
47ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.568f3d1ab17b33ce05854081baadadac.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 237136
cross-origin-resource-policy: cross-origin
last-modified: Fri, 27 Oct 2023 21:37:39 GMT
x-vcache: MISS
server: cloudflare
etag: W/"653c2da3-43130"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f175be5458d8-TXL
expires: Fri, 08 Nov 2024 06:15:08 GMT

GET
H2 200 751aec80-1079-013b-a27b-0cc47abd0334 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 150ms
45ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/751aec80-1079-013b-a27b-0cc47abd0334
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 7ad7751f5e19986d9bff127b1137445a8806d2fdf72ab92a3fb835abb07a48b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:09 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F6CREwKXscFKDTm8sjmB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 tracker.js Show response
www.gjsentinel.com/shared-content/art/stats/common/ 9 KB
3 KB 224ms
223ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gjsentinel.com/shared-content/art/stats/common/tracker.js
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:11:11 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 14:44:35 GMT
x-vcache: HIT
age: 298
etag: W/"64b94853-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 b0bfc918-1b22-11ec-a31e-bf36a8e290f0.png
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/custom/image/ 5 KB
5 KB 51ms
49ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/custom/image/b0bfc918-1b22-11ec-a31e-bf36a8e290f0.png

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03ed229ef418ff5a6fccfdf3a767733716d9dc17d9e049c3d6133af11b748ec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 237138
cf-polished: origFmt=png, origSize=6937
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="b0bfc918-1b22-11ec-a31e-bf36a8e290f0.webp"
content-length: 4712
cf-bgj: imgq:85,h2pri
last-modified: Tue, 21 Sep 2021 21:27:14 GMT
server: cloudflare
x-vcache: MISS
etag: "614a4e32-1b19"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8352f1751de858d8-TXL
expires: Sat, 09 Nov 2024 08:36:04 GMT

GET
H2 200 0484fd3a-f4d8-11ed-b9d6-93a72551303d.png
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/custom/image/ 14 KB
14 KB 147ms
145ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/custom/image/0484fd3a-f4d8-11ed-b9d6-93a72551303d.png?resize=400%2C104

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4381203d8413c274ca0e5dbb703bfd17005c7a129a1054026614d3dd927d245

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=21929
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="0484fd3a-f4d8-11ed-b9d6-93a72551303d.webp"
content-length: 14244
cf-bgj: imgq:85,h2pri
last-modified: Wed, 17 May 2023 17:26:54 GMT
server: cloudflare
x-vcache: MISS
etag: "8c18e319c4cc0af90078b9263c1b63f0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8352f1751de958d8-TXL
expires: Thu, 28 Nov 2024 08:26:54 GMT

GET
H/1.1 200
OK /
grandjunctiondailysentinel-co.newsmemory.com/ 39 KB
39 KB 454ms
122ms Image
image/png 146.190.197.191
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://grandjunctiondailysentinel-co.newsmemory.com/?getprima
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 146.190.197.191 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Apache /
Resource Hash: a1aec50c56e8c750ab85dfda36f5446ae314a821b23540e83eb6ef7212c684d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires: Thu, 14 Dec 2023 02:31:10 GMT
Date: Thu, 14 Dec 2023 02:16:10 GMT
Cache-Control: max-age=900,s-maxage=900
Server: Apache
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 970tix.png
www.gjsentinel.com/app/images/ 67 KB
68 KB 137ms
124ms Image
image/png 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gjsentinel.com/app/images/970tix.png
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 76ba3c90c3dc07268f104d8fe8dda3a096c166bb41297b38a14ede941f5280c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:10:42 GMT
last-modified: Fri, 14 Sep 2018 19:29:08 GMT
x-vcache: HIT
age: 326
etag: "5b9c0c04-10df0"
content-type: image/png
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 69104

GET
H2 200 geotix-embed-latest.js Show response
d1wcopahj6rhb7.cloudfront.net/events/prd/ 143 KB
144 KB 160ms
39ms Script
application/javascript 2600:9000:2057:7000:b:7fc4:98c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wcopahj6rhb7.cloudfront.net/events/prd/geotix-embed-latest.js
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:7000:b:7fc4:98c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc24ebd15a3d7fca1f07c4baaf8ac888dd7db205a6b363741050f44bf0d377ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 10:50:08 GMT
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront)
last-modified: Fri, 24 Apr 2020 15:17:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 55562
etag: "e854c0cdb98a241e7e2984b8cd95ea7d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 146577
x-amz-cf-id: QUq7ThidTGSIRTNKOp7jwFte-kBkQX7gGn3rgkrD-kt3NlEEWJ6coQ==

GET
H2 200 evvnt_discovery_plugin-latest.min.js Show response
discovery.evvnt.com/prd/ 417 KB
112 KB 190ms
45ms Script
text/javascript 2600:9000:206f:4200:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4200:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 621040ecb048b1d5cf0682321c055dcfcf72b941cca5228dcee97dc0f856f5c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 18:24:32 GMT
content-encoding: br
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 18:24:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 28299
x-amz-server-side-encryption: AES256
etag: W/"fc8598d7568b5610d65ec2ba310257ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9whz6FMqHJ6CiO_ObJj-WXF6kBy9GUjTgI2nMz4hyFmbn6ITnEeZJw==

GET
H/1.1 200
OK type:300x600 Show response
westerncolorado.jobs/places/widget/js:1/ 254 B
640 B 680ms
168ms Script
text/javascript 62.151.178.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://westerncolorado.jobs/places/widget/js:1/type:300x600
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.178.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv21.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: c192304e1bb17edf7e6e3dd6fd7612fbaabedafdff53ac0299967955c823da2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Dec 2023 02:16:10 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection: close
Content-Length: 208
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 couponmatchup.jpg
www.gjsentinel.com/app/images/ 30 KB
30 KB 138ms
127ms Image
image/jpeg 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gjsentinel.com/app/images/couponmatchup.jpg
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 233909c4dfdd46c81d5bd61532c55533e7a64e761f1951f00ed0c886c2c4511c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:07:28 GMT
last-modified: Tue, 28 Nov 2017 17:17:10 GMT
x-vcache: HIT
age: 521
etag: "5a1d9a16-7903"
content-type: image/jpeg
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 30979

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 161 KB
48 KB 167ms
48ms Script
text/javascript 99.86.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-105.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 28a6827168832144d10572c3da10d3ce930b08edc1f9bba1e9331ca912a7d577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:29:28 GMT
content-encoding: br
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 21:29:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 49299
x-amz-server-side-encryption: AES256
etag: W/"85af42917add33bc55f09ac26a8afdb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -8TkfhvNsxRg4KODoUMq2KbgwM-4V2yVVfDjZtauUPENb9-MJJhcNg==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 143ms
42ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 06:08:18 GMT
Content-Encoding: gzip
Via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 03:37:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 72472
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: sl0J0rJ7cPaB_da7plcaKUadUgQC6DOv7MMWMGqvA2CK7vi29aab0Q==

GET
H2 200 tnt.ads.core.70d412172f30735865838caa3d6f42a0.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 13 KB
5 KB 47ms
37ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.70d412172f30735865838caa3d6f42a0.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a23c44de48fb21cbcd562cdf009d5d3049c6e064dea597c2e00f4539487909d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 237137
cross-origin-resource-policy: cross-origin
last-modified: Tue, 28 Nov 2023 17:50:08 GMT
x-vcache: MISS
server: cloudflare
etag: W/"65662850-35a7"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f175ae4c58d8-TXL
expires: Fri, 29 Nov 2024 11:36:55 GMT

GET
H2 200 size.c64dc99a317e16a5077928a82f18f46d.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 648 B
511 B 48ms
38ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/size.c64dc99a317e16a5077928a82f18f46d.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f8fc372f7f4222cc65412e259edacd394d09bd69cad1687bd5969da2f44399

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 237137
cross-origin-resource-policy: cross-origin
last-modified: Thu, 09 Nov 2023 15:29:53 GMT
x-vcache: MISS
server: cloudflare
etag: W/"654cfaf1-288"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f175ae4d58d8-TXL
expires: Wed, 27 Nov 2024 07:14:24 GMT

GET
H2 200 tnt.poll.aa4a56a35da582e986ed8bbce2004ea4.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/ 4 KB
2 KB 45ms
36ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/editorial/resources/scripts/tnt.poll.aa4a56a35da582e986ed8bbce2004ea4.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6269f3fddbea1fbdbb369f84ac32323fa0251c3bb8f761d1d144713697d8fd48

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 237137
cross-origin-resource-policy: cross-origin
last-modified: Mon, 27 Nov 2023 14:35:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6564a924-f7a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f175ae4e58d8-TXL
expires: Thu, 28 Nov 2024 10:50:53 GMT

GET
H2 200 tnt.regions.b44801b45845a81b995eeaad12f4f276.js Show response
bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 45ms
37ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.b44801b45845a81b995eeaad12f4f276.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 62830
cross-origin-resource-policy: cross-origin
last-modified: Mon, 27 Nov 2023 14:35:13 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6564a921-1021"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f175ae4f58d8-TXL
expires: Thu, 28 Nov 2024 11:47:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 232 KB
78 KB 217ms
120ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

713d06e2e8d22cbd0d5f3674ce152eade7f34b0d09751b588d480e2a1a4352d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79495
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 02:16:10 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 147 KB
56 KB 149ms
54ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3CM464

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17ee66ad7dbe58495263155bfc158093439c3a665ef2ed9197db891bac20cacc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57030
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 02:16:10 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 282 KB
70 KB 170ms
44ms Script
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 01:17:12 GMT
content-encoding: gzip
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
last-modified: Tue, 12 Dec 2023 22:20:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, AMS58-P4
age: 3539
x-amz-server-side-encryption: AES256
etag: W/"d6937d02acbbf691a008906e9d0617e0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: MBGTnCgCog2H2JNQS2rdhtOfNw2dsDMjHG_1yLSBRsRImHzVYiBctQ==

GET
H2 200 load Show response
experience.tinypass.com/xbuilder/experience/ 6 KB
2 KB 163ms
52ms Script
application/javascript 2606:4700::6812:eff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/load?aid=AsmTHs1ipu

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2227a9ff2864ad1b84de42c982d8d74dd78e0141832834717b37ad1ad8c930ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Dec 2023 02:03:12 GMT
server: cloudflare
age: 778
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 8352f1774e2c37e0-FRA
alt-svc: h3=":443"; ma=86400
x-request-id: ch3h37898i
expires: Thu, 14 Dec 2023 02:46:10 GMT

GET
H2 200 tracker.gif
www.gjsentinel.com/shared-content/art/stats/common/ 0
145 B 126ms
126ms Image
image/gif 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gjsentinel.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=170252016985116001200906420799240&tnms_dt=gjsentinel.com%20%7C%20Grand%20Junction%20news%2C%20sports%2C%20entertainment%2C%20shopping%20and%20more.&tnms_upage=1&tnms_do=www.gjsentinel.com&tnms_uri=/&tnms_ref=&rt=1702520169861
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:09 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
fonts.gstatic.com/s/cabin/v27/ 16 KB
17 KB 208ms
98ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cabin/v27/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cabin&family=Roboto+Condensed:wght@400;700&family=Lora:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c72abe1427dd4bb1fb8fda80f15d2232932864b05bba38e816f9885bd877a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gjsentinel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 16:48:50 GMT
x-content-type-options: nosniff
age: 206840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16888
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:14:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 16:48:50 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
51 KB 149ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cabin&family=Roboto+Condensed:wght@400;700&family=Lora:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gjsentinel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:29:10 GMT
x-content-type-options: nosniff
age: 413220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 07:29:10 GMT

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v32/ 35 KB
35 KB 172ms
113ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v32/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Cabin&family=Roboto+Condensed:wght@400;700&family=Lora:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gjsentinel.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 09:16:48 GMT
x-content-type-options: nosniff
age: 147562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35888
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 21:45:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 09:16:48 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 0484fd3a-f4d8-11ed-b9d6-93a72551303d.png
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/custom/image/ 14 KB
14 KB 39ms
36ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/custom/image/0484fd3a-f4d8-11ed-b9d6-93a72551303d.png?resize=400%2C104

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4381203d8413c274ca0e5dbb703bfd17005c7a129a1054026614d3dd927d245

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 1
cf-polished: origFmt=png, origSize=21929
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="0484fd3a-f4d8-11ed-b9d6-93a72551303d.webp"
content-length: 14244
cf-bgj: imgq:85,h2pri
last-modified: Wed, 17 May 2023 17:26:54 GMT
server: cloudflare
x-vcache: MISS
etag: "8c18e319c4cc0af90078b9263c1b63f0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8352f177cfbd58d8-TXL
expires: Thu, 28 Nov 2024 08:26:54 GMT

GET
H2 200 6562b0219d110.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/2/c0/2c067504-8c05-11ee-87c6-9be625a0d686/ 9 KB
9 KB 132ms
130ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/2/c0/2c067504-8c05-11ee-87c6-9be625a0d686/6562b0219d110.image.jpg?resize=200%2C133

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f733fea78bee63c182db7d5c8f53a0bb6b99efd93ab182a5db2bd57fe1a0274f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: degrade=85, origSize=11464, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sun, 26 Nov 2023 02:40:34 GMT
server: cloudflare
x-vcache: MISS
etag: "086e63a2e97aa7e105ce6ecf00410c6f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f177cfbf58d8-TXL
expires: Sat, 30 Nov 2024 08:55:05 GMT

GET
H2 200 655009e7d0929.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/8/2f/82fcda48-80e7-11ee-a40d-7792cf15b0d4/ 8 KB
9 KB 147ms
145ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/8/2f/82fcda48-80e7-11ee-a40d-7792cf15b0d4/655009e7d0929.image.jpg?resize=200%2C133

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c61c83ea50f8a8157e37879feb2dee057a419ed932cc98ea061513a4add88ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=8785, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Nov 2023 23:10:33 GMT
server: cloudflare
x-vcache: MISS
etag: "de7c87b553514ca7f48c17834905ca94"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f177cfc058d8-TXL
expires: Sat, 30 Nov 2024 09:44:36 GMT

GET
H2 200 6545158d9ab12.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/f/cc/fcc4851c-7a5f-11ee-a710-db87e2cc64cf/ 8 KB
8 KB 134ms
133ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/f/cc/fcc4851c-7a5f-11ee-a710-db87e2cc64cf/6545158d9ab12.image.jpg?resize=200%2C143

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a96cff3fb62ac0b734c6c27282f2bf58f8565ec5dd05c1b0c118471d28c14c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: degrade=85, origSize=11041, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 15:45:18 GMT
server: cloudflare
x-vcache: MISS
etag: "2c96c861df57a612ec8f4dda9db9d7d1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f177cfc158d8-TXL
expires: Sat, 30 Nov 2024 12:00:51 GMT

GET
H2 200 65330427a2944.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/0/8f/08ff9954-6f9b-11ee-b6ce-3f968107b252/ 3 KB
3 KB 129ms
128ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/0/8f/08ff9954-6f9b-11ee-b6ce-3f968107b252/65330427a2944.image.jpg?resize=200%2C133

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef954ef14bdf679460c2438c8f89989528da87b1835a32b7d1f835ebe3ff27bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=6493
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65330427a2944.webp"
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:50:16 GMT
server: cloudflare
x-vcache: MISS
etag: "db63192cd8381e9f78f67982bf176f20"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f177cfc258d8-TXL
expires: Sat, 07 Dec 2024 18:04:24 GMT

GET
H2 200 657a1b18a0a26.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/5/ed/5ed72c32-99fa-11ee-98a3-f77f5c1ac1c9/ 3 KB
3 KB 147ms
146ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/5/ed/5ed72c32-99fa-11ee-98a3-f77f5c1ac1c9/657a1b18a0a26.image.jpg?crop=844%2C475%2C0%2C272&resize=200%2C113&order=crop%2Cresize

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09e52212f27a512fb8743569dc39d738fd0e163c7d86b977dd4e92808d46700c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=7153
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="657a1b18a0a26.webp"
content-length: 3194
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Dec 2023 20:59:04 GMT
server: cloudflare
x-vcache: MISS
etag: "0f65b27510d492b447650514694b514a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8352f177cfc358d8-TXL
expires: Thu, 12 Dec 2024 20:59:30 GMT

OPTIONS
H2 200 events
secure.geotix.com/api/widgets/ Frame 0
0 469ms
322ms Preflight 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.geotix.com/api/widgets/events?page=1&per_page=5&active=true&sort=welcome_sort

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-geotix-auth-token,x-traverse-portal-id
Access-Control-Request-Method: GET
Origin: https://www.gjsentinel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: x-geotix-auth-token,x-traverse-portal-id
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8352f1793a1839ce-FRA
date: Thu, 14 Dec 2023 02:16:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOTTC0by9XmnTGnvag%2B1HX8SWWHMnohUU8ls%2FHMH36CMVO%2BrAR7ieqgtEdnU%2B%2FjB%2Br2Qg7ZES5JQSXGY40GSFZENN4gvKDnRCTsDAKKOFUM7ptsTsenMsz3AQWgT2ZmlKhljbQzMC14X0Wd2YlJWmA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff

GET
H2 200 events Show response
secure.geotix.com/api/widgets/ 53 KB
6 KB 229ms
227ms Fetch
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.geotix.com/api/widgets/events?page=1&per_page=5&active=true&sort=welcome_sort

Requested by

Host: d1wcopahj6rhb7.cloudfront.net
URL: https://d1wcopahj6rhb7.cloudfront.net/events/prd/geotix-embed-latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e9b0c673754536ff2a6976b86d59ca0fb443c317ffe2c9e767a9dbc14560b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
X-Geotix-Auth-Token: 6cabda9907d113ad7735611fafef02a0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
X-Traverse-Portal-ID: 48

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 226490a2-1f2e-4ea1-9308-bbdd74fccd14
x-runtime: 0.088932
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"9e9b0c673754536ff2a6976b86d59ca0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zrf3kI4nPUmOQmwQZsmLN4Nu18QPxT%2Bb75ILnec5LPu%2F6JE2uZu%2FCILaJW5WpgcWRyahU6yz7%2FZ5yBIcqXFFaphzZltrD93XiNtsicP7kZFmlpON%2FNGs%2BBx2ByDfKLRnjrWmZy43dMU5VwcC5YkbRw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
cf-ray: 8352f17b3b5439ce-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
432 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 13:14:16 GMT
x-content-type-options: nosniff
age: 46914
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 441821
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 12 Dec 2024 13:14:16 GMT

GET
H2 200 tinypass.min.js Show response
cdn.tinypass.com/api/ 385 KB
114 KB 82ms
58ms Script
application/javascript 2606:4700::6812:eff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.tinypass.com/api/tinypass.min.js

Requested by

Host: experience.tinypass.com
URL: https://experience.tinypass.com/xbuilder/experience/load?aid=AsmTHs1ipu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:eff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b27170653bb14a6d15c3d4c584b3e49be618baf2717d8129c32b16744d755e36

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
x-amz-version-id: SiBQ_lDrk0m7FZmRug3K92I2RSbGXwgv
content-encoding: br
cf-cache-status: HIT
strict-transport-security: max-age=86400; includeSubDomains
x-amz-request-id: TJ5T4GY0NQDHEM5G
age: 8544
x-amz-server-side-encryption: AES256
x-amz-replication-status: REPLICA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: uCC1t+yka4AEpgtE6nVF9qf7wZxss2e6tToWHsYKN27AieSayClpoiYwKvqL2mgQ9/5gmCAKn4U=
last-modified: Mon, 11 Dec 2023 12:24:15 GMT
server: cloudflare
etag: W/"44d5416f388dff1076e4bf63443067c8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8352f1791f3437e0-FRA
expires: Thu, 14 Dec 2023 06:16:10 GMT

GET
H2 200 50040495-0c55-4949-8e68-6573435333b6 Show response
config.aps.amazon-adsystem.com/configs/ 746 B
1011 B 148ms
39ms Script
application/javascript 99.86.4.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/50040495-0c55-4949-8e68-6573435333b6
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-71.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: ee4d2b8a9ee67265359f1784737b66cbe22637f133115672f1fb0a101bd0638a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 01:21:57 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 3253
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 746
x-amz-cf-id: 0ImTaMuBXDrOto0iXExHZAnRY8s25Uv-GhFGUh33r9L-whNeIwvoOA==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
312 B 40ms
40ms XHR
text/plain 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.gjsentinel.com&pubid=50040495-0c55-4949-8e68-6573435333b6
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 23:13:01 GMT
via: 1.1 0f98b23785e0aac311e2d09ea5460eb8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
age: 10989
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.gjsentinel.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: _28vOxAmlngCAnSKpExNQC9Y34ghs-efPPMHamFzxWsUSkocUtyN-w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 140ms
37ms XHR
application/javascript 18.239.69.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-131.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding: gzip
via: 1.1 d419ac9a83ef724c262c5f07f9b5a8da.cloudfront.net (CloudFront)
date: Wed, 13 Dec 2023 03:00:05 GMT
x-amz-cf-pop: AMS58-P4
age: 83766
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 29 Aug 2023 08:30:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: jaSLG_BA5cPhnuZMjYz-cZXW1TxBCxAjDHU4uRkJCxa9pSS0QP3mEQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 137ms
39ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3CM464

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 01:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1676
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 14 Dec 2023 03:48:14 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 88 KB
27 KB 236ms
46ms Script
application/javascript 23.15.178.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.15.178.153 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-15-178-153.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6d033b313c1c644e3e4047eba594243000c50732aac9bd039ae122fed1a083d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: XEPgDAsFeqdWfUKVbdKMKuwWk_Gl8E.Z
content-encoding: br
date: Thu, 14 Dec 2023 02:16:10 GMT
last-modified: Tue, 12 Dec 2023 13:09:15 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
x-amz-server-side-encryption: AES256
etag: W/"8d3493123de18847c55fd53bbdd60b15"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: rq9YG9gGt56DyRxrTvnkONflwozEjjQ5JR9gauZsqdklzTTogE5VDA==
content-length: 27149
expires: Thu, 14 Dec 2023 10:16:10 GMT

