www.politico.eu Open in urlscan Pro
2606:4700:20::681a:875 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Submission: On December 23 via api (December 23rd 2021, 11:41:41 am UTC) from US — Scanned from DE

Summary HTTP 75 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 27 IPs in 3 countries across 20 domains to perform 75 HTTP transactions. The main IP is 2606:4700:20::681a:875, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.politico.eu.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time www.politico.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700:20:... 2606:4700:20::681a:875	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	13.32.21.69 13.32.21.69	16509 (AMAZON-02) (AMAZON-02)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	65.9.7.60 65.9.7.60	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:6a00:2:5291:8280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	13.32.29.201 13.32.29.201	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:214... 2600:9000:214f:ca00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	34.194.161.83 34.194.161.83	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.21.15 13.32.21.15	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.233.54.203 3.233.54.203	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	13.32.21.99 13.32.21.99	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	143.204.209.120 143.204.209.120	16509 (AMAZON-02) (AMAZON-02)
1	65.9.58.57 65.9.58.57	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
75	27

28 2606:4700:20::681a:875 (United States)

ASN13335 (CLOUDFLARENET, US)

www.politico.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.32.21.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-69.fra56.r.cloudfront.net

cmp.politico.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.60 (Altamonte Springs, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:6a00:2:5291:8280:93a1 (United States)

ASN16509 (AMAZON-02, US)

widget.politico.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.29.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:ca00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-15.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.233.54.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-54-203.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.21.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-99.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-120.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-57.fra56.r.cloudfront.net

cdn.privacy-mgmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	politico.eu www.politico.eu cmp.politico.eu widget.politico.eu	1 MB
7	google-analytics.com www.google-analytics.com	20 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	google.com fundingchoicesmessages.google.com www.google.com	43 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	64 KB
3	facebook.net connect.facebook.net	134 KB
3	amazon-adsystem.com c.amazon-adsystem.com	39 KB
3	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	144 KB
2	facebook.com www.facebook.com	313 B
2	parsely.com cdn.parsely.com p1.parsely.com	18 KB
1	google.co.uk www.google.co.uk	501 B
1	privacy-mgmt.com cdn.privacy-mgmt.com	1 KB
1	t.co t.co	470 B
1	twitter.com analytics.twitter.com	675 B
1	chartbeat.net ping.chartbeat.net	201 B
1	unpkg.com unpkg.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	googletagmanager.com www.googletagmanager.com	65 KB
75	20

	Domain	Requested by
28	www.politico.eu	www.politico.eu
8	cmp.politico.eu	www.politico.eu cmp.politico.eu
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	connect.facebook.net	www.politico.eu connect.facebook.net
3	c.amazon-adsystem.com	www.politico.eu c.amazon-adsystem.com
3	fundingchoicesmessages.google.com	www.politico.eu
2	px.ads.linkedin.com	2 redirects
2	www.facebook.com	www.politico.eu
2	securepubads.g.doubleclick.net	www.politico.eu securepubads.g.doubleclick.net
1	www.google.co.uk	www.politico.eu
1	www.google.com	www.politico.eu
1	cdn.privacy-mgmt.com	cmp.politico.eu
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	t.co	www.politico.eu
1	analytics.twitter.com	static.ads-twitter.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	www.politico.eu
1	www.linkedin.com	1 redirects
1	ping.chartbeat.net	www.politico.eu
1	unpkg.com	www.googletagmanager.com
1	snap.licdn.com	www.politico.eu
1	static.ads-twitter.com	www.politico.eu
1	static.hotjar.com	www.googletagmanager.com
1	p1.parsely.com	www.politico.eu
1	static.chartbeat.com	www.politico.eu
1	www.googletagmanager.com	www.politico.eu
1	widget.politico.eu	www.politico.eu
1	cdn.parsely.com	www.politico.eu
75	29

This site contains links to these domains. Also see Links.

Domain
www.politico.com
jobs.politico.eu
edition.pagesuite-professional.co.uk
play.google.com
apps.apple.com
www.facebook.com
twitter.com
www.linkedin.com
facebook.com
www.un.org
www.euroclear.com
www.euromoney.com
georgesgilkinet.be
www.enyolaw.com
www.bailii.org
www.osborneandpartners.com
www.lexology.com
www.bdo.co.uk

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
cmp.politico.eu R3	`2021-12-04` - `2022-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.politico.eu RapidSSL RSA CA 2018	`2020-04-03` - `2022-06-02`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-01` - `2021-12-30`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.privacy-mgmt.com R3	`2021-11-25` - `2022-02-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Frame ID: 0F827168B002574194739152A56001EE
Requests: 67 HTTP requests in this frame

Frame: https://cmp.politico.eu/index.html?message_id=527577&consentUUID=04ac38d4-92ef-4f8d-800a-1a4ad2ba490b&requestUUID=3d7e6171-1004-4fa7-aaac-4ec35ed85d4b&preload_message=true
Frame ID: 0A32A44EA9A43B842114AFB903243801
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 95CAB07B29153D14742076129DD24AA8
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0FB2D24D6FD2852BDCDD5E235622C3BE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Millions flow from Gaddafi’s ‘frozen funds’ to unknown beneficiaries – POLITICO

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

75
Requests

99 %
HTTPS

50 %
IPv6

20
Domains

29
Subdomains

27
IPs

3
Countries

1691 kB
Transfer

4485 kB
Size

28
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.politico.com/

Search URL Search Domain Scan URL

URL: https://jobs.politico.eu/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://edition.pagesuite-professional.co.uk/html5/reader/production/default.aspx?pubname=&pubid=926f0c8c-7f9b-4c0c-a74d-25af040856bf
Title: Print Edition

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=eu.politico.promobile&hl=en_UK
Title: Play Store

Search URL Search Domain Scan URL

URL: https://apps.apple.com/be/app/politico-pro-europe/id1396447664
Title: App Store

Search URL Search Domain Scan URL

URL: https://www.facebook.com/POLITICOeu/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/POLITICOEurope
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/politico-europe/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer/sharer.php?u=https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/&t=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet/?url=https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/&text=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/&title=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries&summary=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries&source=https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Title: Share on Linkedin

Search URL Search Domain Scan URL

URL: http://www.un.org/ga/search/view_doc.asp?symbol=S/RES/1970%20(2011)
Title: a U.N. resolution in March 2011

Search URL Search Domain Scan URL

URL: https://www.euroclear.com/en.html
Title: Euroclear

Search URL Search Domain Scan URL

URL: https://www.euromoney.com/article/b12kjxb33l8zry/the-battle-for-the-libyan-investment-authority
Title: Mohsen Derregia

Search URL Search Domain Scan URL

URL: http://georgesgilkinet.be/
Title: Georges Gilkinet

Search URL Search Domain Scan URL

URL: https://www.enyolaw.com/
Title: Enyo

Search URL Search Domain Scan URL

URL: http://www.bailii.org/ew/cases/EWHC/Ch/2016/2530.html
Title: Goldman Sachs

Search URL Search Domain Scan URL

URL: http://www.bailii.org/ew/cases/EWHC/Comm/2016/375.html
Title: Société Générale

Search URL Search Domain Scan URL

URL: http://www.osborneandpartners.com/
Title: Osborne & Partners

Search URL Search Domain Scan URL

URL: https://www.lexology.com/library/detail.aspx?g=7fee50fd-ae3c-408a-8f18-0fa7b05490ba
Title: €963 million settlement

Search URL Search Domain Scan URL

URL: https://www.bdo.co.uk/en-gb/home
Title: BDO LLP

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1640259696703&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D515964%26time%3D1640259696703%26url%3Dhttps%253A%252F%252Fwww.politico.eu%252Farticle%252Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1640259696703&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1640259696703&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&liSync=true&e_ipv6=AQJQJAwEx_cpuQAAAX3nGLmINLhjE8RJV7GBZtXFmHa2bHbH7FoKJ0rLtfcc83QbvR9Is69Ubg

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ 216 KB
46 KB 158ms
140ms Document
text/html 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