GET
H2 200 6578b2375f8a0.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/6/37/637931f2-fa23-57fb-b8c4-6345e1d00dfd/ 16 KB
16 KB 138ms
136ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/6/37/637931f2-fa23-57fb-b8c4-6345e1d00dfd/6578b2375f8a0.image.jpg?crop=1662%2C935%2C0%2C156&resize=400%2C225&order=crop%2Cresize

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9e9aa1ecb8354dde08cb0da6d8210c8ea59bdfea96eb99f753f86da8c964b80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=16708, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Tue, 12 Dec 2023 19:19:20 GMT
server: cloudflare
x-vcache: MISS
etag: "c71000e00555b0d8cec324ae177a817f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f179691858d8-TXL
expires: Thu, 12 Dec 2024 15:48:36 GMT

GET
H2 200 6578ebac0ec60.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/9/83/9836e0ae-9945-11ee-9ac2-0b78a964baf1/ 71 KB
72 KB 157ms
155ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/9/83/9836e0ae-9945-11ee-9ac2-0b78a964baf1/6578ebac0ec60.image.jpg?crop=1765%2C993%2C0%2C91&resize=1035%2C582&order=crop%2Cresize

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a775090e6faed2937b467044015451f81393e0275a1bb0e484432cbba132b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=80280
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6578ebac0ec60.webp"
cf-bgj: imgq:85,h2pri
last-modified: Tue, 12 Dec 2023 23:24:29 GMT
server: cloudflare
x-vcache: MISS
etag: "3fc0d14250f46c4e059f3a9f262bcd3c"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f179691958d8-TXL
expires: Thu, 12 Dec 2024 07:52:39 GMT

GET
H2 200 publisher_settings Show response
discoverevvnt.com/api/publisher/gjsentinel.com/ 6 KB
2 KB 301ms
139ms Fetch
application/json 2600:9000:2156:4a00:3:1a27:3000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discoverevvnt.com/api/publisher/gjsentinel.com/publisher_settings
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4a00:3:1a27:3000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 695ab076343acfdc35a7d6257e5ee70215d2a9479a1a597335a02feccba94b71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:15:49 GMT
content-encoding: gzip
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
age: 21
etag: "ojemqpl6884d9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
x-amz-cf-id: On7M7_6gWEA0u7OJf1B0bBMz3b_5WhLW3ajU12DNuLtLxcjs21qzdg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 180 KB
64 KB 72ms
54ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5fd91d5e878d804e2bc02ba3a3a3560b1aae4e15922f39ea59b0b77c7b872d8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65175
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 02:16:10 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
70 KB 79ms
68ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5806fa88e7b448822483efaf6166b627a098c5347e0199fc578513843eb77535

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71062
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 02:16:10 GMT

GET
H/1.1 200
OK cx.cce.js Show response
cdn.cxense.com/ 23 KB
6 KB 147ms
43ms Script
application/x-javascript 2a02:26f0:480:b94::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.cce.js
Requested by: Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b94::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 02:16:10 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Dec 2023 11:02:02 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6055
Expires: Thu, 14 Dec 2023 03:16:10 GMT

POST
H2 200 execute Show response
c2.piano.io/xbuilder/experience/ 1 KB
1 KB 244ms
147ms XHR
application/json 2606:4700::6811:c276
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c2.piano.io/xbuilder/experience/execute?aid=AsmTHs1ipu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c276 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5b3e974431fd43b5b7cc2c34b29f45b52f817a2d60c5c97a9559e2f6a152d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400
x-request-id: 6c65oplxqf
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.gjsentinel.com
access-control-expose-headers: Composer-Request-Control-Policy
cache-control: no-cache, no-store
access-control-allow-credentials: true
cf-ray: 8352f17acb9b18ed-FRA

GET
H/1.1 200
OK type:300x600 Show response
westerncolorado.jobs/places/widget/widget:1/ Frame 336D 14 KB
4 KB 466ms
167ms Document
text/html 62.151.178.57
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to

Full URL: https://westerncolorado.jobs/places/widget/widget:1/type:300x600
Requested by: Host: westerncolorado.jobs
URL: https://westerncolorado.jobs/places/widget/js:1/type:300x600
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.151.178.57 , Spain, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),
Reverse DNS: cldsrv21.wehaaserver.com
Software: Apache / PleskLin
Resource Hash: cd58cf4df517cdb850afc9a03e16fa034e0fbc7d50ef96d474da4dbbef4e8057

Request headers

Referer: https://www.gjsentinel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
Connection: close
Content-Encoding: gzip
Content-Length: 3839
Content-Type: text/html
Date: Thu, 14 Dec 2023 02:16:11 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
X-Powered-By: PleskLin

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 222 KB
67 KB 336ms
42ms Script
application/javascript 23.211.9.91
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.211.9.91 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-211-9-91.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
content-encoding: gzip
last-modified: Sat, 29 Apr 2023 00:25:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=35285
accept-ranges: bytes
content-length: 68444
expires: Thu, 14 Dec 2023 12:04:15 GMT

GET
H2 200 653a9b7201c48.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/5/39/5394a72c-7421-11ee-bd06-fbd3b87db923/ 48 KB
49 KB 152ms
151ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/5/39/5394a72c-7421-11ee-bd06-fbd3b87db923/653a9b7201c48.image.jpg?resize=750%2C500

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d085ba61f30ed4042ae8acf4d18a0f58342734926ecb174b8ecc45ceedac201

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=55084
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="653a9b7201c48.webp"
cf-bgj: imgq:85,h2pri
last-modified: Thu, 26 Oct 2023 17:01:38 GMT
server: cloudflare
x-vcache: MISS
etag: "bedad6db4dd555b00b8b0c8601abfdd6"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f17aea3558d8-TXL
expires: Thu, 12 Dec 2024 15:46:31 GMT

GET
H2 200 ae29462a-4bcd-11ed-9d55-673f925f5562.png
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/custom/image/ 52 KB
52 KB 127ms
127ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/custom/image/ae29462a-4bcd-11ed-9d55-673f925f5562.png?resize=300%2C200

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d84000e64757e83eb9128120323cb92d071cf12b5746e3e1888302cec98d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=93006
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="ae29462a-4bcd-11ed-9d55-673f925f5562.webp"
cf-bgj: imgq:85,h2pri
last-modified: Fri, 14 Oct 2022 14:37:09 GMT
server: cloudflare
x-vcache: MISS
etag: "e2ddf5da90b1b46b43cb1334fe3f23bc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f17aea3658d8-TXL
expires: Wed, 27 Nov 2024 06:16:56 GMT

GET
H2 200 751aec80-1079-013b-a27b-0cc47abd0334 Show response
tag.simpli.fi/sifitag/ 3 KB
1 KB 46ms
44ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/751aec80-1079-013b-a27b-0cc47abd0334
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 7ad7751f5e19986d9bff127b1137445a8806d2fdf72ab92a3fb835abb07a48b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:10 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F6CREy9UFXXHLS7FKuWB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 40ms
39ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Wed, 13 Dec 2023 06:08:18 GMT
Content-Encoding: gzip
Via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Nov 2023 03:37:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 72473
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: XR443DdHtI0_Br-LQGKPnIBrSaxyNoOaZl_QmL6Z9DEUho3DZK60gg==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
64 KB 54ms
54ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed2c1133b9d2a0c6f1f1eab4256ee4b80cb68ddb63d8184dd442af652f105b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65415
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 02:16:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 48ms
46ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1852882027&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gjsentinel.com%2F&ul=en-us&de=UTF-8&dt=gjsentinel.com%20%7C%20Grand%20Junction%20news%2C%20sports%2C%20entertainment%2C%20shopping%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1521595670&gjid=1509835226&cid=1625540659.1702520171&tid=UA-10781387-5&_gid=997835911.1702520171&_r=1&_slc=1&gtm=45He3bt0n81T3CM464v842073902&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=916191001

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gjsentinel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
441 B 311ms
85ms XHR
application/json 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.gjsentinel.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 108 KB
29 KB 233ms
47ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dac08fd3eb7d2adf333d36ea5e35d4f4dc25c7dd705cbf99682707b2d95f9031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: v4gxLFp6LN_bb5C9d7c7Yd6l6kCPxU1z
content-encoding: br
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
date: Thu, 14 Dec 2023 02:16:06 GMT
x-amz-cf-pop: FRA6-C1
age: 5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 05 Dec 2023 14:57:24 GMT
server: AmazonS3
etag: W/"b2b7a401bd4f0de0145925b43c4e7c21"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: G6IEdOCEbxpZ03hzhRt14PKseVbDcVEHlxEznk3lu6XSZD3Ac1YGqQ==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 218ms
48ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10781387-5&cid=1625540659.1702520171&jid=1521595670&gjid=1509835226&_gid=997835911.1702520171&_u=YEBAAEAAAAAAACAAI~&z=1055632251

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 14 Dec 2023 02:16:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gjsentinel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ 111 KB
37 KB 49ms
49ms Script
application/x-javascript 2a02:26f0:480:b94::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b94::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 76dabf55e3078e74adefdc33f8b6eff8bb3a6213dc75b9770a66d5a2efaafd50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 02:16:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 13:41:18 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37050
Expires: Thu, 14 Dec 2023 03:16:10 GMT

GET
H2 200 p Show response
i.simpli.fi/ 798 B
759 B 52ms
44ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=387739&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/751aec80-1079-013b-a27b-0cc47abd0334
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 7ece6606590dba90d226adfe4db265b385c96faaaa88ac3c3c937165e260ca56

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:10 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 126 B
222 B 348ms
186ms Script
application/javascript 2.17.22.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=14611350&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwww.gjsentinel.com%2F&channel_type=code&jsonp=__bwn4p0zy5wi
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.22.169 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-22-169.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f61480e1ee75ee65101133067f315d9a4f4836bc0e1a5b71d58d961a5b1f009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
content-length: 126
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8

GET
H2 200 1bd5d34e3cb4c76be920.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 71 KB
24 KB 49ms
47ms Script
text/javascript 2600:9000:206f:4200:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/1bd5d34e3cb4c76be920.discovery_plugin.chunk.js
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4200:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0bc803ded3eb30a6da6c3a037589f7554a759eb01357fe52de1adc19193d87b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 18:26:35 GMT
content-encoding: gzip
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 18:24:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 28176
x-amz-server-side-encryption: AES256
etag: W/"ab6c7c6a4c0562bc0790dbbc1880e29c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: mj8BqAZJc1mDUDzYkanxRHEFm_yzu5aDAjsrSiL4LkrXRze1jtFP1g==

GET
H2 200 102b8ac53268adcfb885.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 33 KB
11 KB 43ms
42ms Script
text/javascript 2600:9000:206f:4200:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/102b8ac53268adcfb885.discovery_plugin.chunk.js
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4200:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c38bf988d59121b62651de3e48838074619237e8f60b687ae168bc4731288236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 18:25:23 GMT
content-encoding: gzip
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 18:24:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 28248
x-amz-server-side-encryption: AES256
etag: W/"99981250b41b3638f64b0d3d06923bda"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: hrGX_qBhv-dKnn4HUewzwGqP6-80t4rFeRW00ONo7jQBKxodXBboaQ==

GET
H2 200 0929905f7e164adb8d14.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 20 KB
6 KB 51ms
50ms Script
text/javascript 2600:9000:206f:4200:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/0929905f7e164adb8d14.discovery_plugin.chunk.js
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4200:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90a59e503621a65095f5a3b9d621a3049a3546c0ede1fb6669ed9ad2c822136b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 18:25:23 GMT
content-encoding: br
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 18:24:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 28248
x-amz-server-side-encryption: AES256
etag: W/"0cc4fdff4e1c83648add1e4bfa9793f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KUxPDJr-O9vf1LYrIqpifXWL6kvbi1FaJbBrb_6Ve_ZUuL1WR4ijlg==

GET
H2 200 3be8626ebaa6bbcb581e.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 17 KB
7 KB 44ms
43ms Script
text/javascript 2600:9000:206f:4200:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/3be8626ebaa6bbcb581e.discovery_plugin.chunk.js
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4200:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef477d43235d65e89f344f4ec4b4273106cd9abf3b8f5d58fe6f56575fa2765

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 18:25:23 GMT
content-encoding: gzip
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 18:24:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 28248
x-amz-server-side-encryption: AES256
etag: W/"91d911e8ac408372b6fa4ac3ea77aae9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: PwRF_chcQCFB-7QTHoRZN2FtUHZsSzIvU2BJzXH5X1v0pFbdfORruQ==

GET
H2 200 beb69de226c3d9d65ade.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 6 KB
3 KB 44ms
44ms Script
text/javascript 2600:9000:206f:4200:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/beb69de226c3d9d65ade.discovery_plugin.chunk.js
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4200:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46820d3a6333e4326b3b6225dc17fcbe5c1d8368f9cb17c2b0a3639ff9d170cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 07:29:04 GMT
content-encoding: gzip
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 18:24:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 67627
etag: W/"284ce3fbb9e1ba594a7d312b19134fbf"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9MqX9e9WraGoJ4ghvpE_pP_XAB9ZV5_6wTwlSl3ZpdHXEI9dCtW5ow==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 256 KB
87 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c68f34ba0f5fcdeb6f102fe90015d3c83c79cbc8b072da1e64a76fe662766c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 02:16:10 GMT

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
463 B 251ms
142ms XHR
text/javascript 18.239.64.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.gjsentinel.com%2F&pid=AVfWYvWDvi0l8&cb=0&ws=1600x1200&v=23.1211.1645&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1103059%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%22%2F26313543%2Fgjsentinel.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-1103118%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F26313543%2Fgjsentinel.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-1103084%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F26313543%2Fgjsentinel.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-1103090%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F26313543%2Fgjsentinel.com%2Fhomepage%22%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&pubid=50040495-0c55-4949-8e68-6573435333b6&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.64.29 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-64-29.ams58.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 58fc6cf05625e5ee74a288151d13c370.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS58-P4
x-amz-rid: BJ02Q5QK48HGZESDEB8Z
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.gjsentinel.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: A_iiv3uaN8u2ep5KJMtb3JAq9LM3ua2pIYwG-cK1fe9ce0LN3HMibQ==

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 289 KB
94 KB 68ms
67ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-6QG1NXGVPL&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d45ad5ac19e20742389c7b1aedbed931490285a04c4e7c2be3a559c3b7d4c3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 02:16:11 GMT

GET
H/1.1 200
OK retina_thumb_0b11e274-710d-4d8d-922e-50cb077a2262.jpg
s3.amazonaws.com/geotix-production-uploads/uploads/ 20 KB
21 KB 397ms
136ms Image
image/jpeg 52.216.113.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/geotix-production-uploads/uploads/retina_thumb_0b11e274-710d-4d8d-922e-50cb077a2262.jpg
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.113.213 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d4cd30d3787897a46dcfe8242464807424a2ccf67d705e4cac3a7d377d3b5d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 02:16:12 GMT
Last-Modified: Thu, 14 Sep 2023 22:18:35 GMT
Server: AmazonS3
x-amz-request-id: WZ684C1SN714JH0R
ETag: "5cc3d59ae1b711dbf39a65668d5edf44"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 20932
x-amz-id-2: 6pcC9sexrBmgZpZfEpq1zvZI/Ty9B7PjFNtCXga3itSUeJHLaQHgBLk4cQSljc89YeWOR/ykOmY=

GET
H/1.1 200
OK retina_thumb_46e85218-051d-4ddc-9cbd-ddf2616871f4.jpg
s3.amazonaws.com/geotix-production-uploads/uploads/ 9 KB
9 KB 399ms
138ms Image
image/jpeg 52.216.113.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/geotix-production-uploads/uploads/retina_thumb_46e85218-051d-4ddc-9cbd-ddf2616871f4.jpg
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.113.213 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: db6d6d47686d811bc35d2047e0d2f83ce89e07f82543798e85bf26003411d40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 02:16:12 GMT
Last-Modified: Wed, 29 Nov 2023 18:13:00 GMT
Server: AmazonS3
x-amz-request-id: WZ6EZKJWHEF2WDD1
ETag: "ea0f8f6dd4a249f7435524b6b065c42b"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 9009
x-amz-id-2: wG6ImK9y+x6C/ecS3TbMMVlHuBUhT/6MXYDjER54kCkkh7pmZII+i11KhdlUw3bu4xJcu40g00Q=

GET
DATA 200
OK truncated
/ 113 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a86407458ab26df1130208f721d34e85196b93257d6b8ae69d867a45f6e16e3a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=E0ED15E1695B4C9D9B33F6D484F10872

0
237 B

156ms
52ms

Image
text/plain

2600:9000:211e:1200:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=E0ED15E1695B4C9D9B33F6D484F10872
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Server: 2600:9000:211e:1200:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
cache-control: no-cache, must-revalidate
via: 1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: sK7MxMfJ83ve-a0aasJJ-1o3i8AZxJmRXyYWKdQDWiPC7HVx64YhIA==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=E0ED15E1695B4C9D9B33F6D484F10872
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H2

200

RX-e3ed3fdd-7c1d-41e6-93d1-8b4c4f5609aa-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/E0ED15E1695B4C9D9B33F6D484F10872
https://sync.1rx.io/usersync/simplifi/E0ED15E1695B4C9D9B33F6D484F10872?zcc=1&cb=1702520171386
https://sync.targeting.unrulymedia.com/csync/RX-e3ed3fdd-7c1d-41e6-93d1-8b4c4f5609aa-003

43 B
378 B

158ms
44ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-e3ed3fdd-7c1d-41e6-93d1-8b4c4f5609aa-003
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-e3ed3fdd-7c1d-41e6-93d1-8b4c4f5609aa-003
pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=E0ED15E1695B4C9D9B33F6D484F10872&dongle=yf3

37 B
140 B

143ms
41ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=E0ED15E1695B4C9D9B33F6D484F10872&dongle=yf3
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=E0ED15E1695B4C9D9B33F6D484F10872&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=E0ED15E1695B4C9D9B33F6D484F10872

43 B
175 B

405ms
119ms

Image
image/gif

2600:1f18:612b:4264:4b11:4b0e:f335:7576
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=E0ED15E1695B4C9D9B33F6D484F10872
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Server: 2600:1f18:612b:4264:4b11:4b0e:f335:7576 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 14 Dec 2023 02:16:11 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=E0ED15E1695B4C9D9B33F6D484F10872
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=E0ED15E1695B4C9D9B33F6D484F10872
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=E0ED15E1695B4C9D9B33F6D484F10872

95 B
425 B

51ms
50ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=E0ED15E1695B4C9D9B33F6D484F10872

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=E0ED15E1695B4C9D9B33F6D484F10872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=E0ED15E1695B4C9D9B33F6D484F10872
https://d.agkn.com/pixel/10751/?che=1702520171440&ip=80.255.7.109&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219023204730000131962
https://um.simpli.fi/aa_px?sk=219023204730000131962
https://um.simpli.fi/empty.gif

43 B
361 B

43ms
43ms

Image
image/gif

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=E0ED15E1695B4C9D9B33F6D484F10872

0
0

141ms
39ms

Image
text/html

18.245.60.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=E0ED15E1695B4C9D9B33F6D484F10872
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Server: 18.245.60.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-44.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=E0ED15E1695B4C9D9B33F6D484F10872
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 74ms
60ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 75ms
61ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H2

451

400646.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=E0ED15E1695B4C9D9B33F6D484F10872;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=E0ED15E1695B4C9D9B33F6D484F10872;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=-5240297278840291097

0
42 B

49ms
48ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=-5240297278840291097
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://idsync.rlcdn.com/400646.gif?partner_uid=-5240297278840291097
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=E0ED15E1695B4C9D9B33F6D484F10872&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=E0ED15E1695B4C9D9B33F6D484F10872&j=0&xl8blockcheck=1

0
767 B

46ms
46ms

Image
text/plain

18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=E0ED15E1695B4C9D9B33F6D484F10872&j=0&xl8blockcheck=1
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=E0ED15E1695B4C9D9B33F6D484F10872&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 93ms
80ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=E0ED15E1695B4C9D9B33F6D484F10872

0
421 B

527ms
117ms

Image
text/plain

52.55.140.111
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=E0ED15E1695B4C9D9B33F6D484F10872
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: HTTP/1.1
Server: 52.55.140.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-55-140-111.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 14 Dec 2023 02:16:11 GMT

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=E0ED15E1695B4C9D9B33F6D484F10872
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=E0ED15E1695B4C9D9B33F6D484F10872

62 B
446 B

343ms
190ms

Image
image/gif

2.18.97.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=E0ED15E1695B4C9D9B33F6D484F10872
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Server: 2.18.97.171 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 14 Dec 2023 02:16:11 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=E0ED15E1695B4C9D9B33F6D484F10872
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H2

404

tpid=E0ED15E1695B4C9D9B33F6D484F10872
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=E0ED15E1695B4C9D9B33F6D484F10872

49 B
265 B

197ms
60ms

Image
image/gif

63.32.253.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=E0ED15E1695B4C9D9B33F6D484F10872
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Server: 63.32.253.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-253-3.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.80
content-length: 49
expires: 0

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=E0ED15E1695B4C9D9B33F6D484F10872
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=E0ED15E1695B4C9D9B33F6D484F10872

0
311 B

174ms
51ms

Image
text/plain

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=E0ED15E1695B4C9D9B33F6D484F10872
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Thu, 14 Dec 2023 02:16:11 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=E0ED15E1695B4C9D9B33F6D484F10872
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=E0ED15E1695B4C9D9B33F6D484F10872

0
98 B

159ms
49ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=E0ED15E1695B4C9D9B33F6D484F10872
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=E0ED15E1695B4C9D9B33F6D484F10872
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1702520170838&cv=7&fst=1702520170838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=258309854&cv=7&fst=1702520170838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=a...
https://www.google.com/pagead/1p-conversion/1026675585/?random=258309854&cv=7&fst=1702520170838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIvtad8O...
https://www.google.de/pagead/1p-conversion/1026675585/?random=258309854&cv=7&fst=1702520170838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIvtad8O2...

42 B
154 B

65ms
64ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=258309854&cv=7&fst=1702520170838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIvtad8O2NgwMVp6n9Bx21aQni&is_vtc=1&ocp_id=a2V6Zf70DafT9u8PtdOlkA4&cid=CAQSGwAvHhf_XuHnFWJOY8ThZVXQexiNUANiShcnOg&random=274830068&ipr=y

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=258309854&cv=7&fst=1702520170838&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIvtad8O2NgwMVp6n9Bx21aQni&is_vtc=1&ocp_id=a2V6Zf70DafT9u8PtdOlkA4&cid=CAQSGwAvHhf_XuHnFWJOY8ThZVXQexiNUANiShcnOg&random=274830068&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 95ms
84ms Image
text/plain 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=E0ED15E1695B4C9D9B33F6D484F10872
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DE0ED15E1695B4C9D9B33F6D484F10872

43 B
897 B

50ms
50ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DE0ED15E1695B4C9D9B33F6D484F10872

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
an-x-request-uuid: c57a9172-bd9f-4481-b7e9-b9cc56dc3735
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.7.109; 80.255.7.109; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
an-x-request-uuid: 1b751017-22a3-444d-9c53-804e10eb878e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DE0ED15E1695B4C9D9B33F6D484F10872
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.109; 80.255.7.109; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=E0ED15E1695B4C9D9B33F6D484F10872&expires=365

0
239 B

203ms
40ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=E0ED15E1695B4C9D9B33F6D484F10872&expires=365
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=E0ED15E1695B4C9D9B33F6D484F10872&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=E0ED15E1695B4C9D9B33F6D484F10872

43 B
264 B

144ms
48ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=E0ED15E1695B4C9D9B33F6D484F10872
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=E0ED15E1695B4C9D9B33F6D484F10872
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 13 Dec 2023 02:16:11 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEGNxEkZyJ1N9FRp3zIT37Wc&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E0ED15E1695B4C9D9B33F6D484F10872
https://um.simpli.fi/g_match?id=

0
320 B

43ms
43ms

Image
text/plain

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 13 Dec 2023 02:16:11 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widget_events Show response
discoverevvnt.com/api/publisher/6701/ 13 KB
3 KB 50ms
45ms Fetch
application/json 2600:9000:2156:4a00:3:1a27:3000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discoverevvnt.com/api/publisher/6701/widget_events?hitsPerPage=15&multipleEventInstances=true&publisher_id=6701&widgetNumber=3
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4a00:3:1a27:3000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 17b2edbe55f03492a581e8612da68f8c930149435d7729e88513bd6c5923a5c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:07:18 GMT
content-encoding: gzip
via: 1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
age: 533
etag: "12od2a9jxsragd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=900, stale-while-revalidate=900
x-amz-cf-id: ulcy8_GXLlPa54BKprUALyUbduhXjSEUtXF0KystbOOQEf1NdmlaMA==

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 168 KB
61 KB 61ms
59ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDMH9T6&gtm_auth=QzlUjhMy0COR5MgCC_1Cyw&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7f948a6f367fea813a01538b510eb30dd5f587630f7ed999f5136d2f567c82b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62189
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4e1251346db872331a84.powered_by_evvnt.png
discovery.evvnt.com/prd/images/ 17 KB
17 KB 52ms
51ms Image
image/png 2600:9000:206f:4200:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discovery.evvnt.com/prd/images/4e1251346db872331a84.powered_by_evvnt.png
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:206f:4200:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37d44df61428260da98324576010ebd04c0d5a1ce6774bbed15bbfbdfc141a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 22:09:23 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 14808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17440
last-modified: Mon, 11 Dec 2023 18:24:15 GMT
server: AmazonS3
etag: "097fd79365bc9c17a0b1ec1596d8c8b7"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age= 31536000
accept-ranges: bytes
x-amz-cf-id: ZH3Mvy19Am2dU9RVHQ4gt15qGcsFD2BylGahfMmHMthpwZsQlN_IPw==

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
370 B 197ms
83ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.gjsentinel.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 4 KB
1 KB 122ms
39ms Fetch
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 8wBdC1fvjthSTrFspxDO4VzVvdAFdrfL
content-encoding: gzip
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
date: Thu, 14 Dec 2023 00:12:55 GMT
x-amz-cf-pop: FRA6-C1
age: 7400
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 09 Oct 2023 16:01:47 GMT
server: AmazonS3
etag: W/"b1f2fbddf3135863ad45acc993d27497"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: IoVqvbmb2PRUr4xHMK3jkD0YfNsLoVEOI_q4tEZG09u7ZzHBPvEZsA==

GET
H2 200 css2
fonts.googleapis.com/ Frame 336D 9 KB
820 B 51ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: westerncolorado.jobs
URL: https://westerncolorado.jobs/places/widget/widget:1/type:300x600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47a8a3cac11d58041b7c0874be17d4c7f9a71fe87ec09e8dc3dbf047438346d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westerncolorado.jobs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 02:16:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 01:28:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 02:16:11 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 336D 218 KB
78 KB 59ms
58ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y78X698QDH

Requested by

Host: westerncolorado.jobs
URL: https://westerncolorado.jobs/places/widget/widget:1/type:300x600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b9f62ffba83828dd25198de9e93c9f38bc34b81e9a9db9ddd349a158a3cb19ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westerncolorado.jobs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79471
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 02:16:11 GMT

GET
H/1.1 200
OK sp1.html Show response
cdn.cxense.com/ Frame 134B 456 B
659 B 44ms
43ms Document
text/html 2a02:26f0:480:b94::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/sp1.html
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b94::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5

Request headers

Referer: https://www.gjsentinel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=864000
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 289
Content-Type: text/html
Date: Thu, 14 Dec 2023 02:16:11 GMT
Expires: Sun, 24 Dec 2023 02:16:11 GMT
Last-Modified: Thu, 30 Nov 2023 11:55:50 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

POST
H2 204 collect
region1.analytics.google.com/g/ 0
256 B 139ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je3bt0v887101457z8861227858&_p=1702520169809&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1625540659.1702520171&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=gjsentinel.com%20%7C%20Grand%20Junction%20news%2C%20sports%2C%20entertainment%2C%20shopping%20and%20more.&dl=https%3A%2F%2Fwww.gjsentinel.com%2F&sid=1702520171&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.canonical_url=https%3A%2F%2Fwww.gjsentinel.com%2F&epn.townnews_crm_group_id=185&ep.generator=BLOX&ep.generator_version=1.72.2&tfd=2888
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gjsentinel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 51ms
49ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=1625540659.1702520171&gtm=45je3bt0v887101457z8861227858&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-4T2EB147B8&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gjsentinel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 143ms
51ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=1625540659.1702520171&gtm=45je3bt0v887101457z8861227858&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1849071134

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 54 B
492 B 182ms
69ms Fetch
application/json 18.66.122.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=217032

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-62.fra60.r.cloudfront.net

Software

envoy /

Resource Hash

47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gjsentinel.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 54
x-amz-cf-id: mfYiDYQtkCJJ1ox3qSRNeEr0_0xMFFLityjx6X7FTJZIY0qUlMHtEA==

GET
H2 204 sync
trends.revcontent.com/ 0
0 189ms
77ms Fetch 18.66.122.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/sync

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-62.fra60.r.cloudfront.net

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Thu, 14 Dec 2023 02:16:11 GMT
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: envoy
x-amz-cf-pop: FRA60-P2
vary: Access-Control-Request-Method,Access-Control-Request-Headers
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.gjsentinel.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: L63Nzab86IER_N688PX-4AMKQTKqHmafRkepEwZLY-9ks0RSphRbwA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 139ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-6QG1NXGVPL&gtm=45je3bt0v9103578659z8867863675&_p=1702520169809&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1625540659.1702520171&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=gjsentinel.com%20%7C%20Grand%20Junction%20news%2C%20sports%2C%20entertainment%2C%20shopping%20and%20more.&dl=https%3A%2F%2Fwww.gjsentinel.com%2F&sid=1702520171&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.cms_product=BLOX&ep.cms_version=1.72.2&tfd=2998
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-6QG1NXGVPL&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gjsentinel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cx.js Show response
cdn.cxense.com/ Frame 134B 111 KB
37 KB 50ms
50ms Script
application/x-javascript 2a02:26f0:480:b94::268b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cxense.com/cx.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:b94::268b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 385a3321b0c214d7b4476729aa33f296aa1b8458de7f777d5965f8b70a8c97d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/sp1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 02:16:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Nov 2023 13:41:18 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37050
Expires: Thu, 14 Dec 2023 03:16:11 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 208 KB
77 KB 419ms
418ms Fetch
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=537503275503207&correlator=75167702215460&eid=44809527%2C31080078%2C31080125&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=26313543%2Cgjsentinel.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=2x1%2C1x1%2C970x90%7C728x90%2C300x250%7C300x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1702520171374&lmt=1702519877&adxs=799%2C800%2C132%2C1168&adys=0%2C1%2C319%2C606&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.gjsentinel.com%2F&vis=1&psz=1600x1%7C1600x1%7C1336x90%7C300x250&msz=1600x1%7C1600x1%7C1336x90%7C300x250&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&ga_vid=1625540659.1702520171&ga_sid=1702520171&ga_hid=1852882027&ga_fc=true&dlt=1702520169441&idt=1153&prev_scp=pos%3Dimpact-top%26amznbid%3D2%26amznp%3D2%7Cpos%3Dimpact-sticky-anchor%26amznbid%3D2%26amznp%3D2%7Cpos%3Dleaderboard-top%2Catf%2Cleaderboard-one%26amznbid%3D2%26amznp%3D2%7Cpos%3Drectangle-one%2Catf%26amznbid%3D2%26amznp%3D2&cust_params=browser%3DChrome%26k%3Dthe%2520grand%2520junction%2520daily%2520sentinel%26page%3Dhomepage%252Capp-editorial&adks=4274367401%2C573695838%2C3263731806%2C3815530034&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdfe9f368de4615715c1c188fd804ac43371b2cf83ea7c731c4021d2c6d05f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78382
x-xss-protection: 0
google-lineitem-id: -2,-2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gjsentinel.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A002 6 KB
3 KB 189ms
47ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gjsentinel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 02:16:11 GMT
expires: Fri, 13 Dec 2024 02:16:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ Frame 336D 46 KB
46 KB 43ms
39ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://westerncolorado.jobs
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:57:12 GMT
x-content-type-options: nosniff
age: 148739
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:57:12 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 48ms
48ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1852882027&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gjsentinel.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=gjsentinel.com%20%7C%20Grand%20Junction%20news%2C%20sports%2C%20entertainment%2C%20shopping%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgUABAAQCACAAI~&jid=1668096563&gjid=1239379909&cid=1625540659.1702520171&tid=UA-54716522-7&_gid=997835911.1702520171&_slc=1&gtm=45He3bt0n71PDQV3Nv72758733&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fwww.gjsentinel.com%2F&cd15=3.155.0&cd16=No&cd17=Page%20View&cm1=7216&z=1642621184

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gjsentinel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 49ms
48ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-54716522-7&cid=1625540659.1702520171&jid=1668096563&gjid=1239379909&_gid=997835911.1702520171&_u=YGDAgUABAAQCAGAAI~&z=1565606127

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 14 Dec 2023 02:16:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gjsentinel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4e1251346db872331a84.powered_by_evvnt.png
discovery.evvnt.com/prd/images/ 17 KB
17 KB 42ms
41ms Image
image/png 2600:9000:206f:4200:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discovery.evvnt.com/prd/images/4e1251346db872331a84.powered_by_evvnt.png
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:206f:4200:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37d44df61428260da98324576010ebd04c0d5a1ce6774bbed15bbfbdfc141a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 22:09:23 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 14808
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17440
last-modified: Mon, 11 Dec 2023 18:24:15 GMT
server: AmazonS3
etag: "097fd79365bc9c17a0b1ec1596d8c8b7"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age= 31536000
accept-ranges: bytes
x-amz-cf-id: IxujCh1C5e0ES2pz7p20HpzTj1uBOqZHaAw_thEMeOtL5xazrUAZmg==

POST
H2 200 trackings Show response
analytics-prd.aws.wehaa.net/api/v1/ Frame 336D 408 B
524 B 140ms
139ms XHR
application/json 44.205.189.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Requested by: Host: westerncolorado.jobs
URL: https://westerncolorado.jobs/places/widget/widget:1/type:300x600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.205.189.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-189-117.compute-1.amazonaws.com
Software: /
Resource Hash: de7900a3cbd162c4502b1c4ca0ad9af9b8734ec575c2f609d6b85cb0bd3fce38

Request headers

Referer: https://westerncolorado.jobs/
accept-language: de-DE,de;q=0.9
X-Cat: firstpage
X-Tenant: westerncolorado.jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 14 Dec 2023 02:16:11 GMT
content-length: 408
vary: Origin
content-type: application/json; charset=utf-8

OPTIONS
H2 204 trackings
analytics-prd.aws.wehaa.net/api/v1/ Frame 0
0 446ms
117ms Preflight 44.205.189.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.205.189.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-189-117.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cat,x-tenant
Access-Control-Request-Method: POST
Origin: https://westerncolorado.jobs
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-cat,x-tenant
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Thu, 14 Dec 2023 02:16:11 GMT
vary: Origin, Access-Control-Request-Headers

GET
H/1.1 200
OK 509.jpg
static.wehaacdn.com/westerncolorado-jobs/imgs/media-images/wideb/509/images/ Frame 336D 322 KB
323 KB 1147ms
299ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/westerncolorado-jobs/imgs/media-images/wideb/509/images/509.jpg

Requested by

Host: westerncolorado.jobs
URL: https://westerncolorado.jobs/places/widget/widget:1/type:300x600

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

3357773697f27668085a764cb940779973917dfab69295d2b0ba20ef9a13b24f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westerncolorado.jobs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 02:16:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 08 Dec 2023 12:40:33 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="509.jpg"
Connection: keep-alive
Expires: Fri, 15 Dec 2023 12:40:33 GMT

GET
H2 200 ajs-destination.bundle.13362ca512563a10e34d.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 40ms
39ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 20:48:28 GMT
x-amz-version-id: p6tk_itArJhm1.zmwaH5aXhODx_TUmzt
content-encoding: br
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2438864
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 15 Nov 2023 20:12:01 GMT
server: AmazonS3
etag: W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: g4o7osNtz6xKGpRYvNY0mRsE1oR9aqrcIz-xu1MY5Tkg9tcHwb0atg==

GET
H2 200 featured_Dress_Rehearsal.webp
cdn.prod.mktg.evvnt.com/uploads/event_image/2039438/event_image/ 22 KB
22 KB 189ms
45ms Image
image/webp 2600:9000:223c:5a00:8:4487:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.mktg.evvnt.com/uploads/event_image/2039438/event_image/featured_Dress_Rehearsal.webp
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5a00:8:4487:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 823d24c7fd7deac0ca9cb3c57be7df7b0dda6045be77e4b649d4e381de1344f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 01:51:14 GMT
x-amz-version-id: pSPaKz56Hmh9z8e6qUXOrFITIIHIx_U6
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 20:15:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 174298
etag: "22096b06976a4cd6699d18cba95394d8"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
content-length: 22386
x-amz-cf-id: SIchzT82Gvyc6qg70g3-uxdUTbsjFTECRh0CHZ-_WcnHnVExzCs4lA==

GET
H2 200 featured_Extravaganza.webp
cdn.prod.mktg.evvnt.com/uploads/event_image/2039155/event_image/ 21 KB
22 KB 223ms
79ms Image
image/webp 2600:9000:223c:5a00:8:4487:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.mktg.evvnt.com/uploads/event_image/2039155/event_image/featured_Extravaganza.webp
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5a00:8:4487:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 477512652babe755ab88b6a712f74607b1e3178de899b5aabbe59a3a174970cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 01:14:36 GMT
x-amz-version-id: L0HT1uaaZgUOp0lksM57ktHtlnlA2Jsx
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 18:11:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 3696
etag: "831e690e342f6fb5e5f8e4232feb25fd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
content-length: 21932
x-amz-cf-id: 6KAi9W0YoVO8SEpLV9GitG23ai4DODLn_ryf-RSaKzAYBIuvF6JmAw==

GET
H2 200 featured_Live_Nativity.webp
cdn.prod.mktg.evvnt.com/uploads/event_image/2039203/event_image/ 14 KB
14 KB 207ms
87ms Image
image/webp 2600:9000:223c:5a00:8:4487:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.mktg.evvnt.com/uploads/event_image/2039203/event_image/featured_Live_Nativity.webp
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5a00:8:4487:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea863362502728bb408283ed05a29e338b99f3a2c546f920811ae2d8f2bfb835

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:13:16 GMT
x-amz-version-id: Kuk.F.VuUrjOIrIt2fsvWYDr5mi8gvoG
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 18:43:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 176
etag: "2042e37980163d82f8c2b46335621db0"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
content-length: 14320
x-amz-cf-id: aAJbsQh6VGpe_3nbY45Ub5jVMPhHy3ihKdLcDgyHvHOpu1GYbj52ew==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-12M2XZC8V4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDMH9T6&gtm_auth=QzlUjhMy0COR5MgCC_1Cyw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d5cfee61b742b87cd2a664b044eee837ff01db1e5c5bfe66faac30edc228bdf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85539
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 02:16:11 GMT

GET
H/1.1 200
OK p1.js Show response
p1cluster.cxense.com/ Frame 134B 47 B
638 B 139ms
39ms Script
text/javascript 167.235.124.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p1cluster.cxense.com/p1.js
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0037.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 0ec1683a8f420b29810fcc25c9cca80233b7ef893eb8db7583baf2c6fb14af2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:11 GMT
last-modified: Wed, 14 Jun 2023 02:16:11 GMT
server: Jetty(9.4.28.v20200408)
etag: 14o26qk2pkhlm3brpn1l62f8sq
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: text/javascript;charset=utf-8
cache-control: private, proxy-revalidate
content-length: 47
expires: Sat, 14 Dec 2024 02:16:11 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 20 KB
11 KB 139ms
136ms Fetch
application/json 18.66.122.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=217032&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.gjsentinel.com%2F&icr_url=&va=0&time=1702520171562&up=pc&bn=chrome&bv=120&widget_width=1600&style_id=0&an=false

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.122.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-62.fra60.r.cloudfront.net

Software

envoy /

Resource Hash

be21226dfb7b4e3cef0ea83718af0a2b963c821f59eda3d553e30168d0d21518

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-rc-region: eu-west-1c
date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.gjsentinel.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 56
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 6vKwO-N0fy-2DA9S3LjpWY0alU3oLLA37QXlKtawc53QokWQ_MEWnA==

GET
H2 200 schemaFilter.bundle.f63551a29dc1697f71b6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 39ms
39ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 16:42:23 GMT
x-amz-version-id: ImHr9JVwNOQx3sB3unWxqI5ddwoeSEnO
content-encoding: br
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 725629
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 01 Dec 2023 20:22:01 GMT
server: AmazonS3
etag: W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: wF_ACzzfNZBz54Sk-jME-XCHXIT4hvAHCKL3cJzpUibENVIHZ8X0SA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-12M2XZC8V4&gtm=45je3bt0v873737409z8857454493&_p=1702520169809&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1625540659.1702520171&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702520171&sct=1&seg=0&dl=https%3A%2F%2Fwww.gjsentinel.com%2F&dt=gjsentinel.com%20%7C%20Grand%20Junction%20news%2C%20sports%2C%20entertainment%2C%20shopping%20and%20more.&en=page_view&_fv=1&_ss=1&tfd=3322
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-12M2XZC8V4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gjsentinel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
176 B 834ms
212ms Fetch
application/json 34.223.74.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.223.74.168 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-223-74-168.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.gjsentinel.com
date: Thu, 14 Dec 2023 02:16:12 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

OPTIONS
H2 204 trackings
analytics-prd.aws.wehaa.net/api/v1/ Frame 0
0 196ms
118ms Preflight 44.205.189.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.205.189.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-189-117.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cat,x-tenant
Access-Control-Request-Method: POST
Origin: https://westerncolorado.jobs
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-cat,x-tenant
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Thu, 14 Dec 2023 02:16:11 GMT
vary: Origin, Access-Control-Request-Headers

POST
H2 200 trackings Show response
analytics-prd.aws.wehaa.net/api/v1/ Frame 336D 411 B
527 B 135ms
135ms XHR
application/json 44.205.189.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Requested by: Host: westerncolorado.jobs
URL: https://westerncolorado.jobs/places/widget/widget:1/type:300x600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.205.189.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-189-117.compute-1.amazonaws.com
Software: /
Resource Hash: 4c6f42922d5f0c84b9b19f3f8bd0567786d1a8c0d40575368b7a40508fe0c747

Request headers

Referer: https://westerncolorado.jobs/
accept-language: de-DE,de;q=0.9
X-Cat: firstpage
X-Tenant: westerncolorado.jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 14 Dec 2023 02:16:11 GMT
content-length: 411
vary: Origin
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK rep.gif
comcluster.cxense.com/Repo/ Frame 134B 43 B
468 B 116ms
38ms Image
image/gif 167.235.124.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.42&typ=pgv&rnd=lq4kjv3bf5xwwm7x&sid=3608889934911302653&loc=https%3A%2F%2Fwww.gjsentinel.com%2F&new=1&arf=0&ltm=1702520171083&ref=&tzo=-60&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lq4kjvjvi8b4o492&ckp=lq4kjv3bfeshtnxx&glb=&cp_userState=anon&cst=14o26qk2pkhlm3brpn1l62f8sq
Requested by: Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nue0037.cxense.com
Software: Jetty(9.4.28.v20200408) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.cxense.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Thu, 14 Dec 2023 02:16:11 GMT
server: Jetty(9.4.28.v20200408)
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK id Show response
id.cxense.com/public/user/ 102 B
675 B 115ms
38ms Script
text/javascript 167.235.124.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lq4kjv3bfeshtnxx%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%2214o26qk2pkhlm3brpn1l62f8sq%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%2214o26qk2pkhlm3brpn1l62f8sq%22%7D%5D%2C%22siteId%22%3A%223608889934911302653%22%2C%22location%22%3A%22https%3A%2F%2Fwww.gjsentinel.com%2F%22%7D&callback=cXJsonpCB1

Requested by

Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

167.235.124.59 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

nue0037.cxense.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

677de1a657eefe2f5b63bda2f79c0cb929a159c70fe397ce6199ab3028eb763a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
x-content-type-options: nosniff
server: Jetty(9.4.28.v20200408)
content-type: text/javascript;charset=utf-8
p3p: policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-store, no-cache, must-revalidate
content-length: 102
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 204 impression
trends.revcontent.com/event/ 0
0 111ms
68ms Fetch 18.66.122.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