723f72fa016da3d36dd0f8024beed74b040370331c9d9c69b4a09b2b089d1e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-frame-options: SAMEORIGIN
link: <https://www.politico.eu/wp-json/>; rel="https://api.w.org/" <https://www.politico.eu/wp-json/wp/v2/article/805282>; rel="alternate"; type="application/json" <https://www.politico.eu/?p=805282>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 1
x-cache-group: normal
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfFAPWLq6kDULGxPmlVmlgvQ4WuXoyb0Dw22xKzeXTtAA%2FWtAaN%2FU69zitUjJLt4rbccFmnAxJABQACilnwOpj6nRssWWgFlSv6YiP47Gf%2BI40kqCu3wDhO%2Bm5YMHF5i%2Bt4hskxmICJ2GSiQlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6c21525bec70701f-FRA
content-encoding: br

GET
H2 200 IvarText-Regular.woff2
www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/ 38 KB
38 KB 45ms
45ms Font
font/woff2 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/IvarText-Regular.woff2

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25e4521abb90ae6f17b9a111dac828f25e3f083d9837b506addd33a82e4cf98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Origin: https://www.politico.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23810070
vary: Accept-Encoding
content-length: 38524
last-modified: Tue, 26 Jan 2021 11:15:04 GMT
server: cloudflare
etag: "600ff9b8-967c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A70xLgQvWY7mgi88oLUSCZ%2BccvM0oGCGKDjw%2F0T4jWoefRxbzzoKXhwnvcTwYhN7AUrdYEb1JP%2Bx0puyd8Z7lplwIxpORSIjRvyu08ebniDd1Ek1Ctf5S%2B5DhcLaaoxXFQgR%2F0WmWPECKfuBvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c21525d3f7f701f-FRA

GET
H2 200 National2Compressed-Medium.woff2
www.politico.eu/wp-content/themes/politico-new/dist/fonts/national2-compressed/ 30 KB
30 KB 36ms
35ms Font
font/woff2 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/national2-compressed/National2Compressed-Medium.woff2

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8749df62cad8b7c300bf709ad6dea89e59831cd5b305b6450877af40c131ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Origin: https://www.politico.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23810070
vary: Accept-Encoding
content-length: 30240
last-modified: Tue, 26 Jan 2021 11:15:04 GMT
server: cloudflare
etag: "600ff9b8-7620"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PsgU1okAQyq56MzjByxr0nn8GPe%2BzniMavizg3XCMkvZEVCZrGtTtBcRjTKEmH1puHVko2EMcCYoTVjnJ3IrPFiZM0nq8ayKTc71EnGzjJk6PfFpmvr9cZ%2B8ad4EbQqeGWDNsx3xTVO7Aq3LTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c21525d3f80701f-FRA

GET
H2 200 PublicoHeadline-Medium.woff2
www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-headline/ 50 KB
50 KB 39ms
38ms Font
font/woff2 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-headline/PublicoHeadline-Medium.woff2

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5124324d76d543186718728f1ea0496403eb2b11816357db69def8c2ced41f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Origin: https://www.politico.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4162626
vary: Accept-Encoding
content-length: 51344
last-modified: Mon, 16 Aug 2021 08:01:18 GMT
server: cloudflare
etag: "611a1b4e-c890"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55ymstC3ITQCb27NuMIC4lH6nHd%2FIXVmO0deeHyDXMK05rS617cDq5ZfvZA49StrHOkoW62okwWDaCy2XWtv17%2FFP7RetIc%2FbUZVFn5t5PmV6E7XzMZduXdcgdQHP%2BvoOkvoGr0UkXailZQ3Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c21525d3f81701f-FRA

GET
H2 200 PublicoHeadline-Roman.woff2
www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-headline/ 52 KB
52 KB 28ms
27ms Font
font/woff2 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-headline/PublicoHeadline-Roman.woff2

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

566b0aee0cae2b02daa9a43461881182e6ec302f1b3e627068315cf97cccb61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Origin: https://www.politico.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6339656
vary: Accept-Encoding
content-length: 52808
last-modified: Mon, 16 Aug 2021 08:01:18 GMT
server: cloudflare
etag: "611a1b4e-ce48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOHPtNzPE5lw7Mi%2BdI3qp6OhC2GwH5HTBeGvt5g2qGQ4I%2BLADdg%2BSiKQ%2FWs1ViIblaW%2BvgcNXy%2BaKps4o9blEW69h46KEKVxtcHVXBlVH0wY8oyzqrfr3WoZ5nRA0QQ9rgAcLb%2FNGqLpShIXxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c21525d3f83701f-FRA

GET
H2 200 PublicoBanner-Medium.woff2
www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-banner/ 43 KB
44 KB 49ms
48ms Font
font/woff2 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-banner/PublicoBanner-Medium.woff2

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af741a6627d0cba98a0dcdd237cbfd04d6aca87c5e0347c43ea34ddb7860d7f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Origin: https://www.politico.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8758641
vary: Accept-Encoding
content-length: 44248
last-modified: Mon, 16 Aug 2021 08:01:18 GMT
server: cloudflare
etag: "611a1b4e-acd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSinzlXBNAOBZ6X6c9SHmb32wgQX3yXkyserJoCwbQaunEpW4u8GhBoJ6APODUzecLXV%2BlhNifYv3clo3%2FJMBZ71FKt8Y75llGrcJZKm5lqTJcvcligqlgRjGov%2Baw%2B5mj3nEovYJau9lLyTVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c21525d3f86701f-FRA

GET
H2 200 style.min.css
www.politico.eu/wp-includes/css/dist/block-library/ 79 KB
11 KB 56ms
56ms Stylesheet
text/css 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2606384
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 23 Nov 2021 07:41:08 GMT
server: cloudflare
etag: W/"619c9b14-13abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GxjdUYBzKlEi6UKTRmuBzoLC63pKg531ZLtsf4qf%2Bc6aHoDR2DIIkjdMzWxRQirgUcTnZ8LvMWKplQ6Y81EC%2FhHj9vWDK7AKUc9ib9KIvNTzqbMa3Rw1sRAJ5wnS2LiW7wsA4797jw6%2B7bvPTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c21525d3f87701f-FRA

GET
H2 200 jquery.ui.css
www.politico.eu/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/css/ 22 KB
5 KB 47ms
46ms Stylesheet
text/css 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/css/jquery.ui.css?ver=5.8.2

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d198aa686d1152dea61220e984befd325376330286ffbeb9bba9d43347c2f065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2606384
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 23 Sep 2021 10:03:12 GMT
server: cloudflare
etag: W/"614c50e0-5940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M6fjL841zzEeFMZLVTA%2BOxjBw11%2BCBUSmDXz8JshZbzSM%2Bwecl1fKSdEb%2BXObdkBNSDUN1DL837B%2F%2BgZjeRkKlNG6jf48oVcsuRxpZ4u%2FMshhabuYn%2BXZP84BbmrB5ZyS7vllkpq3ULGBQ6G5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c21525d3f89701f-FRA

GET
H2 200 wp-parsely.css
www.politico.eu/wp-content/plugins/wp-parsely/ 2 KB
852 B 43ms
43ms Stylesheet
text/css 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/plugins/wp-parsely/wp-parsely.css?ver=1639564189

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

771aab9b7a93154ca223a348e5ce6a88c311b74caeb687f8c0ced949296b9b8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695492
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Aug 2021 08:01:17 GMT
server: cloudflare
etag: W/"611a1b4d-709"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KiP6xAWVyZOyNEzftfRpDmLi4xhuq80nSnS5c1FKxz9yE%2BBRp%2FRhwNIQViiGePAxId7lCqNCipBBYc32Q3NM3orciPYr%2FMieCbp7kCnp2F7G%2BXvHx0vWOR0Zo%2BVkSy2NnhKels5XAWB8nY%2FPhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c21525d3f8b701f-FRA

GET
H2 200 style.css
www.politico.eu/wp-content/themes/politico-new/dist/css/ 337 KB
47 KB 52ms
52ms Stylesheet
text/css 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1639563529

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

436783e972bedd1ac991a42bfb4bdd1f2d2a946b6abcbafc7665a6cfd774a7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695486
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Wed, 15 Dec 2021 10:29:49 GMT
server: cloudflare
etag: W/"61b9c39d-542af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doHkwBdDofGCpcbUa3xok4ZWFaE3VBHhhUiciK8CLxrZxWC2uGDgAe3FSvoWUVdzI6ERxg3LSNhyiWFYbgmHpyNmwNmO57N%2FXQ3WlBXSecnrGSa3ZBMNlZ8OgICfJH%2BuUYHZX7IR5iXuibWhKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c21525d3f8c701f-FRA

GET
H2 200 wrapperMessagingWithoutDetection.js Show response
cmp.politico.eu/unified/ 97 KB
31 KB 145ms
18ms Script
application/javascript 13.32.21.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.politico.eu/unified/wrapperMessagingWithoutDetection.js
Requested by: Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-69.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 805a3554d61478a44d120b299471dd8bf020d64f8a5691f93977c1903e1c49bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:35:01 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 20:39:45 GMT
server: AmazonS3
age: 425
etag: W/"8173ed7328da3f1c5cd0c9bd16b348bb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: j55yVGTHBpt7qA6epjlQCoEuxSJcmEcYT142T-cYF8GctB10jQJl1g==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 145ms
33ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1079 / 697 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26915
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Dec 2021 11:41:36 GMT

GET
H2 200 prebid-5.4.0.js Show response
www.politico.eu/wp-content/themes/politico-new/assets/js/frontend/lib/ 225 KB
69 KB 58ms
55ms Script
application/javascript 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/themes/politico-new/assets/js/frontend/lib/prebid-5.4.0.js

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

001b94577ec2f76e97f364b7e4703dde056560f9dd6becb7912e7c986469d445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4789285
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Aug 2021 08:01:18 GMT
server: cloudflare
etag: W/"611a1b4e-38402"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rNyQSzCvF3orYJzzu8RSE2P%2FAWcboRJpJBT8OWn8vbfSLyMYGO6KI3z7%2B3FTDu%2FmFzGjLLWmrvDf%2FffNdPgMaenp2bznvT7xg98DCWUykR9FVzLC95KO0WaP8ywQITMerb9pPw5NNCAY7VMqew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c21525d9889701f-FRA

GET
H2 200 EU.svg
www.politico.eu/wp-content/themes/politico-new/assets/svg/country-flags/ 3 KB
1 KB 78ms
75ms Image
image/svg+xml 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.politico.eu/wp-content/themes/politico-new/assets/svg/country-flags/EU.svg

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ac797c35537a963bde0adcb6d35aac1c0df87cf0227465ffc396b98ec68d1ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5020819
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 26 Oct 2021 08:59:44 GMT
server: cloudflare
etag: W/"6177c380-cb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CEghd%2FTorU%2B5EE8luAR6zOEcaB3MJZLsPfYbZ%2Fmrzv9%2FI5uzAFiH3BZdPL%2Bl22nDWzcCqQqtfKJYc4pNZvoTcNyszIjTCFH%2BVICo%2B8Cwrwp8PhVBdj%2Bo7QhHXUgiTq%2FQr3j8jCvBo5uRfKpAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c21525d988b701f-FRA

GET
H2 200 UK.svg
www.politico.eu/wp-content/themes/politico-new/assets/svg/country-flags/ 4 KB
2 KB 23ms
21ms Image
image/svg+xml 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.politico.eu/wp-content/themes/politico-new/assets/svg/country-flags/UK.svg

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c34528856d91109443f4757d13fea87be0dc86ea20e13d7a8af5ea91c18d53d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5020819
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 26 Oct 2021 08:59:44 GMT
server: cloudflare
etag: W/"6177c380-f3b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITUsI5mETI%2FUMWI92CkPIWAjoKUOtoooddqSP2%2F2%2BsFpc9rF203VVRuFOXCNBz%2FeBvKVunHkgGYlvZRZRUblLJ627xejju6DPZJ4SBBUZqdaWztEWUEH8RWdY1uTOIxd4RMCCY9vCZ2j4G6KbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c21525d988f701f-FRA

GET
H2 200 US.svg
www.politico.eu/wp-content/themes/politico-new/assets/svg/country-flags/ 3 KB
1 KB 78ms
76ms Image
image/svg+xml 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.politico.eu/wp-content/themes/politico-new/assets/svg/country-flags/US.svg

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d2ab774891ab10f070da7a80db17fd54e10645c175b273acca86357f0f8b4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4837153
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Thu, 28 Oct 2021 12:01:57 GMT
server: cloudflare
etag: W/"617a9135-a1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMQu1yG8LAz1EcOpOuvjuMGMK9%2BIdjoRJeWipx0R4mrRVneWn8U6TUwuVe1Fa8ikSZDWudHtlc3YPPF5p0RRRasmtH%2BgWBc%2BBTfuyTcB1vfCK%2Fp9AdTmLSYWkkViDi6cva5QZFqc1j7zTlgWxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c21525d9891701f-FRA

GET
H2 200 LibyaWeb-1294x720.jpg
www.politico.eu/wp-content/uploads/2018/02/ 213 KB
214 KB 31ms
29ms Image
image/jpeg 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.politico.eu/wp-content/uploads/2018/02/LibyaWeb-1294x720.jpg

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68eaff1a2a13619047f4d9951336b1de83875591dc262a1d95cdd464c0c3d02d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14928
cf-polished: origSize=297253, status=webp_bigger
vary: Accept-Encoding
content-length: 218027
last-modified: Wed, 09 Dec 2020 11:08:17 GMT
server: cloudflare
etag: "56a515efb7edd7d4fe5dd8afd773c818"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bT2yUy5GdI8%2BoeDqbeQkdWFogiZvp8gqhqXvIIWG5S6ZHXqeEYtZ3X3UJpqrMHnLo4bnXmZAhpebxj8D7BeZv01V%2FiAN%2F0sum%2FtNHyLiabK%2F8I5yETN%2Fp9H2lrPyzBPE%2BnaK3shvMwk7BDI7Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Sat, 22 Jan 2022 07:32:48 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c21525d9893701f-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 email-decode.min.js Show response
www.politico.eu/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 10ms
9ms Script
application/javascript 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Mon, 20 Dec 2021 18:59:20 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"61c0d288-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a20zKUofN5Wj1WiOg3ulM6fQxKJNNdXpkMjSyNH2KIh%2BxzXqxBBuwrDfj3cmQ00MD2Ttamn6%2BREgDRdKN4wVSf7VFNdYhigtcdV6v7vWdnvabxg%2FTZG6cEtjyOilvHI5vlFcEJkaw1BOQ%2Famsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6c21525d884a701f-FRA
expires: Sat, 25 Dec 2021 11:41:36 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/politico.eu/ 47 KB
18 KB 109ms
11ms Script
application/javascript 65.9.7.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/politico.eu/p.js
Requested by: Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.60 Altamonte Springs, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0ffdf994819f279d76e9536d142a997a1cbf99cc224b6da03ff3ac1564edf3a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 22 Dec 2021 16:29:55 GMT
content-encoding: gzip
last-modified: Mon, 08 Mar 2021 19:07:47 GMT
server: nginx
age: 69171
etag: W/"60467603-bd2c"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: QYtRdmBQMFcS8I9S45VwwkcDrGgF8Xy5t2sqkYvApG_4OPkBP_owOA==
expires: Thu, 23 Dec 2021 16:28:45 GMT

GET
H2 200 frontend.js Show response
www.politico.eu/wp-content/plugins/ad-refresh-control/dist/js/ 13 KB
5 KB 25ms
22ms Script
application/javascript 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/plugins/ad-refresh-control/dist/js/frontend.js?ver=1.0.4

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18914188
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 18 May 2021 13:44:44 GMT
server: cloudflare
etag: W/"60a3c4cc-3583"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MJr25PTxKi2I9PYRrsqZZc%2B5eR4gKJXtaK7%2B6qSlU1p9os3BpuVl7ViKGBZBQI6uHdHMLJvjzmn6vR4Kmc3JAi48tgaML17FzXllG6BTHrM7oTzCqlb%2FLYP51kGFVC45fCEGPcC1CIKiMDRzFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c21525d9882701f-FRA

GET
H2 200 frontend.js Show response
www.politico.eu/wp-content/themes/politico-new/dist/js/ 618 KB
174 KB 63ms
60ms Script
application/javascript 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/themes/politico-new/dist/js/frontend.js?ver=1639563529

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a01332d87086d5dfa7ddc473dabfcca011b9a98ef7611c9d0b003684c94d0329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 695486
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 07 Dec 2021 09:33:56 GMT
server: cloudflare
etag: W/"61af2a84-9a8ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARsFNLpC3opAEDn2TJZ2jebfbx5512G43vTizV4F5d89go2P2OTW28HAiiKyiHaRjI37IEAJDtSa4v9uvRRM2%2BP2XhyB%2FY7hT0zY5eszv2sHtMMaidJsXhvrKWAwyTYl4Pv%2BwyqVdSf%2FM0Y0ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c21525d9887701f-FRA