QUIC, , AES_128_GCM

Server

18.66.122.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-122-62.fra60.r.cloudfront.net

Software

envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-rc-region: eu-west-1c
date: Thu, 14 Dec 2023 02:16:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 f884e2c0a4bd6c75faee34aade3f091e.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA60-P2
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.gjsentinel.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: gIEaTOLP2M1wFXDexCOSBG4qOeAbYfeewbUAll_LYYexc7wxs9jhlQ==

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 30 KB
8 KB 43ms
42ms Script
text/javascript 99.86.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-105.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53203ef7d7c97068a4425546fc8797acbc7e61d7e3df6cd8379dab5c2b1a845f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:29:29 GMT
content-encoding: br
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 21:29:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 17203
x-amz-server-side-encryption: AES256
etag: W/"dd527879624f94aec37115fb12409ec9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: iDva4YKOXCYvginsBX0xK1cJjcpu5QzQMLEUUDKV95pJAi2up2aeRA==

GET
H2 200 defaultWidget.delivery.js Show response
assets.revcontent.com/master/ 18 KB
6 KB 44ms
43ms Script
text/javascript 99.86.4.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-105.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f8d62a906fe07f2169652b00715ff176ca8aa41dda9a00b04736c29976ecaaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:29:29 GMT
content-encoding: br
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
last-modified: Mon, 11 Dec 2023 21:29:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 17203
x-amz-server-side-encryption: AES256
etag: W/"a68f44a39bbc7d4ebe5968b500187e25"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public,max-age=60
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: X_wV2bjDo8gpwwJzHZ7xUaf0xeEbapFoeYfwRIl7Ms5hhdyFLhmEIw==

GET
H2 200 /
img.revcontent.com/ 1 KB
2 KB 163ms
39ms Image
image/png 18.66.97.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-98.fra56.r.cloudfront.net
Software: envoy /
Resource Hash: 94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-rc-region: us-east-1a
date: Tue, 03 Oct 2023 17:55:57 GMT
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jun 2023 15:43:57 GMT
server: envoy
x-amz-cf-pop: FRA56-P2
age: 6164414
etag: "a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33"
x-cache: Hit from cloudfront
content-type: image/png
x-envoy-upstream-service-time: 22
alt-svc: h3=":443"; ma=86400
content-length: 1351
x-amz-cf-id: e-NGpfJauTIzzgHR0r7kwVb2q2fLqU949uibzZfK7FwRvWHPWhUaeQ==

GET
H2 200 10634912.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/cr_videos/181384/ 7 KB
8 KB 468ms
43ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/cr_videos/181384/10634912.jpg

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

d98b03ac0c492d064f025a3071c62dc2cc700810479f0d70f4e40ff5d64f02b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 12:34:58 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 308474
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7452
last-modified: Thu, 07 Sep 2023 21:08:31 GMT
server: Cloudinary
etag: "dbc645caeb80f2392af0c97f8eff0f6f"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: B2XwPk2qWoFCMXW_85fRtiPRGuT98pgYD4TrNU5k7LPC2tV33JH7Vg==

GET
H2 200 container.html Show response
6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8D17 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gjsentinel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 02:16:11 GMT
expires: Fri, 13 Dec 2024 02:16:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 206 10634912.mp4
media.revcontent.com/cr_videos/181384/ 126 KB
0 466ms
47ms Media
video/mp4 13.32.121.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://media.revcontent.com/cr_videos/181384/10634912.mp4
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-28.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.gjsentinel.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 03 Oct 2023 17:56:00 GMT
x-amz-version-id: K1Y7AlTyONnQHLKXWqcJnjHNL8_wEwM5
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 6164413
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-342680/342681
alt-svc: h3=":443"; ma=86400
Content-Length: 342681
last-modified: Thu, 07 Sep 2023 11:01:21 GMT
server: AmazonS3
etag: "5f2e41e33021abdd4d0aba59ee3c35a1"
content-type: video/mp4
accept-ranges: bytes
x-amz-cf-id: tqCuHbp1KZYYgtW0DR1Hay2vbfTdYwsKUVYKb-SbGQ07JrxhtHQNow==

GET
H2 200 795a02aecde80d5c65320603c05af1db.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 18 KB
18 KB 429ms
49ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/795a02aecde80d5c65320603c05af1db.jpeg

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

da1b94b16cc73ab273a2c57777f6023480e0c24e607e48233a47ca6ecaa2d058

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Sat, 09 Dec 2023 04:19:28 GMT
x-content-type-options: nosniff
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 424604
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 18291
last-modified: Tue, 19 Sep 2023 17:40:44 GMT
server: Cloudinary
etag: "cccba623fd66e8aa63515510f92791f6"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: OeDgDLlZ6q4h4yh4LI8bZ_oxHUZ9kLQbh0u87JedOzzF8d6-5nsWTg==

GET
H2 200 43a51d6c817703425c59c00f0d61b9d2.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 10 KB
10 KB 452ms
74ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/43a51d6c817703425c59c00f0d61b9d2.jpeg

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

f58e6745de6de51a1ed7252fc74c7a0d13a570034fd45e12336f0c40b0ebdb1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Sat, 09 Dec 2023 03:28:17 GMT
x-content-type-options: nosniff
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 427675
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 10102
last-modified: Thu, 05 Oct 2023 14:37:40 GMT
server: cloudflare
etag: "d39ba77532848a2a55589265a18f807f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
cf-ray: 82f07a1d0cee0664-IAD
timing-allow-origin: *
x-amz-cf-id: V96o7ZDQ-sBNuzDyipoK2pA0EIWXaF5-szO7Kx5O2IBvXJwrKVW9ug==

GET
H2 200 6553609b61be56-14241356.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 5 KB
6 KB 459ms
83ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6553609b61be56-14241356.jpg

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e5f989f47b2d270d55fca173cdad0660bb1d16c7f4b3e50cc8a92d5d2e04db63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Thu, 14 Dec 2023 01:25:51 GMT
x-content-type-options: nosniff
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 48657
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5615
last-modified: Tue, 14 Nov 2023 22:28:24 GMT
server: Cloudinary
etag: "5affb14ad22e1cbeaf9ad167766e04af"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: PUdLw9hryfrf1G1QBqHFuAoKkVq5EBkvdSTLW_NZabF_dkOOwkD3ag==

GET
H2 200 6571883c825528-49186057.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 14 KB
15 KB 461ms
88ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6571883c825528-49186057.jpg

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

03fc01f77766ac6bc636fad8c3c82f8549379bc61b636e9ba344ead0bce5dedb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 10:39:14 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 574618
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 14710
last-modified: Thu, 07 Dec 2023 10:38:31 GMT
server: cloudflare
etag: "af466af53ddfc7e4f9930ec834053405"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
cf-ray: 831c24c37f9d0766-IAD
timing-allow-origin: *
x-amz-cf-id: pde0k-hPz1JGk2LC68tVGECdjt4Aea733IULqZlyoyjkBvjwr_Kf4w==

GET
H2 200 65632f00ca2123-20990895.png
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 13 KB
14 KB 465ms
93ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/65632f00ca2123-20990895.png

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

1fdabd4cfa67c6a32eb8312da1a34d29e46e03cae7cc98d412e4201c8e3ed7c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Fri, 08 Dec 2023 19:32:45 GMT
x-content-type-options: nosniff
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 456209
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 13787
last-modified: Sun, 26 Nov 2023 19:24:26 GMT
server: cloudflare
etag: "8216762d927dbb943e58457bf243beca"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
cf-ray: 82edc1ecdfc70678-IAD
timing-allow-origin: *
x-amz-cf-id: JgOzLRxO_Yt7iZ7wSkgn5FuyRJ3bTIJHI2XCOMC7fhjY64YhcOk2yQ==

GET
H2 200 container.html Show response
6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3FAC 6 KB
3 KB 39ms
39ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gjsentinel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 02:16:11 GMT
expires: Fri, 13 Dec 2024 02:16:11 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 657185c7847755-87662782.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 13 KB
14 KB 87ms
84ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/657185c7847755-87662782.jpg

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

41c6c7f31e699ee9c9f923584aa973b82dfc509a9cd1b31ebabcfc39995adb80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 10 Dec 2023 17:41:46 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 290066
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 13435
x-request-id: 4d9d56efbe36de21bcc98b642d64327f
last-modified: Sun, 10 Dec 2023 09:08:40 GMT
server: cloudflare
etag: "7cbb97ee0642a34d907a4825be5447f8"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
cf-ray: 833747d69a598218-IAD
timing-allow-origin: *
x-amz-cf-id: qQFLGDHIiLv-IuH4pXnnc4HqRZSw43cv49GgIbAKeutEADXJ7WoOYw==

GET
H2 200 6570c2676120a7-34258757.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 10 KB
10 KB 110ms
107ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6570c2676120a7-34258757.jpg

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3606f88fefce60e8311b3ea111fcfcaccf7039c8e1375a659e6ff32fa09ca37e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:21:17 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 86095
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 9989
last-modified: Thu, 07 Dec 2023 00:02:16 GMT
server: Cloudinary
etag: "6261489a993dbfd8c6c029c9b10b5c91"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 30b3bC2s5mVhG7hvwVFwBC-zc9duTybGVmqACZRl2jqM9MPcuG9FOQ==

GET
H2 200 6579a2a1e2ed28-84855621.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ 7 KB
8 KB 111ms
108ms Image
image/jpeg 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/6579a2a1e2ed28-84855621.jpg

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

Cloudinary /

Resource Hash

f09593828cee6920adedd5894490b2215298d6efcff8ed1553fff1265bd478b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 00:56:13 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 4799
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 7668
x-request-id: 41d5412e76d7e3b0907c01275cb6b5c0
last-modified: Wed, 13 Dec 2023 23:37:24 GMT
server: Cloudinary
etag: "966ea1dd4e8cace8b8b0dcd1a70966ca"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, no-transform, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Dw5AHpNf8tlZtiDkunTgXtEE3k_k8wuTQzr0RBiYBsiosfNCg1q5cw==

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CDEF 624 B
422 B 88ms
86ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGK3o7vgBMAE&v=APEucNXGMlJYIlEF8wm7_nBWxZlymm7AAeJLr2Im_AqOVAbE83X8eruIuO784KQsRVKQemYzvphL2IotYG9xoaqBzxHZ5CZscTQ56FA1fqF2Jc8Wgt3eBPWkm4Po3oC9HuDdYULegt5wGJgPG23hHW_KjjczZXvrUFFAitsMVCfQwXJ8__K5_J0

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 02:16:12 GMT
expires: Thu, 14 Dec 2023 02:16:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 8D17 24 KB
9 KB 298ms
38ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19992
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 20:43:00 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 8D17 7 KB
3 KB 304ms
45ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 02:43:26 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8D17 0
0 328ms
94ms Fetch
image/gif 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssjEIkq2_2Tj-u_DXKiIirbDXhpucGD95KTIgV9KzwgimY16M7vACb6LT9rOJAfzHJsJE37_ehwZQD0IjZf5lIbVXJ-R5zEgbIeMPHHs3MPZ5LFyIKJobyS2HfkUVSlQAwMHL9al3BZIolHBAdbZ6lLlB-DVOriatA7BcbQypUv86qm1tNMG0w9sFyCDUgYjCDRXGwXiyl8zpxWLgtC7k2KTfa0GDblQNQMTGtBf6cyiBhdpIRJd4HaF6vPlhu5_eCCfd7Em2O38yU4PfoAkzmBgFbPalbU6X0_HP0fdo25KAsQ6_Y1F0ycP_cvNDD8ADs40HmKpuZMeYyarcpPDSMBmpT998b7uMOShsmcgcYSXIvn0H6A4Y_WtYtNssb0O2bwONU2atTNVGQXX1gJWpnq5HxbPWS2-hun5rvfqe9Ee4SQo3AcbA3P-lR7Bb586Xz7CzbJV-6EKXnHfvTbCyYwF-Qow93uswbP438Zad6mIC2ROy-A0Dnhoh2Ba25-nMrn5_I8rZh9Jx8tBOuBVcjaVjzdfnI2OiJjh124rrK70AFzl7uWTORC7Rm2CGJ3XvFZqyZfE_Vp6N39Z7jZJNQSj3wVY1eguXiv9kiit245sYKEv30LeGppSEqI1sLpqvsg69nNWJlihCHPj7rMD_1jVjVENp-wWQzivW7sN5VjI4jm8nEIelx3xrrg8yzOEXhVxqPBHEA-imP7Ujer6TwasNB3eNsQlug6HaaIKUcv6YPXppsU5uLy7m2ua8tooSRh4XwC0aSBsyorPCzJnfzWU-Ios9FWRD3B4nmnmtAYORnPjJ-To2seil6vB-W2FceHzKNQNKO3zkpnlDpM2Iil5RsJkbGVPOns8i0wM5n_ceq_r5Iz3asNwh9WjKufO6GFzxeS5YiRiMYem9d7SJ9VeVzRX6lHcG2TWPzlUMUjjtsEbP1fgN6nXnHvzalgUn0hgMFnxH6H47jsC9ykDad0MipUrxVeBPCBQbotSbxZ_kz4lfAFmKEV1b89QR4wAvGLdX-PRHycpGJfpRMZeZZaeR25saEOFmZ6twdMOVM46yZso5hm8kHP0ax6rWBXgm-3r_0pFE26uZO-dLQQMGPYVrQWNtLNUpkHwwOGdcXhXKVc5d_Wb3nF3ppf8JIQfTVXnKPgcvJnHs3D8ZSg2rkzzoZ4-nbUM6plTISv4AR8qIY2M-1IK6HkVMi9-iy3pB5oxtf1XNOEf92H-AcywWVF_IjXRheqqZaFL8SimvQZ5BgM3faA7ijwo5pe98xibW3HFuVhZpLDqzRa2NI9R5uWz-UIbOOmQjH9OzL1YHYZHnpqMnNZn1v4EBSjaX7Beut8BU_NoIkXAIeEZITpl8gV_h33oep7aQbRlFpIyk2aJGAu-DJJBVBHavIkXODqoVCWlEALvvycfcHqwNctyYpIdhdUcKbeK2HkpiCx9FWftkKVOK14fd44RICc2blq5b309T_lpTQPxIBw8NfJ26vwk0X7hJmq&sai=AMfl-YTyy-76Ccj_ULRstiwKebMVmJtakx3P0kyKZvCRcRxHlIriOx3kJRXZEaWrldBgW8nN8HwDawSJqhJuM1GqVJsgJ_v_GsVUdp2RIc-UryrOw2OLOgbYkfy7ZOtPjYYBHBwm7JhHi6kyZoakBYjMOG5-AbsqTBcpkts6eZxmboOSJf3j20G-4A13dEZFK9lF3ns2YUI23tZYbYy7oxMdiZ9BSfWjr7QMyzrfxoKHsWwX-rO4jddd8oVBvhcA9phWjmrVpiwqX__JG2OkC1Qj-odtsFumiXoUZ4yJrT7XIFzbzpnwyhxGQPwpE-X5YeNW1GOJiPrTEiXsk78bx4ZNXv_CYj0Cv4k2jsxwJXu0u_vSs2haEO9bkLK-TuVCr5GO-m2oPiiHwrV9mm8bwUekT4cA2DRhGux_aeCO1HdB&sig=Cg0ArKJSzOaxXnRclBgeEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9xb250by5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20231207.62692&arae=0&ftch=1&adurl=

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 14 Dec 2023 02:16:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D17 41 KB
14 KB 295ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 13:49:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8D17 3 KB
1 KB 336ms
87ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 16:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 16:50:41 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A4C1 1 KB
1001 B 58ms
36ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 13:49:30 GMT
etag: 48472445140208031
expires: Thu, 14 Dec 2023 13:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 8D17 20 KB
9 KB 286ms
41ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 13:49:15 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D17 42 B
173 B 326ms
83ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CYcibz4N59_TrNPc_hsQaRdIsktyVmMutnsBJRy_IXaZK_baRIa6MeFYWwdISrJWohU-abtR5qtx8CXdpUp5HWwFGOdRnnZ3P9legN52lR2ALPgAw

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8D17 0
0 48ms
47ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRm-IHtcNkwfybU_RVT0zhisBtBIjgLJUaoQWHgqRjgkPdU9qFk1kFKle_ryiCIkgcaMFM7ZroeHFEOXE4xR_W6lPmdKg
Requested by: Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D17 203 KB
65 KB 293ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 02:16:12 GMT

GET
H2 200 6419562279464366881
s0.2mdn.net/simgad/ Frame 8D17 39 KB
39 KB 280ms
40ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6419562279464366881?sqp=uqWu0g0HCFoQygdAZA&rs=AOga4qkFuuxwYnhlgeejrlas_0V4mHxKfw

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02600a23c6f383880f5706af53e035423140c8b23c83025ccc780d53e29c4019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 15:02:51 GMT
x-content-type-options: nosniff
age: 126801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39886
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 15:16:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 15:02:51 GMT

GET
H2 200 dbc.min.js Show response
x.revcontent.com/ 29 KB
13 KB 178ms
52ms Script
application/javascript 18.245.60.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://x.revcontent.com/dbc.min.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-124.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 159b16ec7d95e57f531a29d28e3c18278d7d5e46b6ec8f173c3996af21a55adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 17:56:00 GMT
content-encoding: gzip
via: 1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront)
last-modified: Tue, 02 May 2023 14:24:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 6164413
etag: W/"58db39c8e19b600ad104cfb9a528c2b2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xVft_fc-TFs5WfY2pd4Y8ZKEF6K4lZRL5eZEAt5rTz0ufoMbqfJccg==

GET
H2 200 dbc.min.css
x.revcontent.com/ 7 KB
2 KB 169ms
44ms Stylesheet
text/css 18.245.60.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://x.revcontent.com/dbc.min.css
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.60.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-124.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 549f570489de284788a48f1bfa5653d4bfa2ccb4e04187569598e92cd11b894d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 17:56:00 GMT
content-encoding: gzip
via: 1.1 9bd86598a7f45cc948aa2f9674ece0b2.cloudfront.net (CloudFront)
last-modified: Mon, 08 May 2023 12:31:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 6164413
etag: W/"c105e7b100bb9cf2ae1a887707934406"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Cfzt0Aez2KDKn1B2LoKOs6Pg_iqGRCbEbuJiEybGxsZ8FUdhCKcQmA==

POST
H2 204 page-view
yeet.revcontent.com/yeet/events/ 0
0 63ms
60ms Fetch 99.81.179.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.179.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-179-193.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://www.gjsentinel.com
date: Thu, 14 Dec 2023 02:16:12 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin

POST
H2 204 widget-loaded
yeet.revcontent.com/yeet/events/ 0
0 61ms
56ms Fetch 99.81.179.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.179.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-179-193.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

x-rc-region: eu-west-1c
access-control-allow-origin: https://www.gjsentinel.com
date: Thu, 14 Dec 2023 02:16:12 GMT
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
server: envoy
vary: Origin

GET
H2 200 0484fd3a-f4d8-11ed-b9d6-93a72551303d.png
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/custom/image/ 14 KB
14 KB 38ms
37ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/custom/image/0484fd3a-f4d8-11ed-b9d6-93a72551303d.png?resize=400%2C104

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4381203d8413c274ca0e5dbb703bfd17005c7a129a1054026614d3dd927d245

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 3
cf-polished: origFmt=png, origSize=21929
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="0484fd3a-f4d8-11ed-b9d6-93a72551303d.webp"
content-length: 14244
cf-bgj: imgq:85,h2pri
last-modified: Wed, 17 May 2023 17:26:54 GMT
server: cloudflare
x-vcache: MISS
etag: "8c18e319c4cc0af90078b9263c1b63f0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 8352f184893258d8-TXL
expires: Thu, 28 Nov 2024 08:26:54 GMT

GET
H2 200 6562b0219d110.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/2/c0/2c067504-8c05-11ee-87c6-9be625a0d686/ 9 KB
9 KB 40ms
38ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/2/c0/2c067504-8c05-11ee-87c6-9be625a0d686/6562b0219d110.image.jpg?resize=200%2C133

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f733fea78bee63c182db7d5c8f53a0bb6b99efd93ab182a5db2bd57fe1a0274f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 2
cf-polished: degrade=85, origSize=11464, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sun, 26 Nov 2023 02:40:34 GMT
server: cloudflare
x-vcache: MISS
etag: "086e63a2e97aa7e105ce6ecf00410c6f"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f184893458d8-TXL
expires: Sat, 30 Nov 2024 08:55:05 GMT

GET
H2 200 655009e7d0929.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/8/2f/82fcda48-80e7-11ee-a40d-7792cf15b0d4/ 8 KB
9 KB 40ms
39ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/8/2f/82fcda48-80e7-11ee-a40d-7792cf15b0d4/655009e7d0929.image.jpg?resize=200%2C133

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c61c83ea50f8a8157e37879feb2dee057a419ed932cc98ea061513a4add88ec0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 2
cf-polished: origSize=8785, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Sat, 11 Nov 2023 23:10:33 GMT
server: cloudflare
x-vcache: MISS
etag: "de7c87b553514ca7f48c17834905ca94"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f184893558d8-TXL
expires: Sat, 30 Nov 2024 09:44:36 GMT

GET
H2 200 6545158d9ab12.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/f/cc/fcc4851c-7a5f-11ee-a710-db87e2cc64cf/ 8 KB
8 KB 38ms
37ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/f/cc/fcc4851c-7a5f-11ee-a710-db87e2cc64cf/6545158d9ab12.image.jpg?resize=200%2C143

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a96cff3fb62ac0b734c6c27282f2bf58f8565ec5dd05c1b0c118471d28c14c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 2
cf-polished: degrade=85, origSize=11041, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 03 Nov 2023 15:45:18 GMT
server: cloudflare
x-vcache: MISS
etag: "2c96c861df57a612ec8f4dda9db9d7d1"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f184893658d8-TXL
expires: Sat, 30 Nov 2024 12:00:51 GMT

GET
H2 200 65330427a2944.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/0/8f/08ff9954-6f9b-11ee-b6ce-3f968107b252/ 3 KB
3 KB 38ms
38ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/0/8f/08ff9954-6f9b-11ee-b6ce-3f968107b252/65330427a2944.image.jpg?resize=200%2C133