GET
H2 200 embed.min.js Show response
widget.politico.eu/ 13 KB
5 KB 112ms
13ms Script
application/javascript 2600:9000:2057:6a00:2:5291:8280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.politico.eu/embed.min.js?ver=0.0.0-theme-version
Requested by: Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6a00:2:5291:8280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e858e4c408a7da3bca6525519fd1bebf80ae3fcbe3df81b8909a6bc479e188b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 03:27:23 GMT
content-encoding: gzip
last-modified: Thu, 04 Jul 2019 14:06:48 GMT
server: AmazonS3
age: 375254
etag: W/"500ef0fea11a37b80d034a4d9cbc2ee6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)
cache-control: public, must-revalidate, proxy-revalidate, max-age=604800
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: IcXtDIiF9Rp_roIgSE79BFQ7boRrpdegEI3WKNbTd_URnWD4k0uktg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
65 KB 110ms
17ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MLNH8XV

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3eae90d97a20e7d36f1cf1d90e2732a0c78ee2fc9c8b2766d7e51d19851177f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65763
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Dec 2021 11:41:36 GMT

GET
H2 200 AGSKWxUzwJUkrknMORZONyw8bdlSJZP5TQJiI5EttDNXRHKTAix9WJCT_HeXhUFv9keRgBHDc_lO9CcXkSZyqkcI8J8= Show response
fundingchoicesmessages.google.com/f/ 80 KB
28 KB 132ms
37ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUzwJUkrknMORZONyw8bdlSJZP5TQJiI5EttDNXRHKTAix9WJCT_HeXhUFv9keRgBHDc_lO9CcXkSZyqkcI8J8=

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

94531da23994979a5942bff3c4b46adcda95ec8bf9a883b9c5a077df56bd6fb2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-DDNM4v0sVzplMq/rqHoC3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DDNM4v0sVzplMq/rqHoC3w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-DDNM4v0sVzplMq/rqHoC3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DDNM4v0sVzplMq/rqHoC3w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 108ms
14ms Script
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 346
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 19NQAF7044DEB3HCXB2M
date: Thu, 23 Dec 2021 11:35:50 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gipVeSOFYwQqr_7j96j4EpJw-bSDZ9XUJVLlCUPKD956IxUFvTBpnw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 103ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: bDU1Rn/dLcr25nHyzener8UuVKBLYMurOp1ZrOpLac2X6mOhWlmDQXbIE9xsuFJGDku5KPQKvlqgyOFqzKBUeQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 23 Dec 2021 11:41:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 113ms
19ms Script
application/x-javascript 2600:9000:214f:ca00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:ca00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:19:58 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 1298
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 61adf71a363fe0f836dc69dbb43de824.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: A8MJducXsXLPcTu7cFy3OysZW_zGeSiO7x9-tDZo0T1KR5JH6QLEtg==
expires: Thu, 23 Dec 2021 13:19:58 GMT

GET
H2 200 ico-quotes.svg
www.politico.eu/wp-content/themes/politico-new/dist/svg/typography/ 439 B
739 B 40ms
39ms Image
image/svg+xml 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.politico.eu/wp-content/themes/politico-new/dist/svg/typography/ico-quotes.svg

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1639563529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e99bd769170a27455daef77ae15c487d2f3abcd36bdcdc7113af00ebe9c1d929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1639563529
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10490396
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 16 Aug 2021 08:01:18 GMT
server: cloudflare
etag: W/"611a1b4e-1b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5xvjmwTU%2Fzd7IZnrmPdmd7cmFhACrT7p3%2F8TbFCr1jBJ1%2B7r9CP45ICVPJuTMA7u170iajwp9Agzyw8bU22vq7OdK1D1qimSEjDpnHCyN1aFV9kswYvEG3MbrUYClVJS1pnGjRQHczLRtSMjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c21525dd8fa701f-FRA

GET
H2 200 PublicoHeadline-Italic.woff2
www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-headline/ 56 KB
56 KB 44ms
43ms Font
font/woff2 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-headline/PublicoHeadline-Italic.woff2

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1639563529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09883ab3ad2f6e8f83d45fb7e0bb79972c79c487fe36d8162bb1c9aa65d59b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1639563529
Origin: https://www.politico.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21104855
vary: Accept-Encoding
content-length: 56928
last-modified: Tue, 26 Jan 2021 11:15:04 GMT
server: cloudflare
etag: "600ff9b8-de60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QK6csrt9avGHGWtix3xIeRECqtZ9FIUJe3fvGHfvUv8L29F06R7gKI0hprLoQ0u5u8o%2FqqCSDbIMEBE2TzMWMnpsQXBW7SO5Ku4bgGuZutRapSrzYnQpaQHpB6PHzIR4A2oAFp6gL46wUFbhKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c21525de90f701f-FRA

GET
H2 200 IvarText-BoldItalic.woff2
www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/ 35 KB
35 KB 37ms
36ms Font
font/woff2 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/IvarText-BoldItalic.woff2

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1639563529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89103cbb04e7b236ece75ca34ed4c6e84d40a60ee5ad613d6490f956be7c4157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1639563529
Origin: https://www.politico.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10483539
vary: Accept-Encoding
content-length: 35744
last-modified: Mon, 16 Aug 2021 08:01:18 GMT
server: cloudflare
etag: "611a1b4e-8ba0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkjKVH%2B0It05KXiUFKzrdbSww%2B5XK9Av3Lw3VJGP3%2BpXjT3EhOMe7plvCtx6DTP605h4ogf6exCxxFPtu%2BI48%2BHVb4uchB9kG4h0Noa2pKayAR369qrV8czdQDKrd%2FePazM0KIKZSsGh%2F%2FAQDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c21525de914701f-FRA

GET
H2 200 IvarText-Italic.woff2
www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/ 33 KB
33 KB 42ms
42ms Font
font/woff2 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/IvarText-Italic.woff2

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1639563529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a13bbfbdf5c062b7107267f9c2482364b29f46ea19295b03926ee6e65113359a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1639563529
Origin: https://www.politico.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21514355
vary: Accept-Encoding
content-length: 33548
last-modified: Tue, 26 Jan 2021 11:15:04 GMT
server: cloudflare
etag: "600ff9b8-830c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TG8Zvw%2BZ0EL3jhoUqGRgIQ5fyh2a4uLHmODf1GQvyLOKicUa42qfoKrnymJt9sRdjd6WF8iPwIr93AgTmYEHxuO%2FOYkTJSkdk7YRqUguhmWPUhpn%2BE0E7z%2FxfWEqC9%2FPKIXE8UDokGI2QhEiKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c21525de915701f-FRA

GET
H2 200 IvarText-Bold.woff2
www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/ 40 KB
40 KB 30ms
30ms Font
font/woff2 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/IvarText-Bold.woff2

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1639563529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43214b89245d0798de38bbefccc32afaa328f85c2502ad39b15091bc0d0c8d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1639563529
Origin: https://www.politico.eu
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21782981
vary: Accept-Encoding
content-length: 40560
last-modified: Tue, 26 Jan 2021 11:15:04 GMT
server: cloudflare
etag: "600ff9b8-9e70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BpePVwOcMIH25axvMkF46cVOlYaMNi8%2F1g3SpZWvi8q1z3Y%2F%2FcIngF6nkjH9OuavweAsm%2BKl2yKL3TxcbDb6g7b4m9axX3cJ98zp%2BvhkdRMZeRxfimAoS40JKKp4%2FXAr0cTyDOWoK0tKqQmgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6c21525e0961701f-FRA

GET
H2 200 dropS-100x100.png
www.politico.eu/wp-content/uploads/2017/06/ 546 B
1 KB 25ms
22ms Image
image/webp 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.politico.eu/wp-content/uploads/2017/06/dropS-100x100.png

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5721339b9e908505b371c18888b257eb637231045cc744afb1e7f3684ee478c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172763
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropS-100x100.webp"
vary: Accept
content-length: 546
last-modified: Tue, 02 Feb 2021 08:11:15 GMT
server: cloudflare
etag: "709117fdb8fe18dc566b9ebdb1e62dfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2UtN6p%2F1gHFgGfCRJjn%2BVVMpeKnBGg5VEEAOEG%2FndaRwhN2iGR4oHOCgheXd0rCbO%2FeZC8hwTk%2BrRTY6XesSvVbivsjf91GIgTSSy%2BDk4Xxm2Mr3sguCy8QLuczlKhKJuZQa3kmX16%2BRAeicg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 20 Jan 2022 11:42:13 GMT
cache-control: max-age=2592000
cf-polished: origFmt=png, origSize=957
accept-ranges: bytes
cf-ray: 6c21525e2991701f-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 dropa-100x100.png
www.politico.eu/wp-content/uploads/2017/06/ 854 B
1 KB 34ms
33ms Image
image/webp 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.politico.eu/wp-content/uploads/2017/06/dropa-100x100.png

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7004c2926c3858a1228bde1ec4462d8a468a0945ec2fc2a3e86d08a5e0adeb01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14927
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropa-100x100.webp"
vary: Accept
content-length: 854
last-modified: Tue, 02 Feb 2021 08:10:45 GMT
server: cloudflare
etag: "ec5e742e5ff2926c87996e165b8cc216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3bMi5aujd2H1G%2BkAdyJ7GXZJCj2jJvzzyA%2FFjkYbqRkrDxC3QeEo5MWZY3evNFzSe9N%2BiZxMdPcKhAcClfsFj4G2XmQlvvnzgPD31yTmN6Dpy%2BmAIvacYKU8mCogEKfwXS23J5ICkmiz4EqgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 22 Jan 2022 07:32:49 GMT
cache-control: max-age=2592000
cf-polished: origFmt=png, origSize=1142
accept-ranges: bytes
cf-ray: 6c21525e2993701f-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 LibyaBox.png
www.politico.eu/wp-content/uploads/2018/02/ 46 KB
46 KB 37ms
36ms Image
image/webp 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.politico.eu/wp-content/uploads/2018/02/LibyaBox.png

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd60fbf94f06ccee8f9d9b5f1222fa5c674e1bfcf07d8e9e9ee91c03c94155bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14927
cf-polished: origFmt=png, origSize=110004
content-disposition: inline; filename="LibyaBox.webp"
vary: Accept
content-length: 47112
last-modified: Wed, 09 Dec 2020 11:08:15 GMT
server: cloudflare
etag: "3420b22301a9c21bec1bd8ea7288058d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XgEAiQa%2FOCAcQtWIgtLAWfbIlpRxKYDMNrdLQT2c9vVZz9q9Xn8xdOVFYaO0F535MBNs2RIpVA8gEjugNFuqlWOTKZaAbk84kbWoTzBYiMlFhYCfQD6kV%2BlEjCiBrdTvBIaByXk%2B3a8xucOOlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 22 Jan 2022 07:32:49 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c21525e2995701f-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 dropI-100x100.png
www.politico.eu/wp-content/uploads/2017/06/ 124 B
745 B 27ms
26ms Image
image/webp 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.politico.eu/wp-content/uploads/2017/06/dropI-100x100.png

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be0ed21fa0200f3af2117db5b3551710d4b1b28be3f148348893e2b38774aaf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 645106
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="dropI-100x100.webp"
vary: Accept
content-length: 124
last-modified: Thu, 04 Feb 2021 07:42:17 GMT
server: cloudflare
etag: "3f34488bfc2ac4adb4879d8ab67de119"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vp9CteSjitlbnauM%2F7VQk5kgnP7F3R9lfEjiBL%2BBYDPUgybbgKISyplmD5NbYqedb9yYwrP24wVpmIsXP1s%2FyI5cs%2BfDJuIxX0jH4jkYkS8THTvOLcUET%2BinSoBGigf9CaTo57uk2%2BN2zAthDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Sat, 15 Jan 2022 00:29:50 GMT
cache-control: max-age=2592000
cf-polished: origFmt=png, origSize=299
accept-ranges: bytes
cf-ray: 6c21525e2996701f-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 dropB-100x100.png
www.politico.eu/wp-content/uploads/2017/06/ 725 B
1 KB 181ms
180ms Image
image/png 2606:4700:20::681a:875
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.politico.eu/wp-content/uploads/2017/06/dropB-100x100.png

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:875 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47a648a901d4b103432ae94f6d8964d225edf0ad3176bc1905500293cb2d2bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000
content-length: 725
last-modified: Thu, 04 Feb 2021 07:59:01 GMT
server: cloudflare
etag: "5f5a1a103dabd9958cc657cbaa95f515"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=buRMDiY%2Bmx74vtAztFAHLIcaX%2F8hGWRvL7vs2SCr%2BGKZKb5dDJeFfKna5BKYqEIjU4mZQcilFKxl%2FpijVg%2BCn3LPfn8HvFBHxLC7kI%2BHdfkTSU942ODgV6hO2qdvNH3Tc8X4BKWdFwXBEKZVvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c21525e2997701f-FRA
expires: Sat, 22 Jan 2022 11:41:36 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 378ms
92ms Image
image/gif 34.194.161.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1640259696437&plid=87576112&idsite=politico.eu&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&sref=&sts=1640259696432&slts=0&title=Millions+flow+from+Gaddafi%E2%80%99s+%E2%80%98frozen+funds%E2%80%99+to+unknown+beneficiaries+%E2%80%93+POLITICO&date=Thu+Dec+23+2021+11%3A41%3A36+GMT%2B0000+(GMT)&action=pageview&pvid=49213098&u=pid%3D05afee733d6e2402b70deebe0dabc5a8
Requested by: Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-161-83.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 11:41:36 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 23-Dec-2021 11:41:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 7ms
7ms XHR
text/plain 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3307&u=https%3A%2F%2Fwww.politico.eu
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 07:01:49 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
server: Server
age: 16786
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.politico.eu
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: fljumHV2vYd9OAmvul-enu1P76y1KfWBMX9wwhAi2kCzaQ_94vw5hg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
9ms XHR
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 35988
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 22 Dec 2021 01:41:37 GMT
server: AmazonS3
date: Thu, 23 Dec 2021 01:43:05 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: LrM0c5S72TlShSqq0OLq4OKc1Eoa2IIV8jaS0UwjIyd2v90wfBcQ2w==

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: hNJkAbQWIdeyHZTKOjgU8+MSJnAqU0rVojhzGWXCuHF+J3scCc7GHsioQXi90scp/iH18ei3HIAafztMZWXu+A==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 23 Dec 2021 11:41:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 394368290733607 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/394368290733607?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a164ab7d62fc337d27623915bc9dac449a279bf7c927b3be314cee68d6c45494

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89144
x-xss-protection: 0
pragma: public
x-fb-debug: Q2/zZ5ySwBfKTAr78KojX+JV7JYnbzVWQdCJ9arnsuSks1yLYbMpfH1CFagR6yh45A+56AGbu0v4dv/RaCFC+A==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 23 Dec 2021 11:41:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 35ms
20ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 23 Dec 2021 11:41:36 GMT

GET
H2 200 gdpr-tcf.d7a0685ca57eefe3bbe2.bundle.js Show response
cmp.politico.eu/unified/3.3.1/ 80 KB
19 KB 11ms
9ms Script
application/javascript 13.32.21.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.politico.eu/unified/3.3.1/gdpr-tcf.d7a0685ca57eefe3bbe2.bundle.js
Requested by: Host: cmp.politico.eu
URL: https://cmp.politico.eu/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-69.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c93c78657ecbca578814bb085dfb61c548146d2199c6437dd80ff84b1539fc52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:37:49 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 20:37:59 GMT
server: AmazonS3
age: 300
etag: W/"2800209e8aeb95080673854b4b846aba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: sZRzoOYnf81tfiK9_DpXMRCdBCacVwC2qeRIPhATDTzAQl2cpvlwkg==

POST
H2 200 get_messages Show response
cmp.politico.eu/wrapper/v2/ 148 KB
11 KB 27ms
27ms XHR
application/json 13.32.21.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.politico.eu/wrapper/v2/get_messages?requestUUID=3d7e6171-1004-4fa7-aaac-4ec35ed85d4b&hasCsp=true&env=prod

Requested by

Host: cmp.politico.eu
URL: https://cmp.politico.eu/unified/wrapperMessagingWithoutDetection.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-69.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

ec42f07a541675a00359a006ef8657fe29d19703a02850d436840ace4e939a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://www.politico.eu/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: gzip
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.politico.eu
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-cache: Miss from cloudfront
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id: SZ1Me23Cs7ROgV1yfHRyD1WlkG7AtzolF6ZybWZ3_TzKjQzFv-gvUg==
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)