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef954ef14bdf679460c2438c8f89989528da87b1835a32b7d1f835ebe3ff27bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 2
cf-polished: qual=85, origFmt=jpeg, origSize=6493
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="65330427a2944.webp"
cf-bgj: imgq:85,h2pri
last-modified: Fri, 20 Oct 2023 22:50:16 GMT
server: cloudflare
x-vcache: MISS
etag: "db63192cd8381e9f78f67982bf176f20"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 8352f184893758d8-TXL
expires: Sat, 07 Dec 2024 18:04:24 GMT

OPTIONS
H2 200 page-view
yeet.revcontent.com/yeet/events/ Frame 0
0 246ms
57ms Preflight 99.81.179.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/page-view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.179.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-179-193.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gjsentinel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.gjsentinel.com
content-length: 0
date: Thu, 14 Dec 2023 02:16:12 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
x-rc-region: eu-west-1c

OPTIONS
H2 200 widget-loaded
yeet.revcontent.com/yeet/events/ Frame 0
0 245ms
56ms Preflight 99.81.179.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.81.179.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-179-193.eu-west-1.compute.amazonaws.com
Software: envoy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.gjsentinel.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://www.gjsentinel.com
content-length: 0
date: Thu, 14 Dec 2023 02:16:12 GMT
server: envoy
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2
x-rc-region: eu-west-1c

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E981 640 B
391 B 98ms
89ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNVugC3xv8FILRnfKU45jIApvrvRVvUvMLubSVnkkjL_6yAurcLgUwneIuvuprW1EMA786uYpYcMphyBhSF81kQHuoyAvsvypZIrM4QckPKXdMuDxyM1VKPf8goxbZHd3vhTkqGMr64aoh0PMzieBIa8P6iuV1fNXs5Us6Nd0Mo7KIjN34E

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 02:16:12 GMT
expires: Thu, 14 Dec 2023 02:16:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3FAC 172 KB
61 KB 175ms
39ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
Origin: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:58:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51457
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Dec 2023 11:58:35 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 3FAC 7 KB
3 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 02:43:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84766
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 02:43:26 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 3FAC 24 KB
9 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 20:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19992
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 20:43:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3FAC 41 KB
14 KB 83ms
82ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 13:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131216
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 13:49:16 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3FAC 3 KB
1 KB 94ms
93ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 16:50:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 16:50:41 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BD79 1 KB
677 B 73ms
72ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 13:49:30 GMT
etag: 48472445140208031
expires: Thu, 14 Dec 2023 13:49:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 3FAC 20 KB
8 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 13:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44817
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Dec 2023 13:49:15 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3FAC 42 B
107 B 75ms
75ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C787NWfU_a2B--zhr9Beh5RjiXoOgwET0PW-qEKjxeTdsbQ4QRUAz_2CWo7gkNOvgpRgbnlxg8uN5EsJiP5MpEf7LS-EpAYz-2DgMQqpFgiMftuio

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FAC 203 KB
64 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 02:16:12 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4C1
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAVMAX17SAYq8SiQPRTt_3s&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAVMAX17SAYq8SiQPRTt_3s&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjlONTZzWjUxUmRCZ001&google_gid=CAESEAVMAX17SAYq8SiQPRTt_3s&google_cver=1&google_push=AXcoOmQv2HxKe1_eqq7eK2DVPSnzopMtlis4J3ZqfwpWLsZ...

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjlONTZzWjUxUmRCZ001&google_gid=CAESEAVMAX17SAYq8SiQPRTt_3s&google_cver=1&google_push=AXcoOmQv2HxKe1_eqq7eK2DVPSnzopMtlis4J3ZqfwpWLsZilpIFARQ3Gy14PTNZJ3vpBi6dwQ2dkAbIE0MFpIxXPiLWbSj4DAk

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Dec 2023 02:16:12 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-029f22d856dc4e10e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjlONTZzWjUxUmRCZ001&google_gid=CAESEAVMAX17SAYq8SiQPRTt_3s&google_cver=1&google_push=AXcoOmQv2HxKe1_eqq7eK2DVPSnzopMtlis4J3ZqfwpWLsZilpIFARQ3Gy14PTNZJ3vpBi6dwQ2dkAbIE0MFpIxXPiLWbSj4DAk
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4C1
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBGwYMlvDy6fvZHKGF-n0Sc&google_cver=1&google_push=AXcoOmSrGy0o1TyIbxe3b0JPC1MZoYY7f_ni0mW76Ms0BoiZ3XBTjRdHqWz4Y7KaZNJ8PnKT12zC2085...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBGwYMlvDy6fvZHKGF-n0Sc&google_cver=1&google_push=AXcoOmSrGy0o1TyIbxe3b0JPC1MZoYY7f_ni0mW76Ms0BoiZ3XBTjRdHqWz4Y7KaZNJ8PnKT12z...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE0ODk5NDEwNzE5MzA4MTU0Mg&google_push=AXcoOmSrGy0o1TyIbxe3b0JPC1MZoYY7f_ni0mW76Ms0BoiZ3XBTjRdHqWz4Y7KaZNJ8PnKT12zC20...

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE0ODk5NDEwNzE5MzA4MTU0Mg&google_push=AXcoOmSrGy0o1TyIbxe3b0JPC1MZoYY7f_ni0mW76Ms0BoiZ3XBTjRdHqWz4Y7KaZNJ8PnKT12zC2085Frt_uqx0qJumtW2KXE8

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjE0ODk5NDEwNzE5MzA4MTU0Mg&google_push=AXcoOmSrGy0o1TyIbxe3b0JPC1MZoYY7f_ni0mW76Ms0BoiZ3XBTjRdHqWz4Y7KaZNJ8PnKT12zC2085Frt_uqx0qJumtW2KXE8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4C1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOmNE6qpdYfb7AG8u_JuAt0&google_cver=1&google_push=AXcoOmRwfBQppDXtnuH-gCvVqr-VtiJmSjQ3j0RRgpwaNoazzhjSNMJIh-dTGOthv3orOaJX_-m...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFE0S0pXSFUtWi01SEM5&google_push=AXcoOmRwfBQppDXtnuH-gCvVqr-VtiJmSjQ3j0RRgpwaNoazzhjSNMJIh-dTGOthv3orOaJX_-m1aZaBkCY4BlFuN5_RyGmN7pk

170 B
188 B

75ms
70ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFE0S0pXSFUtWi01SEM5&google_push=AXcoOmRwfBQppDXtnuH-gCvVqr-VtiJmSjQ3j0RRgpwaNoazzhjSNMJIh-dTGOthv3orOaJX_-m1aZaBkCY4BlFuN5_RyGmN7pk

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFE0S0pXSFUtWi01SEM5&google_push=AXcoOmRwfBQppDXtnuH-gCvVqr-VtiJmSjQ3j0RRgpwaNoazzhjSNMJIh-dTGOthv3orOaJX_-m1aZaBkCY4BlFuN5_RyGmN7pk
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4C1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEBJhgFow9eTkF0n-jkVzj3A&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEBJhgFow9eTkF0n-jkVzj3A&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBJhgFow9eTkF0n-jkVzj3A&google_hm=ZXplbCcKMkYXM8RaAOmoowAACK8AAAAB&google_nid=index&google_push=AXcoOmRU_p9hZ_Fllu55yhBePhDFVH5t3rKN9...

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBJhgFow9eTkF0n-jkVzj3A&google_hm=ZXplbCcKMkYXM8RaAOmoowAACK8AAAAB&google_nid=index&google_push=AXcoOmRU_p9hZ_Fllu55yhBePhDFVH5t3rKN9Vsp4kaCmakOIi44X2rpneBZSAvmiGxNq5V2BmropiERBt4AdddF8xw6BO9hPA

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3TzAz1NHVGG4DDKMs4%2FODbc4IxIOwK9dpyHGiqTPQS4nHbzmBnqvaHlFnZ8Pb0v0lOoMaTzsm59JHDphuCfwVPn8GNo3VQmuaddcNGNdKUi29ia4OHZjkoRP0V1%2BhhSRSC8DQcfP42vMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEBJhgFow9eTkF0n-jkVzj3A&google_hm=ZXplbCcKMkYXM8RaAOmoowAACK8AAAAB&google_nid=index&google_push=AXcoOmRU_p9hZ_Fllu55yhBePhDFVH5t3rKN9Vsp4kaCmakOIi44X2rpneBZSAvmiGxNq5V2BmropiERBt4AdddF8xw6BO9hPA
cache-control: no-cache
cf-ray: 8352f1868f7e452e-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4C1
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOuM6hS_OppMzVm6R5NRZmU&google_cver=1&google_push=AXcoOmR4IXp8eisbc3m9hOx0Xmu4_U3riXoLkkfsS_XnbSg9IyHEI0b-brHJ7aguJc8325RVyXcsd9zhJzvLcm3oi...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOuM6hS_OppMzVm6R5NRZmU&google_cver=1&google_push=AXcoOmR4IXp8eisbc3m9hOx0Xmu4_U3riXoLkkfsS_XnbSg9IyHEI0b-brHJ7aguJc8325RVyXcsd9zhJzvLcm3oi...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR4IXp8eisbc3m9hOx0Xmu4_U3riXoLkkfsS_XnbSg9IyHEI0b-brHJ7aguJc8325RVyXcsd9zhJzvLcm3oi1OYwd2f5aE&google_hm=H0TosGZHju-wM0aDSsKb7Rva

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR4IXp8eisbc3m9hOx0Xmu4_U3riXoLkkfsS_XnbSg9IyHEI0b-brHJ7aguJc8325RVyXcsd9zhJzvLcm3oi1OYwd2f5aE&google_hm=H0TosGZHju-wM0aDSsKb7Rva

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 14 Dec 2023 02:16:12 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmR4IXp8eisbc3m9hOx0Xmu4_U3riXoLkkfsS_XnbSg9IyHEI0b-brHJ7aguJc8325RVyXcsd9zhJzvLcm3oi1OYwd2f5aE&google_hm=H0TosGZHju-wM0aDSsKb7Rva
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 ebda
match.360yield.com/match/ Frame A4C1 43 B
199 B 254ms
55ms Image
image/gif 34.248.55.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEFf72h4WOzdqjCNjBgEZqEY&google_cver=1&google_push=AXcoOmScXm1OS7X0TMyTebB5hzUkWbVUSkCaugYCmHHGFCuRi8NPNCLW1oUED-4GQxI7i4gAsdaefdEzZ1MxZ2I7L52icf-rd6M
Requested by: Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.248.55.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-55-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Dec 2023 02:16:12 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4C1
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.targeting.unrulymedia.com/csync/RX-e3ed3fdd-7c1d-41e6-93d1-8b4c4f5609aa-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQ9FHNLwzobHS8HkshNO...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ9FHNLwzobHS8HkshNOqnvpExxATQfEc9xkKNmF1f_K6bSDx_mecYlOstzYy-x-8Fcwp0zzFhTwqFhw08HYHDz6NotipA&google_hm=A-PtP918HUHmk9GLTE9WCao

170 B
188 B

58ms
57ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ9FHNLwzobHS8HkshNOqnvpExxATQfEc9xkKNmF1f_K6bSDx_mecYlOstzYy-x-8Fcwp0zzFhTwqFhw08HYHDz6NotipA&google_hm=A-PtP918HUHmk9GLTE9WCao

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQ9FHNLwzobHS8HkshNOqnvpExxATQfEc9xkKNmF1f_K6bSDx_mecYlOstzYy-x-8Fcwp0zzFhTwqFhw08HYHDz6NotipA&google_hm=A-PtP918HUHmk9GLTE9WCao
date: Thu, 14 Dec 2023 02:16:12 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXe3ed3fdd7c1d41e693d18b4c4f5609aa003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A4C1 0
12 B 69ms
67ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JcH3KCiReQj4B4QK1k8OFAbKmIjNarMzjpY6XlvkQzzqgw5vitxVgqgc0MHeJt7x708vHE

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 8D17 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73eb9f67bdec552c505ef0f8f86ee428df8e31a08fbdac32c31d618ee6773cc6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame CDEF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL74p05wqbNI8MTwRD8N-q4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL74p05wqbNI8MTwRD8N-q4&google_cver=1&C=1

43 B
336 B

54ms
54ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL74p05wqbNI8MTwRD8N-q4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGK3o7vgBMAE&v=APEucNXGMlJYIlEF8wm7_nBWxZlymm7AAeJLr2Im_AqOVAbE83X8eruIuO784KQsRVKQemYzvphL2IotYG9xoaqBzxHZ5CZscTQ56FA1fqF2Jc8Wgt3eBPWkm4Po3oC9HuDdYULegt5wGJgPG23hHW_KjjczZXvrUFFAitsMVCfQwXJ8__K5_J0
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3iyaPxou3D2T%2BFpO0B8BOUaBUwchxG7iSYUrz9cwiM%2Fm3raU7RRT0czfb40wyeimad8wFpnl9YH0otnwrkXZ3o5UnAw1FB0vmP4FXirFk%2BZPYn2coSKY1T2NFfBp90LzAphx0C2DTXWKw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8352f1868fe06a76-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xdWAtTxN9YaLWEgeUKVvyZoqumJSD4eSIBOs4aKF2%2BZRqO1zc1HD60haEYi5Oou%2Ba4bLxwrxXkWAPgoTuitinVDFo9XCga%2FHHz82Ig%2F%2BpzteeccKOBVY8LvAYgW7p1Wfjm8TlMwIzgwirg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEL74p05wqbNI8MTwRD8N-q4&google_cver=1&C=1
cache-control: no-cache
cf-ray: 8352f1862f936a76-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CDEF
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXplbCcKMkYXM8RaAOmoowAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL74p05wqbNI8MTwRD8N-q4&google_cver=1

43 B
771 B

58ms
57ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL74p05wqbNI8MTwRD8N-q4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGK3o7vgBMAE&v=APEucNXGMlJYIlEF8wm7_nBWxZlymm7AAeJLr2Im_AqOVAbE83X8eruIuO784KQsRVKQemYzvphL2IotYG9xoaqBzxHZ5CZscTQ56FA1fqF2Jc8Wgt3eBPWkm4Po3oC9HuDdYULegt5wGJgPG23hHW_KjjczZXvrUFFAitsMVCfQwXJ8__K5_J0
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ul25ENDIS12dOAm%2FhH%2FPOSawDJhekcPhSVZ2sESg%2BgvZQy7cWpP1FoQe0qEioAJjtsRIkJZAPMeBFFic1h0H707X4FbBthN8Z6J8jB0XRMGarwUuYTsegkJD%2BI%2BVk8Lf%2BsFS4sRpHdEbsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8352f18748b55902-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL74p05wqbNI8MTwRD8N-q4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame CDEF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHWgLylaE3ok48pLblhBbE4&google_cver=1

43 B
894 B

45ms
41ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHWgLylaE3ok48pLblhBbE4&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGK3o7vgBMAE&v=APEucNXGMlJYIlEF8wm7_nBWxZlymm7AAeJLr2Im_AqOVAbE83X8eruIuO784KQsRVKQemYzvphL2IotYG9xoaqBzxHZ5CZscTQ56FA1fqF2Jc8Wgt3eBPWkm4Po3oC9HuDdYULegt5wGJgPG23hHW_KjjczZXvrUFFAitsMVCfQwXJ8__K5_J0

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
an-x-request-uuid: 5205a6cf-f752-4271-bc80-45489afec94b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.109; 80.255.7.109; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHWgLylaE3ok48pLblhBbE4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDEF
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI4OTY0NTkxNzk2Mzc3MDg0NQ%3D%3D

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI4OTY0NTkxNzk2Mzc3MDg0NQ%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
an-x-request-uuid: 7ae1f361-0965-4a1c-900d-90e0d08d9600
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjI4OTY0NTkxNzk2Mzc3MDg0NQ%3D%3D
x-proxy-origin: 80.255.7.109; 80.255.7.109; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame E981
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHWNb9qS8cPHV8D74_LApR4&google_cver=1

43 B
61 B

51ms
50ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHWNb9qS8cPHV8D74_LApR4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNVugC3xv8FILRnfKU45jIApvrvRVvUvMLubSVnkkjL_6yAurcLgUwneIuvuprW1EMA786uYpYcMphyBhSF81kQHuoyAvsvypZIrM4QckPKXdMuDxyM1VKPf8goxbZHd3vhTkqGMr64aoh0PMzieBIa8P6iuV1fNXs5Us6Nd0Mo7KIjN34E
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHWNb9qS8cPHV8D74_LApR4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame E981 43 B
136 B 74ms
46ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNVugC3xv8FILRnfKU45jIApvrvRVvUvMLubSVnkkjL_6yAurcLgUwneIuvuprW1EMA786uYpYcMphyBhSF81kQHuoyAvsvypZIrM4QckPKXdMuDxyM1VKPf8goxbZHd3vhTkqGMr64aoh0PMzieBIa8P6iuV1fNXs5Us6Nd0Mo7KIjN34E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame E981
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEPOyDMsntoJ8obfNkKESqNw&google_cver=1

23 B
163 B

131ms
69ms

Image
image/gif

2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEPOyDMsntoJ8obfNkKESqNw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNVugC3xv8FILRnfKU45jIApvrvRVvUvMLubSVnkkjL_6yAurcLgUwneIuvuprW1EMA786uYpYcMphyBhSF81kQHuoyAvsvypZIrM4QckPKXdMuDxyM1VKPf8goxbZHd3vhTkqGMr64aoh0PMzieBIa8P6iuV1fNXs5Us6Nd0Mo7KIjN34E
Protocol: H2
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 14 Dec 2023 02:16:12 GMT
pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEPOyDMsntoJ8obfNkKESqNw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame E981 23 B
163 B 226ms
67ms Image
image/gif 2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY07TV5gEwAQ&v=APEucNVugC3xv8FILRnfKU45jIApvrvRVvUvMLubSVnkkjL_6yAurcLgUwneIuvuprW1EMA786uYpYcMphyBhSF81kQHuoyAvsvypZIrM4QckPKXdMuDxyM1VKPf8goxbZHd3vhTkqGMr64aoh0PMzieBIa8P6iuV1fNXs5Us6Nd0Mo7KIjN34E
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 14 Dec 2023 02:16:12 GMT
pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD79
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIJ5upBJznG2pMueik_UEB8&google_cver=1&google_push=AXcoOmTNMTCOm7kZ_-lXMnBjz82cpk0MBoPdy_j1ogJOIx_Q_ZalISXAwkcK9h3ZGE2lc8GXczOWINw2SVx...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTNMTCOm7kZ_-lXMnBjz82cpk0MBoPdy_j1ogJOIx_Q_ZalISXAwkcK9h3ZGE2lc8GXczOWINw2SVxOxRkJ-gt1IcNHGE4e&google_hm=GFMfMXjSTs6N27ovwdeEAm0

170 B
188 B

56ms
56ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTNMTCOm7kZ_-lXMnBjz82cpk0MBoPdy_j1ogJOIx_Q_ZalISXAwkcK9h3ZGE2lc8GXczOWINw2SVxOxRkJ-gt1IcNHGE4e&google_hm=GFMfMXjSTs6N27ovwdeEAm0

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:11 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTNMTCOm7kZ_-lXMnBjz82cpk0MBoPdy_j1ogJOIx_Q_ZalISXAwkcK9h3ZGE2lc8GXczOWINw2SVxOxRkJ-gt1IcNHGE4e&google_hm=GFMfMXjSTs6N27ovwdeEAm0
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD79
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEL5SlNuprzQsLqW14LVmKBM&google_cver=1&google_push=AXcoOmSAJdfsIXgg0T6dOu6WeczUm2KmxVZlUp2yKAwUR9PtkMeuZItroFj8KqnxSfJyqzHaxdQEqeBvnf0o08xE...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=npXtyW6USt8HabSu2-VYvA&google_push=AXcoOmSAJdfsIXgg0T6dOu6WeczUm2KmxVZlUp2yKAwUR9PtkMeuZItroFj8KqnxSfJyqzHaxdQEqeBvnf0o08xEJd9mlLByeBMEPQ

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=npXtyW6USt8HabSu2-VYvA&google_push=AXcoOmSAJdfsIXgg0T6dOu6WeczUm2KmxVZlUp2yKAwUR9PtkMeuZItroFj8KqnxSfJyqzHaxdQEqeBvnf0o08xEJd9mlLByeBMEPQ

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 14 Dec 2023 02:16:12 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=npXtyW6USt8HabSu2-VYvA&google_push=AXcoOmSAJdfsIXgg0T6dOu6WeczUm2KmxVZlUp2yKAwUR9PtkMeuZItroFj8KqnxSfJyqzHaxdQEqeBvnf0o08xEJd9mlLByeBMEPQ
x-host: tde-deliveryengine-production-5945689648-hc9rm
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD79
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBGwYMlvDy6fvZHKGF-n0Sc&google_cver=1&google_push=AXcoOmTm49VhDTj0v_4YN2PgsIRRKQm5XH1KkN6EgT6-yHUJfZ8osaHj0Xb8atokZBJCcUaculJWBvUA...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBGwYMlvDy6fvZHKGF-n0Sc&google_cver=1&google_push=AXcoOmTm49VhDTj0v_4YN2PgsIRRKQm5XH1KkN6EgT6-yHUJfZ8osaHj0Xb8atokZBJCcUaculJ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAxNTQ3MDMzNDAyOTQ5NTQ0Nw&google_push=AXcoOmTm49VhDTj0v_4YN2PgsIRRKQm5XH1KkN6EgT6-yHUJfZ8osaHj0Xb8atokZBJCcUaculJWBv...