OPTIONS
H2 200 get_messages
cmp.politico.eu/wrapper/v2/ Frame 0
0 28ms
11ms Preflight
text/plain 13.32.21.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.politico.eu/wrapper/v2/get_messages?requestUUID=3d7e6171-1004-4fa7-aaac-4ec35ed85d4b&hasCsp=true&env=prod

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-69.fra56.r.cloudfront.net

Software

/ Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.politico.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/plain; charset=utf-8
content-length: 2
date: Thu, 23 Dec 2021 11:41:36 GMT
x-powered-by: Express
access-control-allow-origin: https://www.politico.eu
access-control-allow-credentials: true
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods: GET, PUT, POST, DELETE
cache-control: no-cache, no-store
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 07fbd2276304c86925071791c7032951.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: fgeNPcNXU8dV1Bac3euKmYhlySMgT5NuSeS-yu5gGlxn4O7hCQQ4Cw==

GET
H2 200 hotjar-1736629.js Show response
static.hotjar.com/c/ 4 KB
2 KB 37ms
8ms Script
application/javascript 13.32.21.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1736629.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLNH8XV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.15 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-15.fra56.r.cloudfront.net

Software

Resource Hash

b1b0970b80049e03b5171a81345fc80246b61661dfeeef8f2e421fa9e65cf374

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:22 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 41
etag: W/e2a68e2c961a15e5a5d92bdeb5027312
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: H1h8YkIqMlwHVXYV9OA6bppo0AZxVRoaBwoXhuBDqiZ5YtBCyNd5kw==
via: 1.1 0a4e8f7c3d348e526848328c55dd452b.cloudfront.net (CloudFront)

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLNH8XV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 402
date: Thu, 23 Dec 2021 11:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 23 Dec 2021 13:34:54 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 34ms
8ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kcgs7200159-IAD, cache-hhn11532-HHN

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 27ms
10ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 11:41:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=77063
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.0/dist/ 4 KB
2 KB 43ms
21ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLNH8XV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6341028
fly-request-id: 01FHPJ8KE2MXBY6D10158EXMPT
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c2152602b0c5c2c-FRA

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 310ms
100ms Image
image/gif 3.233.54.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=politico.eu&p=%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&u=CPLJMpBf6Q0EDMkqCU&d=politico.eu&g=33430&g0=Foreign%20Affairs&g1=Giulia%20Paravicini&n=1&f=00001&c=0&x=0&m=0&y=9476&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=678&t=EY48DB6Rwv2CQiko9DcdvSZDz4oRh&V=129&i=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries%20%E2%80%93%20POLITICO&tz=0&sn=1&sv=sb0eLbLWqSB4OXLYDAS2wABmXuSy&sd=1&im=067b0fff&_
Requested by: Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.233.54.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-233-54-203.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 11:41:36 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=394368290733607&ev=PageView&dl=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&rl=&if=false&ts=1640259696662&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&cd[language]=en-US&cd[referrer]=&sw=1600&sh=1200&v=2.9.48&r=stable&a=dvpixelcaffeinewordpress&ec=0&o=30&fbp=fb.1.1640259696660.1999090778&it=1640259696462&coo=false&rqm=GET

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 23 Dec 2021 11:41:36 GMT

POST
H3 204 AGSKWxWFKMhrwZKtrlTL58Az-ZwFmwp_-YhUR2nMcrDrylNNDjrj4xPSoVsOxusyTdRjCcGZ822QLoDM_YDFav99hSE= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 40ms
24ms XHR
text/html 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWFKMhrwZKtrlTL58Az-ZwFmwp_-YhUR2nMcrDrylNNDjrj4xPSoVsOxusyTdRjCcGZ822QLoDM_YDFav99hSE=?pvid=6D80435B-A3C3-44FA-8C4F-F1CA9D4C2F5B&anonid=472B5464-F492-4C8A-801D-8E2F8D8A3119

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.KLc8KbJV95Q.es5.O/d=1/rs=AJlcJMwJqmdDiwK4nS6at5D4r4_xZPDaSg/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y23n0aHaDiKBOZ/iGV5KPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-y23n0aHaDiKBOZ/iGV5KPQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.politico.eu/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.politico.eu
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-y23n0aHaDiKBOZ/iGV5KPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-y23n0aHaDiKBOZ/iGV5KPQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
cmp.politico.eu/ Frame 0A32 4 KB
2 KB 8ms
7ms Document
text/html 13.32.21.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.politico.eu/index.html?message_id=527577&consentUUID=04ac38d4-92ef-4f8d-800a-1a4ad2ba490b&requestUUID=3d7e6171-1004-4fa7-aaac-4ec35ed85d4b&preload_message=true
Requested by: Host: cmp.politico.eu
URL: https://cmp.politico.eu/unified/wrapperMessagingWithoutDetection.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-69.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/

Response headers

content-type: text/html
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
content-encoding: gzip
date: Thu, 23 Dec 2021 10:47:26 GMT
etag: W/"89b8a4c9183b2e83d76d4204d34d51f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 4RW0kGkv6G9brh8kWVfwP1XyQXiF1OD1V5IOSxg0fttDe18J3Cwnqw==
age: 3250

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1640259696703&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D515964%26time%3D1640259696703%26url%3Dhttps%253A%252F%252Fwww.politico.eu%252Fart...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1640259696703&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1640259696703&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&liSync=true...

0
156 B

319ms
123ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1640259696703&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&liSync=true&e_ipv6=AQJQJAwEx_cpuQAAAX3nGLmINLhjE8RJV7GBZtXFmHa2bHbH7FoKJ0rLtfcc83QbvR9Is69Ubg
Requested by: Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:37 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: gBxKFoFfwxYwC8u6LCsAAA==

Redirect headers

date: Thu, 23 Dec 2021 11:41:37 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 673E29916CA145B5BB4605A037C8B66B Ref B: FRAEDGE0818 Ref C: 2021-12-23T11:41:36Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1640259696703&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&liSync=true&e_ipv6=AQJQJAwEx_cpuQAAAX3nGLmINLhjE8RJV7GBZtXFmHa2bHbH7FoKJ0rLtfcc83QbvR9Is69Ubg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXTzriUiAQti+yqlw+RyA==

GET
H2 200 modules.6d5409da698bc5e020b1.js Show response
script.hotjar.com/ 228 KB
60 KB 26ms
9ms Script
application/javascript 13.32.21.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.6d5409da698bc5e020b1.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1736629.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-99.fra56.r.cloudfront.net

Software

Resource Hash

9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 16:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 156690
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 61259
access-control-allow-origin: *
last-modified: Tue, 21 Dec 2021 16:09:54 GMT
etag: "a250696209ae851dce97a4101057f333"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: hOUzQ8yHIOwYngRdn-MngI93AEMudxNAtQ4o8eYkfk9XzQxxYq2I8Q==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1988940731&t=pageview&_s=1&dl=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&ul=en-us&de=UTF-8&dt=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries%20%E2%80%93%20POLITICO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1278730821&gjid=1416652765&cid=873580076.1640259697&tid=UA-4042686-1&_gid=479950993.1640259697&_r=1&gtm=2wgc10MLNH8XV&cd1=Foreign%20Affairs&cd2=Interest%20rates%2COil%2CSanctions&cd3=Giulia%20Paravicini&cd4=article&cd5=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries&cd8=805282&cd10=en&cd11=February%208%2C%202018%204%3A02%20am&cd12=Thursday&cd15=Muammar%20Gaddafi&cd16=Belgium%2CLibya&z=770234807

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.politico.eu/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.politico.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
675 B 134ms
117ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2lae&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=bbbd452c-a925-4a77-9d74-6f8f45504c83&tw_document_href=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Thu, 23 Dec 2021 11:41:36 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 980b32fc9a5e68c2c117d3f82e26fde29940b32e90a9fcde1bc3f8e295afdc5d
x-transaction: a7e3b8f4735fadd6
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
470 B 140ms
120ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o2lae&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=bbbd452c-a925-4a77-9d74-6f8f45504c83&tw_document_href=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Thu, 23 Dec 2021 11:41:36 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9c238c28ba91588bc18543ec2ec103777c27d0bf79d25a3f31e92baef1c6b815
x-transaction: 831a9a0efd1bfd6b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 Notice.03819.css
cmp.politico.eu/ Frame 0A32 32 KB
6 KB 8ms
8ms Stylesheet
text/css 13.32.21.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.politico.eu/Notice.03819.css
Requested by: Host: cmp.politico.eu
URL: https://cmp.politico.eu/index.html?message_id=527577&consentUUID=04ac38d4-92ef-4f8d-800a-1a4ad2ba490b&requestUUID=3d7e6171-1004-4fa7-aaac-4ec35ed85d4b&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-69.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.politico.eu/index.html?message_id=527577&consentUUID=04ac38d4-92ef-4f8d-800a-1a4ad2ba490b&requestUUID=3d7e6171-1004-4fa7-aaac-4ec35ed85d4b&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 10:47:26 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
age: 3250
etag: W/"894f01a34ee58f1147257366e6a6bde7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: -aDzB9XWxAQQfsiT_vAVrG3zAZLWyMFD1tY_76pUEz8kEdooPBOetQ==

GET
H2 200 polyfills.d36c5.js Show response
cmp.politico.eu/ Frame 0A32 5 KB
2 KB 8ms
8ms Script
application/javascript 13.32.21.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.politico.eu/polyfills.d36c5.js
Requested by: Host: cmp.politico.eu
URL: https://cmp.politico.eu/index.html?message_id=527577&consentUUID=04ac38d4-92ef-4f8d-800a-1a4ad2ba490b&requestUUID=3d7e6171-1004-4fa7-aaac-4ec35ed85d4b&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-69.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.politico.eu/index.html?message_id=527577&consentUUID=04ac38d4-92ef-4f8d-800a-1a4ad2ba490b&requestUUID=3d7e6171-1004-4fa7-aaac-4ec35ed85d4b&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 10:47:26 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
age: 3250
etag: W/"89661b8fd918815bcb224bba79cabab1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Qc7OIbfP3YsRWQiqvE8SEP2UbjTT3O3piutLY_ONCdrLh7COHWHHYg==

GET
H2 200 Notice.70828.js Show response
cmp.politico.eu/ Frame 0A32 209 KB
52 KB 9ms
8ms Script
application/javascript 13.32.21.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.politico.eu/Notice.70828.js
Requested by: Host: cmp.politico.eu
URL: https://cmp.politico.eu/index.html?message_id=527577&consentUUID=04ac38d4-92ef-4f8d-800a-1a4ad2ba490b&requestUUID=3d7e6171-1004-4fa7-aaac-4ec35ed85d4b&preload_message=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-69.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.politico.eu/index.html?message_id=527577&consentUUID=04ac38d4-92ef-4f8d-800a-1a4ad2ba490b&requestUUID=3d7e6171-1004-4fa7-aaac-4ec35ed85d4b&preload_message=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 10:47:26 GMT
content-encoding: gzip
last-modified: Thu, 18 Nov 2021 02:51:09 GMT
server: AmazonS3
age: 3250
etag: W/"3f789fabb7890dc26d3914692795ffb3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: n8dv0lZMIPp6cfhbeCOugNIpRT2pegVFcc9lz3vMynFif3kNy2zj5w==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
445 B 44ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4042686-1&cid=873580076.1640259697&jid=1278730821&gjid=1416652765&_gid=479950993.1640259697&_u=YEBAAEAAAAAAAC~&z=212256298

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.politico.eu/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 23 Dec 2021 11:41:36 GMT
content-type: text/plain
access-control-allow-origin: https://www.politico.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame 95CA 2 KB
1 KB 26ms
8ms Document
text/html 143.204.209.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1736629.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-120.fra53.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: j_ElPc9PZ-DzMMuf4_7UV0xUbjvn3vjzqOmNF5zX04pG8DN_x0sKrA==
age: 1799310

GET
H2 200 categories Show response
cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/ Frame 0A32 769 B
1 KB 47ms
11ms Fetch
application/json 65.9.58.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacy-mgmt.com/consent/tcfv2/vendor-list/categories?siteId=7473&consentLanguage=en

Requested by

Host: cmp.politico.eu
URL: https://cmp.politico.eu/Notice.70828.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.58.57 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-58-57.fra56.r.cloudfront.net

Software

Resource Hash

9a632b6422e1a56c75fe31d7696f7e3d9a98327f5fd441866d74756ebe120ae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cmp.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 11:41:36 GMT
via: 1.1 c888f786e25e6e3c7dbb7e9da462d715.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cmp.politico.eu
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
content-length: 769
x-amz-cf-id: XhiofjnU3dmkxMNNHTQjrTr05uEJtam9lzW5SpzWYAX-7hMX7dNK4w==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 54ms
31ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4042686-1&cid=873580076.1640259697&jid=1278730821&_u=YEBAAEAAAAAAAC~&z=100619962

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 55ms
32ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4042686-1&cid=873580076.1640259697&jid=1278730821&_u=YEBAAEAAAAAAAC~&z=100619962

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 11:41:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxX923Zr8rPV2azzIn_mHOp3QNA9VIqmTXn0PPUHtOFmQpVWOluYaVzoTeSBggzauafk8XSf-yVsRW-mqOPYrbo= Show response
fundingchoicesmessages.google.com/f/ 38 KB
14 KB 50ms
35ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX923Zr8rPV2azzIn_mHOp3QNA9VIqmTXn0PPUHtOFmQpVWOluYaVzoTeSBggzauafk8XSf-yVsRW-mqOPYrbo=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQwMjU5Njk3LDEyMzAwMDAwMF0sIjZEODA0MzVCLUEzQzMtNDRGQS04QzRGLUYxQ0E5RDRDMkY1QiIsIjQ3MkI1NDY0LUY0OTItNEM4QS04MDFELThFMkY4RDhBMzExOSIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLGZhbHNlLGZhbHNlXSwiaHR0cHM6Ly93d3cucG9saXRpY28uZXUvYXJ0aWNsZS9tdWFtbWFyLWdhZGRhZmktZnJvemVuLWZ1bmRzLWJlbGdpdW0tdW5rbm93bi1iZW5lZmljaWFyaWVzLyIsbnVsbCxbXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4ad1a75309d51073ff0590e7072bc74454da8c39a3344f28c01877867b80b05

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jaORryprIA1w6AD6V8AjTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-jaORryprIA1w6AD6V8AjTw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 11:41:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jaORryprIA1w6AD6V8AjTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-jaORryprIA1w6AD6V8AjTw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0FB2 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.politico.eu
URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.politico.eu
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.politico.eu
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Thu, 23 Dec 2021 11:41:37 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1988940731&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&ul=en-us&de=UTF-8&dt=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries%20%E2%80%93%20POLITICO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=10%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=873580076.1640259697&tid=UA-4042686-1&_gid=479950993.1640259697&gtm=2wgc10MLNH8XV&cd1=Foreign%20Affairs&cd2=Interest%20rates%2COil%2CSanctions&cd3=Giulia%20Paravicini&cd4=article&cd5=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries&cd8=805282&cd10=en&cd11=February%208%2C%202018%204%3A02%20am&cd12=Thursday&cd15=Muammar%20Gaddafi&cd16=Belgium%2CLibya&z=754875577

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 15:11:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73815
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1988940731&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&ul=en-us&de=UTF-8&dt=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries%20%E2%80%93%20POLITICO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=25%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=873580076.1640259697&tid=UA-4042686-1&_gid=479950993.1640259697&gtm=2wgc10MLNH8XV&cd1=Foreign%20Affairs&cd2=Interest%20rates%2COil%2CSanctions&cd3=Giulia%20Paravicini&cd4=article&cd5=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries&cd8=805282&cd10=en&cd11=February%208%2C%202018%204%3A02%20am&cd12=Thursday&cd15=Muammar%20Gaddafi&cd16=Belgium%2CLibya&z=303215347

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 15:11:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73815
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1988940731&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&ul=en-us&de=UTF-8&dt=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries%20%E2%80%93%20POLITICO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=50%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=873580076.1640259697&tid=UA-4042686-1&_gid=479950993.1640259697&gtm=2wgc10MLNH8XV&cd1=Foreign%20Affairs&cd2=Interest%20rates%2COil%2CSanctions&cd3=Giulia%20Paravicini&cd4=article&cd5=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries&cd8=805282&cd10=en&cd11=February%208%2C%202018%204%3A02%20am&cd12=Thursday&cd15=Muammar%20Gaddafi&cd16=Belgium%2CLibya&z=1890887148