170 B
188 B

50ms
48ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAxNTQ3MDMzNDAyOTQ5NTQ0Nw&google_push=AXcoOmTm49VhDTj0v_4YN2PgsIRRKQm5XH1KkN6EgT6-yHUJfZ8osaHj0Xb8atokZBJCcUaculJWBvUAzcSE9EMY93zCX0E3N_Mm

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzAxNTQ3MDMzNDAyOTQ5NTQ0Nw&google_push=AXcoOmTm49VhDTj0v_4YN2PgsIRRKQm5XH1KkN6EgT6-yHUJfZ8osaHj0Xb8atokZBJCcUaculJWBvUAzcSE9EMY93zCX0E3N_Mm
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD79
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOmNE6qpdYfb7AG8u_JuAt0&google_cver=1&google_push=AXcoOmRSLmhnTSY-AfyDKWplkyggBuHtr9kPYZUz_KOQyaLayL391rAmxlcGjZJQ0J0EJUhADYN...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFE0S0pXSzEtMVMtQ0EwQg==&google_push=AXcoOmRSLmhnTSY-AfyDKWplkyggBuHtr9kPYZUz_KOQyaLayL391rAmxlcGjZJQ0J0EJUhADYNZZlNsTMOKzIy6nQoMFQ1Nsv9cuA

170 B
188 B

59ms
58ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFE0S0pXSzEtMVMtQ0EwQg==&google_push=AXcoOmRSLmhnTSY-AfyDKWplkyggBuHtr9kPYZUz_KOQyaLayL391rAmxlcGjZJQ0J0EJUhADYNZZlNsTMOKzIy6nQoMFQ1Nsv9cuA

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFE0S0pXSzEtMVMtQ0EwQg==&google_push=AXcoOmRSLmhnTSY-AfyDKWplkyggBuHtr9kPYZUz_KOQyaLayL391rAmxlcGjZJQ0J0EJUhADYNZZlNsTMOKzIy6nQoMFQ1Nsv9cuA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD79
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBOBlJUL12x0v47dhNcKUnA&google_cver=1&google_push=AXcoOmRV9BIKrdTZ5DM0Ki-kSVhJxZHybFkcWz-ojGsjNaJVPqC2oIx-6bc8XqwHwShCBUsdO0GH4jcgKs1vunk_j6MeSAyh_R...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRV9BIKrdTZ5DM0Ki-kSVhJxZHybFkcWz-ojGsjNaJVPqC2oIx-6bc8XqwHwShCBUsdO0GH4jcgKs1vunk_j6MeSAyh_Ri...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzMwNTg2MjQ5NDk3MjQ1MzYxMDQ0&google_push=AXcoOmRV9BIKrdTZ5DM0Ki-kSVhJxZHybFkcWz-ojGsjNaJVPqC2oIx-6bc8XqwH...

170 B
188 B

51ms
49ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzMwNTg2MjQ5NDk3MjQ1MzYxMDQ0&google_push=AXcoOmRV9BIKrdTZ5DM0Ki-kSVhJxZHybFkcWz-ojGsjNaJVPqC2oIx-6bc8XqwHwShCBUsdO0GH4jcgKs1vunk_j6MeSAyh_RiZtQ

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NzMwNTg2MjQ5NDk3MjQ1MzYxMDQ0&google_push=AXcoOmRV9BIKrdTZ5DM0Ki-kSVhJxZHybFkcWz-ojGsjNaJVPqC2oIx-6bc8XqwHwShCBUsdO0GH4jcgKs1vunk_j6MeSAyh_RiZtQ
date: Thu, 14 Dec 2023 02:16:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BD79
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEE4sYIvnzkqkr8_5dUX3xps&google_cver=1&google_push=AXcoOmROt45osqu_m...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjI4OTY0NTkxNzk2Mzc3MDg0NQ%3D%3D&google_gid=CAESEE4sYIvnzkqkr8_5dUX3xps&google_cver=1&google_push=AXcoOmROt45osqu_m1h7s56yPUQjzXw3v_...

170 B
188 B

59ms
56ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjI4OTY0NTkxNzk2Mzc3MDg0NQ%3D%3D&google_gid=CAESEE4sYIvnzkqkr8_5dUX3xps&google_cver=1&google_push=AXcoOmROt45osqu_m1h7s56yPUQjzXw3v_GJfmRaxMik8WDHZitfVXjnqU_dN-0_GvZEMAkVxISFgzF-Eu2zQ5voBXjjhGr0r6bvuGc

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
an-x-request-uuid: dba7464f-4e47-4a21-8c73-8feab2d8a2ed
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjI4OTY0NTkxNzk2Mzc3MDg0NQ%3D%3D&google_gid=CAESEE4sYIvnzkqkr8_5dUX3xps&google_cver=1&google_push=AXcoOmROt45osqu_m1h7s56yPUQjzXw3v_GJfmRaxMik8WDHZitfVXjnqU_dN-0_GvZEMAkVxISFgzF-Eu2zQ5voBXjjhGr0r6bvuGc
x-proxy-origin: 80.255.7.109; 80.255.7.109; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame BD79 43 B
146 B 319ms
40ms Image
image/gif 54.93.159.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEKbn7vZNZV0ElIFvzatcA70&google_cver=1&google_push=AXcoOmQ9r3ebX-pREnEUcGlY2TFkwpgsLh9RXHL5dKZ53Y04HbJvfvvd6ccPs611_Yeck12X2vObLsZxPG-odDKJKSmmYSbUwwbSdcE
Requested by: Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.159.119 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-159-119.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BD79 0
12 B 71ms
62ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDthrVD6efzRc2NxqM_sixw9VYIDqiOPUoUn2-LO1c0RfRFc7BTcMMRoffafBjGMbWOL6eNUw

Requested by

Host: 6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
URL: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 8D17 0
0 95ms
76ms Fetch
image/gif 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssjEIkq2_2Tj-u_DXKiIirbDXhpucGD95KTIgV9KzwgimY16M7vACb6LT9rOJAfzHJsJE37_ehwZQD0IjZf5lIbVXJ-R5zEgbIeMPHHs3MPZ5LFyIKJobyS2HfkUVSlQAwMHL9al3BZIolHBAdbZ6lLlB-DVOriatA7BcbQypUv86qm1tNMG0w9sFyCDUgYjCDRXGwXiyl8zpxWLgtC7k2KTfa0GDblQNQMTGtBf6cyiBhdpIRJd4HaF6vPlhu5_eCCfd7Em2O38yU4PfoAkzmBgFbPalbU6X0_HP0fdo25KAsQ6_Y1F0ycP_cvNDD8ADs40HmKpuZMeYyarcpPDSMBmpT998b7uMOShsmcgcYSXIvn0H6A4Y_WtYtNssb0O2bwONU2atTNVGQXX1gJWpnq5HxbPWS2-hun5rvfqe9Ee4SQo3AcbA3P-lR7Bb586Xz7CzbJV-6EKXnHfvTbCyYwF-Qow93uswbP438Zad6mIC2ROy-A0Dnhoh2Ba25-nMrn5_I8rZh9Jx8tBOuBVcjaVjzdfnI2OiJjh124rrK70AFzl7uWTORC7Rm2CGJ3XvFZqyZfE_Vp6N39Z7jZJNQSj3wVY1eguXiv9kiit245sYKEv30LeGppSEqI1sLpqvsg69nNWJlihCHPj7rMD_1jVjVENp-wWQzivW7sN5VjI4jm8nEIelx3xrrg8yzOEXhVxqPBHEA-imP7Ujer6TwasNB3eNsQlug6HaaIKUcv6YPXppsU5uLy7m2ua8tooSRh4XwC0aSBsyorPCzJnfzWU-Ios9FWRD3B4nmnmtAYORnPjJ-To2seil6vB-W2FceHzKNQNKO3zkpnlDpM2Iil5RsJkbGVPOns8i0wM5n_ceq_r5Iz3asNwh9WjKufO6GFzxeS5YiRiMYem9d7SJ9VeVzRX6lHcG2TWPzlUMUjjtsEbP1fgN6nXnHvzalgUn0hgMFnxH6H47jsC9ykDad0MipUrxVeBPCBQbotSbxZ_kz4lfAFmKEV1b89QR4wAvGLdX-PRHycpGJfpRMZeZZaeR25saEOFmZ6twdMOVM46yZso5hm8kHP0ax6rWBXgm-3r_0pFE26uZO-dLQQMGPYVrQWNtLNUpkHwwOGdcXhXKVc5d_Wb3nF3ppf8JIQfTVXnKPgcvJnHs3D8ZSg2rkzzoZ4-nbUM6plTISv4AR8qIY2M-1IK6HkVMi9-iy3pB5oxtf1XNOEf92H-AcywWVF_IjXRheqqZaFL8SimvQZ5BgM3faA7ijwo5pe98xibW3HFuVhZpLDqzRa2NI9R5uWz-UIbOOmQjH9OzL1YHYZHnpqMnNZn1v4EBSjaX7Beut8BU_NoIkXAIeEZITpl8gV_h33oep7aQbRlFpIyk2aJGAu-DJJBVBHavIkXODqoVCWlEALvvycfcHqwNctyYpIdhdUcKbeK2HkpiCx9FWftkKVOK14fd44RICc2blq5b309T_lpTQPxIBw8NfJ26vwk0X7hJmq&sai=AMfl-YTyy-76Ccj_ULRstiwKebMVmJtakx3P0kyKZvCRcRxHlIriOx3kJRXZEaWrldBgW8nN8HwDawSJqhJuM1GqVJsgJ_v_GsVUdp2RIc-UryrOw2OLOgbYkfy7ZOtPjYYBHBwm7JhHi6kyZoakBYjMOG5-AbsqTBcpkts6eZxmboOSJf3j20G-4A13dEZFK9lF3ns2YUI23tZYbYy7oxMdiZ9BSfWjr7QMyzrfxoKHsWwX-rO4jddd8oVBvhcA9phWjmrVpiwqX__JG2OkC1Qj-odtsFumiXoUZ4yJrT7XIFzbzpnwyhxGQPwpE-X5YeNW1GOJiPrTEiXsk78bx4ZNXv_CYj0Cv4k2jsxwJXu0u_vSs2haEO9bkLK-TuVCr5GO-m2oPiiHwrV9mm8bwUekT4cA2DRhGux_aeCO1HdB&sig=Cg0ArKJSzOaxXnRclBgeEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9xb250by5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=362&vt=11&dtpt=358&dett=2&cstd=0&cisv=r20231207.62692&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 5832 38 KB
13 KB 56ms
39ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 131216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:16 GMT
expires: Wed, 11 Dec 2024 13:49:16 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9194 38 KB
13 KB 43ms
39ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 131216
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 13:49:16 GMT
expires: Wed, 11 Dec 2024 13:49:16 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3FAC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47c015780b6afbbe63d51f458b13e8cefeb1d225bdb239a535d02233db8bcabf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/12526237615489777227/ Frame E3B9 126 KB
34 KB 49ms
48ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd439dee780e622d5406c1d638c455c67796f5ebe6443f0783358981f3f0310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 02:16:12 GMT
expires: Fri, 13 Dec 2024 02:16:12 GMT
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 3FAC 0
0 85ms
84ms Fetch
image/gif 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss7kD8dr8ZDqz-3104hDPrcHPFn27RoqiLxMWGLI_9CISW9zAbKzAIXwuTCm_adcwjztGltQ0ncR93hTfVrtDOQtTEdSjeiEGCUoYGYUtdkF-7dWuvI3_jEA9QdbmD5xCd83ztM4nt5unmVNTvHIPpTzvN5ROKK1ZoiGyv8P3Vd01_cVHIN_OQdB0V2RB4blOnoEOpv2spUzkkL-71dR5nDRQ5f0DdSgIP4SomOPOq9UQPdoCF5uJanyf8ujIcaHyKn97r8d1Mj50I5s3teRxyKAe2_J3siEZAPZ7yk0sjEnbNwa1E0dCAfyut1x1JAJAYtG62rcrr6qmcfynm7Tnw1W8KrEgSCHKhGtJyXB2cjWDRvT4v31fvuc2n7FMDsbO1BRvqcWuec6u3dUuVCqGX56X0G7Vv57y3Mg4eGPgmxQsARZIRJFFV7T4VCopJnRYUhUd7hc5wozCyNgdb4CS0wfFOc2Lf_qdUdaW0m7UCwZVbFXSZKrPavAKHIngdNLhAI-Cqq1HBz1VphzvalWQLIAKCC9g9ygZqq1nIPUlMZ675jxSDtoaWULIund7G6LxTplPmUfIQHqUDxhHi2fwYwnr6D_-oVv_ZPs0VT_3rcXbWIPQACIt3wGjosTfAlvjCz67_NfB3pk8QACSuK5WMFPRR1bGd6125GV9DfMACLMrz4nbIcUZ2ZxCSLVycsf2uKt_DgrKz12C4B-9IeVq6IXQ_bwpucLHyCOSun9zohOvQ-mIfiYZQdY5FecP6r0UuoEJLGlHYCf9sxn_6E98HIG_d35QArgPmG-RVFL9w0G2f1BYNPFCuPGW9Ltua_JP_5FEP32k76ntem97SMd3lmWQZeE2ulFGSUthsZplO5glbVtO_8ms-c4c0TKzqdDg9ABITXnTxnUPC93t7WU5Ya5tXu1i0rvRQvLPiKzckvxhbUbS1etMqq5q210wBsbE9IJKZN9vsNH38B-IYemswgbPq8dGLBHXSo35RRjoiBn5fMTeieP_U4y1Bz48xW2qd5CIzIQc-qb27Dnd0mGlwZbPluH27hjSZ89JLbFtBqv1LCJFDD8ohaL03Qm1Ljky_uttbTD-0babS1ZcZ3BwUkz8Ivpgwe1-Wv6YDIMQivCvkA2HrnB6Ot1nPlSwsNuolkbgQjxigwUkiF2Lss433zLynRXp8YrFX92ZlvhR40e2T3fBOZlBeiFWpm5Wm0Ynzhu1d-sviNOtk2c_QhXnmvlBCHo_kbfVN_6oQad7j8XxZpZK4TFTRZyxcr6tsBKckLcW1wXUlKx73BBxpMafSQ5gBXk6W3FXaSbwNYFHY2lJN1oeo5rFJpRzNFqTXrGOh0EfZonIy-sXXBWq0TVk-sldVYIA_WUiipuIa_gNToZBSYBhol3fezVWqKj4zq6fsGeK2MTNH1jGzceC6hgHSz6yCPatLe1UzATu2hfYsMyhd9NJJ2txi9LPne4xVPFLgNF5XzwCpucdGeiQbgz36UhA6k0NY-wkz8gRrCbQs_VLTZER26Bhg60tutdHzw&sai=AMfl-YQD3HpM7en-lIvlmJzae9ntVmbr5wqqgDThc8RgLoS29xQ6Ktp743fdXq1AHqJ65_ts5vMKPmyYtWJiY1GCBvBltS7Bk1RlLLEkuD99WbH0S7aSBYGw8UHQLGPjztL9FFJogvzQ-TGDSovX7_DKZHyFAu4nYHM4EtvWbd-05JCq8xRWCO7BEJ2JyjPKOjntvC1wnu2obQdBXIWKhJ-VtsQf2v0E0w71_pQ0TtfzzfbLpf5t4K5pv7j2fD5DmdRiV9gT6ZcT2udq11kVbEOeyyIU_3o1ae6B4J_Txi2Wc8oD17D05yhFXTmIm18qh4qan15KAwgu4a1koTFuJqxnSntXskDCbPP2XntK8zyrGNlvsNc7l3G81uZqXISmx5Kcb0cCxe3KrfgDnM88qWsVX3o-O_iSLdpGjGHm8Te8&sig=Cg0ArKJSzGfrHVcRsZ-6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nZW5lc2lzLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=334&cbvp=1&cstd=323&cisv=r20231207.52388&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 14 Dec 2023 02:16:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5832 39 KB
15 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 17:17:29 GMT

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 9194 39 KB
15 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 17:17:29 GMT

POST
H2 200 /
www.gjsentinel.com/tncms/tracking/business/block/ 0
149 B 118ms
118ms Ping
application/octet-stream 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gjsentinel.com/tncms/tracking/business/block/?i=f31b0884-8e38-5bb9-a075-22f8ea642859,
Requested by: Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
real-hostname: gjsentinel.com
cache-control: s-maxage=0, private, no-cache
x-vcache: MISS
age: 0
content-length: 0
content-type: application/octet-stream

GET
H2 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E3B9 118 KB
40 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 21:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15684
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Dec 2023 21:54:48 GMT

GET
H3 200 GenesisSansText-Regular.woff2
s0.2mdn.net/sadbundle/12526237615489777227/ Frame E3B9 37 KB
37 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/GenesisSansText-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 21:52:53 GMT
x-content-type-options: nosniff
age: 188599
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38296
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 21:52:53 GMT

GET
H3 200 GenesisSansHead-Light.woff2
s0.2mdn.net/sadbundle/12526237615489777227/ Frame E3B9 23 KB
23 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/GenesisSansHead-Light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 15:18:10 GMT
x-content-type-options: nosniff
age: 212282
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23900
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 10 Dec 2024 15:18:10 GMT

GET
H3 200 GenesisSansHead-Regular.woff2
s0.2mdn.net/sadbundle/12526237615489777227/ Frame E3B9 23 KB
23 KB 58ms
57ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/GenesisSansHead-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:59:34 GMT
x-content-type-options: nosniff
age: 148598
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23636
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 11 Dec 2024 08:59:34 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E3B9 8 KB
6 KB 163ms
83ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aee284f24598d794156164fc49c066480270379e4e75e9ff3520c522d5b65939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5815
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 3FAC 0
0 79ms
78ms Fetch
image/gif 142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjss7kD8dr8ZDqz-3104hDPrcHPFn27RoqiLxMWGLI_9CISW9zAbKzAIXwuTCm_adcwjztGltQ0ncR93hTfVrtDOQtTEdSjeiEGCUoYGYUtdkF-7dWuvI3_jEA9QdbmD5xCd83ztM4nt5unmVNTvHIPpTzvN5ROKK1ZoiGyv8P3Vd01_cVHIN_OQdB0V2RB4blOnoEOpv2spUzkkL-71dR5nDRQ5f0DdSgIP4SomOPOq9UQPdoCF5uJanyf8ujIcaHyKn97r8d1Mj50I5s3teRxyKAe2_J3siEZAPZ7yk0sjEnbNwa1E0dCAfyut1x1JAJAYtG62rcrr6qmcfynm7Tnw1W8KrEgSCHKhGtJyXB2cjWDRvT4v31fvuc2n7FMDsbO1BRvqcWuec6u3dUuVCqGX56X0G7Vv57y3Mg4eGPgmxQsARZIRJFFV7T4VCopJnRYUhUd7hc5wozCyNgdb4CS0wfFOc2Lf_qdUdaW0m7UCwZVbFXSZKrPavAKHIngdNLhAI-Cqq1HBz1VphzvalWQLIAKCC9g9ygZqq1nIPUlMZ675jxSDtoaWULIund7G6LxTplPmUfIQHqUDxhHi2fwYwnr6D_-oVv_ZPs0VT_3rcXbWIPQACIt3wGjosTfAlvjCz67_NfB3pk8QACSuK5WMFPRR1bGd6125GV9DfMACLMrz4nbIcUZ2ZxCSLVycsf2uKt_DgrKz12C4B-9IeVq6IXQ_bwpucLHyCOSun9zohOvQ-mIfiYZQdY5FecP6r0UuoEJLGlHYCf9sxn_6E98HIG_d35QArgPmG-RVFL9w0G2f1BYNPFCuPGW9Ltua_JP_5FEP32k76ntem97SMd3lmWQZeE2ulFGSUthsZplO5glbVtO_8ms-c4c0TKzqdDg9ABITXnTxnUPC93t7WU5Ya5tXu1i0rvRQvLPiKzckvxhbUbS1etMqq5q210wBsbE9IJKZN9vsNH38B-IYemswgbPq8dGLBHXSo35RRjoiBn5fMTeieP_U4y1Bz48xW2qd5CIzIQc-qb27Dnd0mGlwZbPluH27hjSZ89JLbFtBqv1LCJFDD8ohaL03Qm1Ljky_uttbTD-0babS1ZcZ3BwUkz8Ivpgwe1-Wv6YDIMQivCvkA2HrnB6Ot1nPlSwsNuolkbgQjxigwUkiF2Lss433zLynRXp8YrFX92ZlvhR40e2T3fBOZlBeiFWpm5Wm0Ynzhu1d-sviNOtk2c_QhXnmvlBCHo_kbfVN_6oQad7j8XxZpZK4TFTRZyxcr6tsBKckLcW1wXUlKx73BBxpMafSQ5gBXk6W3FXaSbwNYFHY2lJN1oeo5rFJpRzNFqTXrGOh0EfZonIy-sXXBWq0TVk-sldVYIA_WUiipuIa_gNToZBSYBhol3fezVWqKj4zq6fsGeK2MTNH1jGzceC6hgHSz6yCPatLe1UzATu2hfYsMyhd9NJJ2txi9LPne4xVPFLgNF5XzwCpucdGeiQbgz36UhA6k0NY-wkz8gRrCbQs_VLTZER26Bhg60tutdHzw&sai=AMfl-YQD3HpM7en-lIvlmJzae9ntVmbr5wqqgDThc8RgLoS29xQ6Ktp743fdXq1AHqJ65_ts5vMKPmyYtWJiY1GCBvBltS7Bk1RlLLEkuD99WbH0S7aSBYGw8UHQLGPjztL9FFJogvzQ-TGDSovX7_DKZHyFAu4nYHM4EtvWbd-05JCq8xRWCO7BEJ2JyjPKOjntvC1wnu2obQdBXIWKhJ-VtsQf2v0E0w71_pQ0TtfzzfbLpf5t4K5pv7j2fD5DmdRiV9gT6ZcT2udq11kVbEOeyyIU_3o1ae6B4J_Txi2Wc8oD17D05yhFXTmIm18qh4qan15KAwgu4a1koTFuJqxnSntXskDCbPP2XntK8zyrGNlvsNc7l3G81uZqXISmx5Kcb0cCxe3KrfgDnM88qWsVX3o-O_iSLdpGjGHm8Te8&sig=Cg0ArKJSzGfrHVcRsZ-6EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9nZW5lc2lzLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=626&vt=11&dtpt=292&dett=3&cstd=323&cisv=r20231207.52388&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/12526237615489777227/ Frame E3B9 8 KB
8 KB 40ms
40ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12526237615489777227/logo.png

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:41:52 GMT
x-content-type-options: nosniff
age: 452060
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8111
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 13:03:20 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 20:41:52 GMT

GET
H3 200 60015186_20230202011652528_award_logo_300x600_default.png
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame E3B9 2 KB
2 KB 40ms
40ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230202011652528_award_logo_300x600_default.png

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66dfd53134d5f32c3f4b280c7e7c7aa4e64600ea3ed8d2e15d4ae3b5ac1e93af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 15:18:12 GMT
x-content-type-options: nosniff
age: 39480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2476
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 09:16:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Dec 2023 15:18:12 GMT

GET
DATA 200
OK truncated
/ Frame E3B9 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 60015186_20230713054309302_300x600_eGV70_image4.jpg
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame E3B9 377 KB
377 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230713054309302_300x600_eGV70_image4.jpg

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b47aea03ab095b6ed724fa618bab70114990ebd77725eb481e9791b288f8957b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12526237615489777227/index.html?e=69&leftOffset=0&topOffset=0&c=yKSlgFOTwZ&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 15:18:17 GMT
x-content-type-options: nosniff
age: 39475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 386415
x-xss-protection: 0
last-modified: Thu, 13 Jul 2023 12:43:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Dec 2023 15:18:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5832 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bme03a2V6ZduDG-f1x_APotqggAEAAAAAOAHgBAI&bg=!fH-lfzDNAAY3kmNgF5I7ADQBe5WfON3yLTg6rm9S7jA7y1QdARciS_-hKzOdkWy3eNVFjA7rlz2-vWU3fa5bJi9R1TrbAgAAAORSAAAABGgBBwoADRn00lp6AYq8QJcb3fKZA1EHgwAlh5BlKxenOfbyJIrBxZqsAs4ddqHFrYM5SeJlWAiIE-DsWDS9Ym8cTL6S-tf1ad4KD0stGTv344HVG-8fFpqyLcsZHQuFbVTi9wMmrQvdeMYOkJKTF16_ZvDJ0a0FT9-UKdqimZj7KbnkxdpOsnygi5mDr5c1p9cvxNC-1xszXU6kkne58xMEkJ_BaJlHrxydsjQZKBNVmYvsCLA4YvDZWeDTUGG4rm3OVkfHaR5kTA5wOSs0BkdCrt3c_YjvbnVg6DXT7Gzp9nSMSyZb1d2GEX5zQtprXeK6gljEDmbcMLT8m4aCs7y4GN_t3i9gsRNn6tgoMHDSKNVwe9XM__iQqWq8gub_0PL_gNbd2GTqU5wHoviK6_yN4H4QpCMCT3KrfbxF2-Hgf1BbjffB4H0YBzH4ah_Kx2_REadLIx4sdowCgQ4Hj1l6BgYvOSlQm4Vusy6kBEtuw_-wdri28NOcZG_UfB1ceajQEcJm9qze7Kr2uzvMLdNh_5bNgqu8G93iknh0wZ9Acvg0lBC66SYXL9VJILaUO4ddmwPXWWUzjSazKKP1VvFQ93sFwugSd4BNB0fRSWT7-n4bxKxwoCpLE3u-UlhNkk0YmdcL0MV_2TK84fINimtCP3PwYXcmluS-T7LzxCYLV2W_suJsdgpEl9FOwcNmbw_xaXVPkkr1cNXbRp4BnOgRNh3ntwu-pJ-Gg2_4lIt9rxQcOccpD5V9Qhn9Pe7B402gxonujggTGUPw7-w-xoB0apI9oDLTDjs9MRvQiBE3-gF6NvPz3SiDvHDARRbGCo5Mj3it0mNPrTbds9D7CRo48LPxEQxb9-RaWcDvSpEZX7rVgRByEe1ScjuGhaLxMBHU1qqTp7x4aVIHwbjljoF33Wqq-J-o7XTEh937bm32W91yYn_mexVlZO4WGetiygEY5qrRWwgr0Lb90owikjacimzOkAZOUMcNOZqU2Nbr4owJUVVjdEN5OwZZQWLN_ej5lnQE9Rc5WAdgYhVNSBLRKZ6c5v34hnbWrI3PKIIFhw8A8Uj8oM57gE98haOKcDZufFrPO4YOp_4e1v_IF9T7D36qW7XdLMyvAo0p-aTaWGhhWAm1Zx-JoV9i2E1OOO0hJL-SXwo

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9194 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bq0qHa2V6ZdyDG-f1x_APotqggAEAAAAAOAHgBAI&bg=!np2lndLNAAY3kmNgF5I7ADQBe5WfOKur_FWo35H9Rje5e0wroPr1q54-gpshjHFuFZCCw6zPQFbftWAoDxzZMeiIdHz3AgAAAMdSAAAABGgBB5kDLryxfWu-vPd_8TFzQ9fLOPmQG91sJXMa5gdNwqhT80kbkBXKdp0_kgb7m1RyAmCgcoAyNJtcLZboL2AlLmIlQNTrFBC0knNzP9J43pJwr3hfUGFNh7Zrh6OwgRmgD7u8ix4MKI6bVp1i7kOjyM7iRxpNntE2yo-0HXdX0zE1nMZ9XjYPULC4YpuHyK7x29cwqsDGbe_HsFyg6KBmd2i28uRgz1RbdhUlg-V2OqHI1nsTf4SWUbKi2ENOES2Jkj8g2T330MvCmr2TaXJDoa4wvVN5V727w7O4cuWH0Jz87UDldxJZtSIlOGiLsOjLImN4OdKtqovTHBEIcaPpKqUjJEBsl5c3DLpIgKrzGEDK7whAIHKBEqf9UK6VBQA9UynXa5hudQvsH7XVOE7i4Geck9Ud1oRDVPWKw3r_aLBUBsKZEjcqXzcseC4_xsx4UZXt_JLbeMmDqhXQgSaoJ8CRP_2v4S8HnA57YWy0a2nYtOe409zJYLSjx25M-fItOjGMdzYDCbCnEdL5Hc4X8hH1skug3AGtAe_1_qRqymuA4s9w1fR7IZ8k2NuYj6K9KGtD5fFFPiToIDrWe9MiXezapYKclUKvuRPzzf6scDFrRD2UnI5ArJmeN9WMqZOLPzzWCa99U-VF2dqMPICuzV2y-TGIORZULzcmYrHuSYVJ0Uo--dtO3ZZbzfxkxacgeguTvb2Qz8CbJUyhGCZO2Z92XG3XIi5LubxGli4Q7FW_CtU3QirRCtiwngnK8AozPS-YQiPIn7A5QIP-t0R9_VQq9e0z59Yt84nrnwsS2zQQUGoj6VIASXpx_oVyLryG-6AjRLd0mwr7W3TZykALXWUat1E0aIrYMgMZ1rLCEFZsu54tzOjsf-wjAFT8Wgwy_wbD0jUA_XHwoDkMXMoX32d-_Z_y14Alai_ZyWAlN0kspG9YoUGhvES5X3xn_vWtZKTLARFVDJ6nqdjjfsgGRkf5N1iJ-uZ-DFotIS_g3I6etHVjW2wGmahqETDAJgF7TjHtMHeynk6diIdAUTRfjRzycArFlxXnf5KYpAkvI6xN8Mr8jpnm88LQa033yZxk4Hg

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E3B9 17 KB
6 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 02:16:13 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B5D1 39 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 17:17:29 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 4C9C 0
60 B 177ms
55ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=va5jfn8&ref=https%3A%2F%2Fwww.gjsentinel.com%2F&upid=8iynjks&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gjsentinel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Thu, 14 Dec 2023 02:16:13 GMT
server: Kestrel

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 72FE 0
59 B 176ms
56ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.gjsentinel.com%2F&upid=vo84dfa&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gjsentinel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Thu, 14 Dec 2023 02:16:13 GMT
server: Kestrel

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 88ms
88ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a80267cc0e2386c4cb81d14aa246652ce97d3ab1ec2f479e0999b34683811c3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12218
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8D17 42 B
64 B 83ms
83ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsggygSzk3jHZnK8sMG65-12IcF6eToqS7grNW5cB8DgG4KG9ay4q_mQO_PfIPlRTrBDHfABb5dStPtce--FZ3lRK4JJKJB_SFmPk1JtyWwmf_ncpuPfcxI2A4WNpBZBlOaj_BbILOHZHzmoMh4eA2Npou&sai=AMfl-YTDn-aUTR1tNIbwfXyhShCkkofo9CeA0IKwXcknpHMfr-EiYVKLY7jT9a9dWz_FYalHACFnxN4a0NkMo1Q9-TdNK92UxlJKaV1F1HhS_vuaLeLsVWvLhCUBV7A&sig=Cg0ArKJSzN2CLYSe6ZV2EAE&cid=CAQSOwAvHhf_qhXySmOD1YWcIeQRnNlYTK1ajv5QKVT6glGb3f5Tncxc7Do2XNJKqg9X4ni7EvVs-TwfIv7rGAE&id=lidar2&mcvt=1000&p=319,315,409,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3263731806&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702520171855&rpt=627&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 02:16:13 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 474F 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gjsentinel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Dec 2023 16:53:40 GMT
expires: Thu, 12 Dec 2024 16:53:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F589 829 B
560 B 50ms
50ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bcb30ac54b99864e020abface88586879e2471bb69d13c92aea88a3047994456

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-afgaPDQQEQjAIxRfag6tDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gjsentinel.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-afgaPDQQEQjAIxRfag6tDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 02:16:13 GMT
expires: Thu, 14 Dec 2023 02:16:13 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3FAC 42 B
64 B 81ms
81ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstE6Zd_CWZ8ePZYVPqhsTQBl_LWpLPDHPndgMRN7I8-04iTeSbvjB1Ho0WGl1ok9IY-QIgD_JuJIPX1oLzPgqNr-pQ9Cb0RPvWb9E2D9zvhISoNh5qXVwFmS9N2iU2DMg3hSreYIfJPinR7omaDlvFUQTLo&sai=AMfl-YTmBUIJudPwfKAentqtANstpPonpZ7dzIOhsLEv8D9t6vXXiQLAeU_bf8R13repGLo566fWL-KKPp7hqmXGoW0T1DolLqTq_qZ7_Z84pUu6tCy2Qx3sIWVD4jA&sig=Cg0ArKJSzHmsJJqh6ND1EAE&cid=CAQSOwAvHhf_qhXySmOD1YWcIeQRnNlYTK1ajv5QKVT6glGb3f5Tncxc7Do2XNJKqg9X4ni7EvVs-TwfIv7rGAE&id=lidar2&mcvt=1004&p=612,1427,652,1468&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3815530034&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702520171909&rpt=630&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 474F 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:17:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Dec 2024 17:17:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F589 0
0 74ms
73ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=537503275503207&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 474F 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?N36l4g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sdk-runtime-config.js Show response
buy.tinypass.com/api/v3/anon/assets/ 279 B
521 B 257ms
154ms XHR
application/json 2606:4700::6812:dff8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/sdk-runtime-config.js?aid=AsmTHs1ipu

Requested by

Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:dff8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

238cbd69c9aa90429e82360a6439383739227a2bdf34e67ae72ef0ae3cf63751

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json
Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 02:16:14 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
alt-svc: h3=":443"; ma=86400
x-request-id: M2zwm5sMXQ2
wn: prod-dash-10-0-86-123
last-modified: Wed, 13 Dec 2023 16:45:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
server-time: 0.007
cache-control: public, max-age=14400
cf-ray: 8352f18f3987928d-FRA
expires: Thu, 14 Dec 2023 06:16:14 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 42ms
41ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gjsentinel.com
URL: https://www.gjsentinel.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Dec 2023 01:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3229
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 14 Dec 2023 03:22:25 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 51ms
47ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1852882027&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.gjsentinel.com%2F&ul=en-us&de=UTF-8&dt=gjsentinel.com%20%7C%20Grand%20Junction%20news%2C%20sports%2C%20entertainment%2C%20shopping%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=experienceExecute&el=Experience%20execute&_u=6GDAAUABAAQCAGAAIAB~&jid=1083991585&gjid=1952248056&cid=1625540659.1702520171&tid=UA-10781387-5&_gid=997835911.1702520171&_r=1&z=1134785793

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gjsentinel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 48ms
48ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-10781387-5&cid=1625540659.1702520171&jid=1083991585&gjid=1952248056&_gid=997835911.1702520171&_u=6GDAAUABAAQCAGAAIAB~&z=1514694620

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 14 Dec 2023 02:16:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gjsentinel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=537503275503207&bg=!Hh2lHVLNAAY3kmNgF5I7ADQBe5WfOKDXFLJqXTwDHxVnme1XcVAQCPgmohSp3CoMN7cDLdmVYprE4uawAXZERbgY0Q71AgAAAFFSAAAABGgBBwoAczJSurcMuYpo0OT4wjzGVqmYc7x-LG31R1OYOozEiXeZ0RCYkxzEhHsM0yp761ygjiRvkr5BYAoOZXzm80epqBE9tZbKY5ffW2TyrBIzIMA02lfeLqhY4EFwhrcRta-xtCNPh_B7lUtWfaoIkaUVl1XnOYWZAv_WCw70DMNGVfBzzi7OBzh-01GthAhwwtlg-14ZPqLHjBglgDaMLAG0g4ev_FI2MTlk8Bqo7hHrS-JPFmHuewtMqq0YPv2rkOnYa3OHsvcgXB5RC7ZcYTIKKIJ9fe1sOkN7994WAox1HmBo4SBRkdcPKdfwgjRKSxA7dlVPk9z06VtufKmbm1Od8gMI11NGmfGU326u6HTttc4E38gtE6uR_FEs7VuZBb9Tmda0_DjZOjzIaQbMqHoCD_-SGaSIbwaZ5CavEQOfHFAq2vSmG6Cu4FeOG_gT6pvMA0ZIT1faj-oQ0YRUskJuWz0K2q61zwj5PYHLIlHj7pnKTTDH6fOfEfHHlWH2rwkq_UA2tvNdjbDawQJjgiaIg-JtMNGlfwwJOjfclP17stxBkXBDu9IuKPAgLu9uYz1y8y1mku3vVh0xtha87oPyr4Wvor_pV-g5MgWWLIp11lsA0cZXenD92CiWJEZnz8yZyvqEHmbgcGgW729epHBOja5529dsbKNi3gTbf7Iu6j8qShSFCEnCBXDhPhSkKJACYuLQZPLL5UuWITny-SriwBSmFkL0Y3LCMrYa_RWFuP_GrHjQdrTGQMf35D8bFPSwS_DySq6xj5m86mXFyp-qiTS1GvAhfKPQFXZnxZ75oHQohbwoKU8N9KhxZZI3rhg-mT1L3G68cpdbs3gwG4n9qOSowfuuiiB-LWYzrkwCnEehChiu3V73clKNz2yTfhoiOrWgI9sqy9AY1AQzHph5_8FPYP3H_KtLU2yD3Ee4uUJRn6ij-qIgA2d4LYkWgODQQ9nCIGDz_s4GcQCuNPsQOzJQ-tCgs_kYYOO5VyEyLplKGyJVK5KTT6jmM4OxJKY2EO5HrkACesOHjGOXCJMRdlGqnOL9S4BKH1Zf1rZZUDYazjp2ZnXoN6NV3E_3rzNbMy_CSKz3yA8D-xzhknSzCqymbAdotDPJK6uMcuwg4SvVr2bfIZKUrLvXuCkewQwgW_LNCMOhaZc62Ri-AX4R90Le8YlmZw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gjsentinel.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H/1.1 200
OK 510.jpg
static.wehaacdn.com/westerncolorado-jobs/imgs/media-images/wideb/510/images/ Frame 336D 436 KB
437 KB 150ms
150ms Image
image/jpeg 74.208.21.154
IONOS-AS This is ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.wehaacdn.com/westerncolorado-jobs/imgs/media-images/wideb/510/images/510.jpg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.208.21.154 , United States, ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE),

Reverse DNS

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

1dbfa7f5c9cabfac013e2d37ef2f460120db45338ec4eb25d226ef2025a9e974

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://westerncolorado.jobs/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 02:16:15 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 09 Dec 2023 11:12:03 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Content-Disposition: inline; filename="510.jpg"
Connection: keep-alive
Expires: Sat, 16 Dec 2023 11:12:03 GMT

OPTIONS
H2 204 trackings
analytics-prd.aws.wehaa.net/api/v1/ Frame 0
0 117ms
117ms Preflight 44.205.189.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.205.189.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-189-117.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-cat,x-tenant
Access-Control-Request-Method: POST
Origin: https://westerncolorado.jobs
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-cat,x-tenant
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
date: Thu, 14 Dec 2023 02:16:15 GMT
vary: Origin, Access-Control-Request-Headers

POST
H2 200 trackings Show response
analytics-prd.aws.wehaa.net/api/v1/ Frame 336D 409 B
525 B 126ms
126ms XHR
application/json 44.205.189.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics-prd.aws.wehaa.net/api/v1/trackings
Requested by: Host: westerncolorado.jobs
URL: https://westerncolorado.jobs/places/widget/widget:1/type:300x600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.205.189.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-189-117.compute-1.amazonaws.com
Software: /
Resource Hash: 2ff94d40954cd7ebf7a24a4ffdfe043d4c624f5212c954f71c8bb9f7556a3892

Request headers

Referer: https://westerncolorado.jobs/
accept-language: de-DE,de;q=0.9
X-Cat: firstpage
X-Tenant: westerncolorado.jobs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 14 Dec 2023 02:16:15 GMT
content-length: 409
vary: Origin
content-type: application/json; charset=utf-8

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-12M2XZC8V4&gtm=45je3bt0v873737409z8857454493&_p=1702520169809&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1625540659.1702520171&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&sid=1702520171&sct=1&seg=1&dl=https%3A%2F%2Fwww.gjsentinel.com%2F&dt=gjsentinel.com%20%7C%20Grand%20Junction%20news%2C%20sports%2C%20entertainment%2C%20shopping%20and%20more.&_s=2&tfd=8327
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-12M2XZC8V4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gjsentinel.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 02:16:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gjsentinel.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 6539528075e8d.image.jpg
bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/4/2c/42cafa6e-735d-11ee-a543-a3e0586f6c9a/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/gjsentinel.com/content/tncms/assets/v3/editorial/4/2c/42cafa6e-735d-11ee-a543-a3e0586f6c9a/6539528075e8d.image.jpg?resize=750%2C499

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.simpli.fi/	1970-01-21 01:42:22	Name: suid Value: E0ED15E1695B4C9D9B33F6D484F10872
.gjsentinel.com/	1970-01-21 02:24:08	Name: _pctx Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIGYA2ABgA4BATkEcALIICMEjjwBMXAKwcQAXyA
.gjsentinel.com/	1970-01-21 02:24:08	Name: _pcid Value: %7B%22browserId%22%3A%22lq4kjv3bfeshtnxx%22%7D
.gjsentinel.com/	1970-01-21 02:24:08	Name: _pcus Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
.gjsentinel.com/	1970-01-20 16:56:46	Name: _gid Value: GA1.2.997835911.1702520171
.gjsentinel.com/	1970-01-20 16:55:20	Name: _gat_UA-10781387-5 Value: 1
.piano.io/	1970-01-20 16:55:21	Name: __cf_bm Value: C2whFYSFtxQqVShDIlyL7tt108K0XtHTLSKn0vUsUis-1702520170-1-AZoPMKXiDGVtsAIj8ij2kszXkSNdmVhzYRlsJ1T8gQVvUEitrZSK+EHB5wx2VXfzat9sWyF0qxQTj7giSg1KQXs=
.gjsentinel.com/	1970-01-20 16:55:21	Name: _sp_ses.ff69 Value: *
.gjsentinel.com/	1970-01-21 02:31:20	Name: _sp_id.ff69 Value: 28e7bd6e-6ff7-4a5c-b5bb-ead252e47d1c.1702520171.1.1702520171..e6d6895a-1337-4af8-a039-b77b16c3f5f5....0
.gjsentinel.com/	1970-01-21 02:31:20	Name: __tbc Value: %7Bkpex%7DkHfY2QCs-mv6q1Zpupi2ETijgk6U6caqkkl60u6vPa0yRTSD2MMqLCuX2Q-xOYYu
.gjsentinel.com/	1970-01-20 17:38:32	Name: __pat Value: -25200000
.gjsentinel.com/	1970-01-20 16:56:46	Name: __pvi Value: eyJpZCI6InYtbHE0a2p2M28yd240MjNhaCIsImRvbWFpbiI6Ii5nanNlbnRpbmVsLmNvbSIsInRpbWUiOjE3MDI1MjAxNzA4Mzd9
.gjsentinel.com/	1970-01-21 02:31:20	Name: xbc Value: %7Bkpex%7Dr9v39ZfTKDDAi-iwO4ST5QW5luLbV8gJMxbmZ_dqHl3HDeFG05EmuTFKGOEAEHRw
.simpli.fi/	1970-01-20 17:05:24	Name: uid_syncd_secure Value: true
.gjsentinel.com/	1970-01-21 02:24:08	Name: cX_P Value: lq4kjv3bfeshtnxx
.gjsentinel.com/	1970-01-21 02:31:20	Name: _ga_4T2EB147B8 Value: GS1.1.1702520171.1.0.1702520171.60.0.0
www.gjsentinel.com/	1970-01-20 17:38:32	Name: _pbjs_userid_consent_data Value: 3524755945110770
.gjsentinel.com/	1970-01-21 02:31:20	Name: _ga_6QG1NXGVPL Value: GS1.1.1702520171.1.0.1702520171.0.0.0
.doubleclick.net/	1970-01-21 02:16:56	Name: IDE Value: AHWqTUmgvG4d9mn6_sxsPIiqRWcIoppfKbCNTp4iw4s8AE2pZX16wtyqy_Vp3TmzuLI
.1rx.io/	1970-01-21 01:40:56	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e3ed3fdd-7c1d-41e6-93d1-8b4c4f5609aa-003%22%7D
.tapad.com/	1970-01-20 18:21:44	Name: TapAd_TS Value: 1702520171388
.tapad.com/	1970-01-20 18:21:44	Name: TapAd_DID Value: 3b15ab0b-aa12-4623-ad7c-9c403cc6802a
.gjsentinel.com/	1970-01-20 16:55:23	Name: AMP_TOKEN Value: %24NOT_FOUND
.gjsentinel.com/	1970-01-20 16:55:20	Name: _dc_gtm_UA-54716522-7 Value: 1
.adnxs.com/	1970-01-20 19:04:56	Name: uuid2 Value: 2289645917963770845
.pro-market.net/	1970-01-20 21:14:32	Name: anProfile Value: "-13ta2cnx79i55+1+1f=1+1g=1+1j=41+rs=s+rt=2A0104A0133800920000000000000006+s2=(s5mwyz)+vm=24-E0ED15E1695B4C9D9B33F6D484F10872"
.pro-market.net/	1970-01-20 17:38:32	Name: anHistory Value: "-13ta2cnx79i55+2+!#7%/%u!d=i"
.agkn.com/	1970-01-21 01:40:56	Name: ab Value: 0001%3AyQrMunpkWCngTFcxaZgrnpB5OCyH8gXZ
.tapad.com/	1970-01-20 18:21:44	Name: TapAd_3WAY_SYNCS Value:
.exelator.com/	1970-01-20 19:48:08	Name: EE Value: "b6de642b82c67b776064b9859c00f2b4"
.exelator.com/	1970-01-20 19:48:08	Name: ud Value: "eJxrXxzq6XKLQSHJLCXVzMQoycIo2cw8ydzczMDMJMnSwtQy2cAgzSjJZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6IhfXxUUpaQyLSopPBR8z5gMAhtEpQg%253D%253D"
.bluekai.com/	1970-01-20 21:18:51	Name: bku Value: blx99s+kKZDEJ/x7
.bluekai.com/	1970-01-20 21:18:51	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDDyHDxhBDDhBMANxMHemDx8xM1pHMjWBeQ6HMWymez09y93kyri
.targeting.unrulymedia.com/	1970-01-21 01:40:56	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-e3ed3fdd-7c1d-41e6-93d1-8b4c4f5609aa-003%22%7D
.gjsentinel.com/	1970-01-21 02:31:20	Name: _ga_12M2XZC8V4 Value: GS1.1.1702520171.1.1.1702520171.0.0.0
.gjsentinel.com/	1970-01-21 01:40:56	Name: ajs_anonymous_id Value: 0f94dd4f-8f92-4fe9-bf00-32b92d6270ce
.agkn.com/	1970-01-21 01:40:56	Name: u Value: C\|0AAAAAAAALQ0h6wAAAAAA
.bfmio.com/	1970-01-21 01:40:56	Name: __141_cid Value: E0ED15E1695B4C9D9B33F6D484F10872
.bfmio.com/	1970-01-21 01:40:56	Name: __io_cid Value: 0f19444af66b399da43f09d9145c467468dd3f43
.gjsentinel.com/	1970-01-21 02:16:56	Name: __gads Value: ID=4fdcc682534edf19:T=1702520171:RT=1702520171:S=ALNI_Mb3gX66zotSReeg7VtgF9b9MWcmWA
.gjsentinel.com/	1970-01-21 02:16:56	Name: __gpi Value: UID=00000d19edeae734:T=1702520171:RT=1702520171:S=ALNI_MbH-HUulj2tsJGbxsWSacNhdVQviw
.cxense.com/	1970-01-21 01:40:56	Name: gckp Value: 24efkv32wjjqc27776cgnjmsj1
.gjsentinel.com/	1970-01-21 02:24:08	Name: cX_G Value: cx%3A1gdhrt1gdh2b92spoehqudtmhv%3Amol9tdmwn2fu
pixel.rubiconproject.com/	1970-01-20 19:04:56	Name: receive-cookie-deprecation Value: 1
.3lift.com/	1970-01-20 19:04:56	Name: tluid Value: 730586249497245361044
.adform.net/	1970-01-20 17:39:58	Name: C Value: 1
.adnxs.com/	1970-01-20 19:04:56	Name: anj Value: dTM7k!M40<EVNsVF']wIg2E>>qO1At!]tb$8i_jC:lq+Z*:3[VN_Jc([R5daZ8b_<_deWZTLmFcVB_tYQ7>5nOy6BbqZkL@_YqnUFqX^TT_%Z.K):x>K7h/>uWqE1JBdDn5V.a#<bt1t<thi%KUYjccd#A^e+.<Q!.(BH96%zh
.ctnsnet.com/	1970-01-21 01:40:56	Name: gid_CAESEIJ5upBJznG2pMueik_UEB8 Value: 1
.ctnsnet.com/	1970-01-21 01:40:56	Name: cid_18531f3178d24ece8ddbba2fc1d78402 Value: 1
.casalemedia.com/	1970-01-20 19:04:56	Name: CMPS Value: 2197
.travelaudience.com/	1970-01-21 02:27:00	Name: _tracker Value: %7B%22UUID%22%3A%229E95EDC9-6E94-4ADF-0769-B4AEDBE558BC%22%7D
.lijit.com/	1970-01-21 01:40:56	Name: ljt_reader Value: H0TosGZHju-wM0aDSsKb7Rva
.w55c.net/	1970-01-21 02:27:00	Name: wfivefivec Value: 29N56sZ51RdBgM5
.adform.net/	1970-01-20 18:21:44	Name: uid Value: 2148994107193081542
.casalemedia.com/	1970-01-21 01:40:56	Name: CMID Value: ZXplbChaQ76.GSolPg8R6gAA
.casalemedia.com/	1970-01-20 19:04:56	Name: CMPRO Value: 2197
.w55c.net/	1970-01-20 17:38:32	Name: matchgoogle Value: 5
.gjsentinel.com/	1970-01-21 02:31:20	Name: _ga Value: GA1.2.1625540659.1702520171
.gjsentinel.com/	1970-01-20 16:55:20	Name: _gat_pianoTracker Value: 1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=E0ED15E1695B4C9D9B33F6D484F10872 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=E0ED15E1695B4C9D9B33F6D484F10872 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=E0ED15E1695B4C9D9B33F6D484F10872 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/400646.gif?partner_uid=-5240297278840291097 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6010af5c0cad7b6b2cdee53ef9ecf68b.safeframe.googlesyndication.com
aa.agkn.com
aax.amazon-adsystem.com
ad.doubleclick.net
ads.pubmatic.com
ads.travelaudience.com
ampcid.google.com
ampcid.google.de
analytics-prd.aws.wehaa.net
ap.lijit.com
api.livechatinc.com
api.segment.io
assets.revcontent.com
bcp.crwdcntrl.net
bloximages.newyork1.vip.townnews.com
buy.tinypass.com
c.amazon-adsystem.com
c1.adform.net
c2.piano.io
cdn.cxense.com
cdn.livechatinc.com
cdn.prod.mktg.evvnt.com
cdn.segment.com
cdn.tinypass.com
ce.lijit.com
cm.g.doubleclick.net
comcluster.cxense.com
config.aps.amazon-adsystem.com
d.agkn.com
d1wcopahj6rhb7.cloudfront.net
discoverevvnt.com
discovery.evvnt.com
dsum-sec.casalemedia.com
eb2.3lift.com
experience.tinypass.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
gjsentinel.com
googleads.g.doubleclick.net
grandjunctiondailysentinel-co.newsmemory.com
i.simpli.fi
ib.adnxs.com
id.cxense.com
idsync.rlcdn.com
images.revcontent.com
img.revcontent.com
insight.adsrvr.org
js.adsrvr.org
loadm.exelator.com
match.360yield.com
media.revcontent.com
p1cluster.cxense.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
region1.analytics.google.com
region1.google-analytics.com
s.ad.smaato.net
s0.2mdn.net
s3.amazonaws.com
secure.adnxs.com
secure.geotix.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.wehaacdn.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
sync.teads.tv
tag.simpli.fi
tpc.googlesyndication.com
trends.revcontent.com
um.simpli.fi
us-u.openx.net
westerncolorado.jobs
www.gjsentinel.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.revcontent.com
yeet.revcontent.com
bloximages.newyork1.vip.townnews.com
104.16.132.24
104.18.36.155
108.138.15.119
13.32.121.28
142.250.185.162
142.250.185.166
146.190.197.191
15.197.193.217
167.235.124.59
172.64.151.101
18.198.126.47
18.239.64.29
18.239.69.131
18.245.60.124
18.245.60.44
18.66.122.62
18.66.97.40
18.66.97.98
192.104.183.109
2.17.22.169
2.18.97.171
2.19.245.101
2001:4860:4802:32::36
2001:4860:4802:34::178
2001:4860:4802:34::36
216.52.2.30
216.52.2.86
23.15.178.153
23.211.9.91
2600:1901:0:8eee::
2600:1f18:612b:4264:4b11:4b0e:f335:7576
2600:9000:2057:7000:b:7fc4:98c0:21
2600:9000:206f:4200:18:a82e:7180:93a1
2600:9000:211e:1200:1b:5138:8a40:93a1
2600:9000:2156:4a00:3:1a27:3000:93a1
2600:9000:223c:5a00:8:4487:bd00:93a1
2606:4700::6811:c276
2606:4700::6812:dff8
2606:4700::6812:eff8
2a00:1450:4001:800::2004
2a00:1450:4001:803::2001
2a00:1450:4001:806::2003
2a00:1450:4001:808::2008
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9a
2a02:26f0:480:b94::268b
2a06:98c1:3120::3
3.120.54.195
34.111.113.62
34.223.74.168
34.248.55.250
35.186.193.173
35.190.0.66
35.204.158.49
35.204.89.238
35.244.159.8
35.244.174.68
37.157.6.254
37.252.171.53
44.205.189.117
46.228.174.117
52.214.242.160
52.216.113.213
52.28.254.225
52.55.140.111
54.93.159.119
62.151.178.57
63.32.253.3
69.173.144.165
74.208.21.154
76.223.111.18
99.81.179.193
99.86.4.105
99.86.4.71
99.86.8.175
02600a23c6f383880f5706af53e035423140c8b23c83025ccc780d53e29c4019
03ed229ef418ff5a6fccfdf3a767733716d9dc17d9e049c3d6133af11b748ec5
03fc01f77766ac6bc636fad8c3c82f8549379bc61b636e9ba344ead0bce5dedb
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09e52212f27a512fb8743569dc39d738fd0e163c7d86b977dd4e92808d46700c
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd439dee780e622d5406c1d638c455c67796f5ebe6443f0783358981f3f0310
0ec1683a8f420b29810fcc25c9cca80233b7ef893eb8db7583baf2c6fb14af2f
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
159b16ec7d95e57f531a29d28e3c18278d7d5e46b6ec8f173c3996af21a55adc
1643f549380aeab61b23502d9f260f7350d9c2bd34dbc3cb0af73644332b6ef5
17b2edbe55f03492a581e8612da68f8c930149435d7729e88513bd6c5923a5c8
17ee66ad7dbe58495263155bfc158093439c3a665ef2ed9197db891bac20cacc
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
1c68f34ba0f5fcdeb6f102fe90015d3c83c79cbc8b072da1e64a76fe662766c2
1cb2a2d8aa15555b90d46a1674b7003ff961e1ed4770b0971f6c90dcc0f3087b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dbfa7f5c9cabfac013e2d37ef2f460120db45338ec4eb25d226ef2025a9e974
1fdabd4cfa67c6a32eb8312da1a34d29e46e03cae7cc98d412e4201c8e3ed7c5
20cb7e97cdd2bd5b3175038e3c8730a3d639c7b951f803d1cd215e662eea50f8
2227a9ff2864ad1b84de42c982d8d74dd78e0141832834717b37ad1ad8c930ef
233909c4dfdd46c81d5bd61532c55533e7a64e761f1951f00ed0c886c2c4511c
238cbd69c9aa90429e82360a6439383739227a2bdf34e67ae72ef0ae3cf63751
28a6827168832144d10572c3da10d3ce930b08edc1f9bba1e9331ca912a7d577
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2ff94d40954cd7ebf7a24a4ffdfe043d4c624f5212c954f71c8bb9f7556a3892
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32209e964449881b7f2a21086506deccc49063673c2cfff6288598f843fc81c4
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3357773697f27668085a764cb940779973917dfab69295d2b0ba20ef9a13b24f
3606f88fefce60e8311b3ea111fcfcaccf7039c8e1375a659e6ff32fa09ca37e
3636b95d15f61f445c9454c7e75a8cd46c8d549a80d0595868280967bfc02d41
37d44df61428260da98324576010ebd04c0d5a1ce6774bbed15bbfbdfc141a0c
385a3321b0c214d7b4476729aa33f296aa1b8458de7f777d5965f8b70a8c97d3
3e5b3e974431fd43b5b7cc2c34b29f45b52f817a2d60c5c97a9559e2f6a152d4
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41c6c7f31e699ee9c9f923584aa973b82dfc509a9cd1b31ebabcfc39995adb80
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23
46820d3a6333e4326b3b6225dc17fcbe5c1d8368f9cb17c2b0a3639ff9d170cc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057
477512652babe755ab88b6a712f74607b1e3178de899b5aabbe59a3a174970cc
47a8a3cac11d58041b7c0874be17d4c7f9a71fe87ec09e8dc3dbf047438346d5
47b726fd18aa3355c7f0277952419c5e1b33d3347ee2e4eff5e9b9be73040549
47c015780b6afbbe63d51f458b13e8cefeb1d225bdb239a535d02233db8bcabf
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b80e46450200d3fabd65323bf5a91b8d31e919438a8cd48b9f8e8bd8b23edac
4c6f42922d5f0c84b9b19f3f8bd0567786d1a8c0d40575368b7a40508fe0c747
4d085ba61f30ed4042ae8acf4d18a0f58342734926ecb174b8ecc45ceedac201
4d3c300c1cd89393c7f945c06656981e3ac1c034f59996affcd1062a3092f40c
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f61480e1ee75ee65101133067f315d9a4f4836bc0e1a5b71d58d961a5b1f009
4f8d62a906fe07f2169652b00715ff176ca8aa41dda9a00b04736c29976ecaaf
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
53203ef7d7c97068a4425546fc8797acbc7e61d7e3df6cd8379dab5c2b1a845f
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549f570489de284788a48f1bfa5653d4bfa2ccb4e04187569598e92cd11b894d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5806fa88e7b448822483efaf6166b627a098c5347e0199fc578513843eb77535
5fd91d5e878d804e2bc02ba3a3a3560b1aae4e15922f39ea59b0b77c7b872d8e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
621040ecb048b1d5cf0682321c055dcfcf72b941cca5228dcee97dc0f856f5c6
6269f3fddbea1fbdbb369f84ac32323fa0251c3bb8f761d1d144713697d8fd48
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
65d84000e64757e83eb9128120323cb92d071cf12b5746e3e1888302cec98d49
66dfd53134d5f32c3f4b280c7e7c7aa4e64600ea3ed8d2e15d4ae3b5ac1e93af
677de1a657eefe2f5b63bda2f79c0cb929a159c70fe397ce6199ab3028eb763a
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
695ab076343acfdc35a7d6257e5ee70215d2a9479a1a597335a02feccba94b71
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d033b313c1c644e3e4047eba594243000c50732aac9bd039ae122fed1a083d3
6e63dfd72f01c32504b8e4c4732245737ed6ced15af3ff626049afba0b089274
713d06e2e8d22cbd0d5f3674ce152eade7f34b0d09751b588d480e2a1a4352d9
73eb9f67bdec552c505ef0f8f86ee428df8e31a08fbdac32c31d618ee6773cc6
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76ba3c90c3dc07268f104d8fe8dda3a096c166bb41297b38a14ede941f5280c2
76dabf55e3078e74adefdc33f8b6eff8bb3a6213dc75b9770a66d5a2efaafd50
7976a9dfe57f9ba6972420500782258da674fcc523c2def08bb6a84ce275c4b5
7a775090e6faed2937b467044015451f81393e0275a1bb0e484432cbba132b6d
7ad7751f5e19986d9bff127b1137445a8806d2fdf72ab92a3fb835abb07a48b4
7c4711683ed6f2d79b7aebeb5f9d00be743a943159bdb57faf129412ed1de94c
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
7ece6606590dba90d226adfe4db265b385c96faaaa88ac3c3c937165e260ca56
823d24c7fd7deac0ca9cb3c57be7df7b0dda6045be77e4b649d4e381de1344f9
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8a23c44de48fb21cbcd562cdf009d5d3049c6e064dea597c2e00f4539487909d
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e683a0ae8fc37aeae8fd20643faef0341fe5cf01c30f25f41d6bad28b1a8365
90a59e503621a65095f5a3b9d621a3049a3546c0ede1fb6669ed9ad2c822136b
92fe1cea3df8fc0e2a03f1c8d0099cb105c7d455ac8be20be165ce6bff558365
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
97f8fc372f7f4222cc65412e259edacd394d09bd69cad1687bd5969da2f44399
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c72abe1427dd4bb1fb8fda80f15d2232932864b05bba38e816f9885bd877a74
9e9b0c673754536ff2a6976b86d59ca0fb443c317ffe2c9e767a9dbc14560b6e
9f46649ea544819982ea288c6f386dd67d46da0f453f95da542196372b79731e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1aec50c56e8c750ab85dfda36f5446ae314a821b23540e83eb6ef7212c684d5
a4445042b22af60d9807b2c1a3cd379bd349aa10dd4b014a179d7bbf721654e6
a69ce83f86f2e80772d4e867c6d46d9aac905c7554a9300222eefa80e34c24bf
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a80267cc0e2386c4cb81d14aa246652ce97d3ab1ec2f479e0999b34683811c3e
a86407458ab26df1130208f721d34e85196b93257d6b8ae69d867a45f6e16e3a
a96cff3fb62ac0b734c6c27282f2bf58f8565ec5dd05c1b0c118471d28c14c55
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee284f24598d794156164fc49c066480270379e4e75e9ff3520c522d5b65939
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27170653bb14a6d15c3d4c584b3e49be618baf2717d8129c32b16744d755e36
b47aea03ab095b6ed724fa618bab70114990ebd77725eb481e9791b288f8957b
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
b9f62ffba83828dd25198de9e93c9f38bc34b81e9a9db9ddd349a158a3cb19ac
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bcb30ac54b99864e020abface88586879e2471bb69d13c92aea88a3047994456
be21226dfb7b4e3cef0ea83718af0a2b963c821f59eda3d553e30168d0d21518
c0bc803ded3eb30a6da6c3a037589f7554a759eb01357fe52de1adc19193d87b
c192304e1bb17edf7e6e3dd6fd7612fbaabedafdff53ac0299967955c823da2e
c38bf988d59121b62651de3e48838074619237e8f60b687ae168bc4731288236
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c61c83ea50f8a8157e37879feb2dee057a419ed932cc98ea061513a4add88ec0
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd58cf4df517cdb850afc9a03e16fa034e0fbc7d50ef96d474da4dbbef4e8057
ce64f356606d13a8e97922a3af94ec24dc9cd583b78c9dce842fe25cd59eb642
cef477d43235d65e89f344f4ec4b4273106cd9abf3b8f5d58fe6f56575fa2765
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d45ad5ac19e20742389c7b1aedbed931490285a04c4e7c2be3a559c3b7d4c3f9
d4cd30d3787897a46dcfe8242464807424a2ccf67d705e4cac3a7d377d3b5d2f
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d5cfee61b742b87cd2a664b044eee837ff01db1e5c5bfe66faac30edc228bdf8
d98b03ac0c492d064f025a3071c62dc2cc700810479f0d70f4e40ff5d64f02b7
d9e9aa1ecb8354dde08cb0da6d8210c8ea59bdfea96eb99f753f86da8c964b80
da1b94b16cc73ab273a2c57777f6023480e0c24e607e48233a47ca6ecaa2d058
dac08fd3eb7d2adf333d36ea5e35d4f4dc25c7dd705cbf99682707b2d95f9031
db6d6d47686d811bc35d2047e0d2f83ce89e07f82543798e85bf26003411d40c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de7900a3cbd162c4502b1c4ca0ad9af9b8734ec575c2f609d6b85cb0bd3fce38
e0223bcc696052dd207c54b33d2f057ecbd158ff5c48e7471bd34ec3aef2fde0
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f989f47b2d270d55fca173cdad0660bb1d16c7f4b3e50cc8a92d5d2e04db63
e7f948a6f367fea813a01538b510eb30dd5f587630f7ed999f5136d2f567c82b
ea863362502728bb408283ed05a29e338b99f3a2c546f920811ae2d8f2bfb835
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed2c1133b9d2a0c6f1f1eab4256ee4b80cb68ddb63d8184dd442af652f105b01
ee4d2b8a9ee67265359f1784737b66cbe22637f133115672f1fb0a101bd0638a
eec1d339b9dac9ef9991e418a6fd71c2cf953d77ed1597ed68f82fcc12bf7767
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef954ef14bdf679460c2438c8f89989528da87b1835a32b7d1f835ebe3ff27bb
f09593828cee6920adedd5894490b2215298d6efcff8ed1553fff1265bd478b6
f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206
f4381203d8413c274ca0e5dbb703bfd17005c7a129a1054026614d3dd927d245
f58e6745de6de51a1ed7252fc74c7a0d13a570034fd45e12336f0c40b0ebdb1e
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f6cd99a9385854f92fc620284f506647e1d50ae35c98252bba2cc9ddbefc4efd
f733fea78bee63c182db7d5c8f53a0bb6b99efd93ab182a5db2bd57fe1a0274f
fc24ebd15a3d7fca1f07c4baaf8ac888dd7db205a6b363741050f44bf0d377ad
fd2c680964b28dc283f3518e21720cd2f886e7bdb8d2f5b47809ef836c337d52
fdfe9f368de4615715c1c188fd804ac43371b2cf83ea7c731c4021d2c6d05f01

www.gjsentinel.com Open in urlscan Pro 192.104.183.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

274 Requests

86 %HTTPS

36 %IPv6

59 Domains

93 Subdomains

77 IPs

9 Countries

5095 kBTransfer

10732 kBSize

59 Cookies

55 Outgoing links

Page URL History

Redirected requests

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.gjsentinel.com Open in urlscan Pro
192.104.183.109 Public Scan

Screenshot
Live screenshot

Full Image

274
Requests

86 %
HTTPS

36 %
IPv6

59
Domains

93
Subdomains

77
IPs

9
Countries

5095 kB
Transfer

10732 kB
Size

59
Cookies

274 HTTP transactions
7 data transactions