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 15:11:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73815
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1988940731&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&ul=en-us&de=UTF-8&dt=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries%20%E2%80%93%20POLITICO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=75%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=873580076.1640259697&tid=UA-4042686-1&_gid=479950993.1640259697&gtm=2wgc10MLNH8XV&cd1=Foreign%20Affairs&cd2=Interest%20rates%2COil%2CSanctions&cd3=Giulia%20Paravicini&cd4=article&cd5=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries&cd8=805282&cd10=en&cd11=February%208%2C%202018%204%3A02%20am&cd12=Thursday&cd15=Muammar%20Gaddafi&cd16=Belgium%2CLibya&z=760975736

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 15:11:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73815
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1988940731&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&ul=en-us&de=UTF-8&dt=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries%20%E2%80%93%20POLITICO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=100%25&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=873580076.1640259697&tid=UA-4042686-1&_gid=479950993.1640259697&gtm=2wgc10MLNH8XV&cd1=Foreign%20Affairs&cd2=Interest%20rates%2COil%2CSanctions&cd3=Giulia%20Paravicini&cd4=article&cd5=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries&cd8=805282&cd10=en&cd11=February%208%2C%202018%204%3A02%20am&cd12=Thursday&cd15=Muammar%20Gaddafi&cd16=Belgium%2CLibya&z=1128272262

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.politico.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Dec 2021 15:11:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73815
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries	1969-12-31 23:59:59	Name: Value: test
.politico.eu/	1970-01-19 23:37:41	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/%22%2C%22sref%22:%22%22%2C%22sts%22:1640259696432%2C%22slts%22:0}
.politico.eu/	1970-01-20 09:07:03	Name: _parsely_visitor Value: {%22id%22:%22pid=05afee733d6e2402b70deebe0dabc5a8%22%2C%22session_count%22:1%2C%22last_session_ts%22:1640259696432}
www.politico.eu/	1970-01-20 09:06:27	Name: _cb_ls Value: 1
www.politico.eu/	1969-12-31 23:59:59	Name: politico_handclap_posts Value: []
www.politico.eu/	1970-01-20 09:06:27	Name: _cb Value: CPLJMpBf6Q0EDMkqCU
www.politico.eu/	1970-01-20 09:06:27	Name: _chartbeat2 Value: .1640259696555.1640259696555.1.sb0eLbLWqSB4OXLYDAS2wABmXuSy.1
www.politico.eu/	1970-01-19 23:37:41	Name: _cb_svref Value: null
.politico.eu/	1970-01-20 01:47:15	Name: _gcl_au Value: 1.1.746044437.1640259697
.politico.eu/	1970-01-20 01:47:15	Name: _fbp Value: fb.1.1640259696660.1999090778
www.politico.eu/	1970-01-20 08:23:15	Name: consentUUID Value: 04ac38d4-92ef-4f8d-800a-1a4ad2ba490b
.politico.eu/	1970-01-20 17:08:51	Name: _ga Value: GA1.2.873580076.1640259697
.politico.eu/	1970-01-19 23:39:06	Name: _gid Value: GA1.2.479950993.1640259697
.politico.eu/	1970-01-19 23:37:39	Name: _gat_UA-4042686-1 Value: 1
.linkedin.com/	1970-01-20 00:20:51	Name: UserMatchHistory Value: AQLQK_hj7gTiyAAAAX3nGLiNTx8kgc2aRJDDmf5PK5LN5cD1DnqayplSXuOYH40edMiOESH8BEl72A
.linkedin.com/	1970-01-20 00:20:51	Name: AnalyticsSyncHistory Value: AQKJ586De2ePYAAAAX3nGLiN_glDVzKTnJ6yxDo1gMLfzElclYOANR8NM8bH4e7peSj8xnDWBPNJKFSt3hofKg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:09:33	Name: bcookie Value: "v=2&0a31d45d-645e-4367-86f1-1de6f5e50d05"
.linkedin.com/	1970-01-19 23:39:06	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2523:u=1:x=1:i=1640259696:t=1640346096:v=2:sig=AQHKaNDXVWEPhJ2hFUxIYlXRU1u5rNNY"
.twitter.com/	1970-01-20 17:08:51	Name: personalization_id Value: "v1_kJkTVXU5UAwymadFRZFBrg=="
.politico.eu/	1970-01-20 08:23:15	Name: _hjSessionUser_1736629 Value: eyJpZCI6ImI5MzViNDE0LTlhNjctNWZkMy04ZDAxLWZkY2YwOWNhMWJlOSIsImNyZWF0ZWQiOjE2NDAyNTk2OTY3NTMsImV4aXN0aW5nIjpmYWxzZX0=
.politico.eu/	1970-01-19 23:37:41	Name: _hjFirstSeen Value: 1
.politico.eu/	1970-01-19 23:37:41	Name: _hjSession_1736629 Value: eyJpZCI6ImQyOGIxMzM5LWZlOTgtNDA2Ni1iMDg3LWMwZWEzMDQ2Njc4YyIsImNyZWF0ZWQiOjE2NDAyNTk2OTY4NjJ9
www.politico.eu/	1970-01-19 23:37:39	Name: _hjIncludedInSessionSample Value: 0
.politico.eu/	1970-01-19 23:37:41	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:09:33	Name: bscookie Value: "v=1&20211223114136ca17472c-d42a-4ee4-81d0-6071581acc07AQG7GitX4InA4bi_olzB38Hp6HtcKJw7"
.linkedin.com/	1970-01-20 17:01:15	Name: li_gc Value: MTswOzE2NDAyNTk2OTY7MjswMjGqh7D3LZDSjlKn8lm9PykWBKFlOOXmSGFdhUeJ30DNXA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/(Line 27) Message: <link rel=preload> has an unsupported `type` value
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
c.amazon-adsystem.com
cdn.parsely.com
cdn.privacy-mgmt.com
cmp.politico.eu
connect.facebook.net
fundingchoicesmessages.google.com
p1.parsely.com
ping.chartbeat.net
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.chartbeat.com
static.hotjar.com
stats.g.doubleclick.net
t.co
unpkg.com
vars.hotjar.com
widget.politico.eu
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.linkedin.com
www.politico.eu
104.244.42.131
104.244.42.5
108.174.10.14
13.32.21.15
13.32.21.69
13.32.21.99
13.32.29.201
142.250.185.66
143.204.209.120
199.232.136.157
2600:9000:2057:6a00:2:5291:8280:93a1
2600:9000:214f:ca00:18:1fcd:34f:cdc1
2606:4700:20::681a:875
2606:4700::6810:7daf
2620:1ec:21::14
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2003
2a00:1450:400c:c06::9d
2a02:26f0:6c00::210:ba0a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.233.54.203
34.194.161.83
65.9.58.57
65.9.7.60
001b94577ec2f76e97f364b7e4703dde056560f9dd6becb7912e7c986469d445
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09883ab3ad2f6e8f83d45fb7e0bb79972c79c487fe36d8162bb1c9aa65d59b6d
0ffdf994819f279d76e9536d142a997a1cbf99cc224b6da03ff3ac1564edf3a7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25e4521abb90ae6f17b9a111dac828f25e3f083d9837b506addd33a82e4cf98b
2be99b99f418219be8ca7a986038e1a94c5df5b2c91a0c0d9ee35552fbb8fde8
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46
3eae90d97a20e7d36f1cf1d90e2732a0c78ee2fc9c8b2766d7e51d19851177f5
43214b89245d0798de38bbefccc32afaa328f85c2502ad39b15091bc0d0c8d33
436783e972bedd1ac991a42bfb4bdd1f2d2a946b6abcbafc7665a6cfd774a7f1
47a648a901d4b103432ae94f6d8964d225edf0ad3176bc1905500293cb2d2bbc
498d017c7df4ed4e2a5945e5502cbd57fd431fa898b4fd3209fdc045c3c34d7e
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e858e4c408a7da3bca6525519fd1bebf80ae3fcbe3df81b8909a6bc479e188b
5124324d76d543186718728f1ea0496403eb2b11816357db69def8c2ced41f45
51eb44a48f2ec3bf5ee39395698b49d23ad55ed26f05bcbbccbeb1e128f477ef
533b23c57b1770cc3ee9c15b998b2eb494fa0adb2d6929fd22a9b78adfade3a7
566b0aee0cae2b02daa9a43461881182e6ec302f1b3e627068315cf97cccb61d
68eaff1a2a13619047f4d9951336b1de83875591dc262a1d95cdd464c0c3d02d
6c34528856d91109443f4757d13fea87be0dc86ea20e13d7a8af5ea91c18d53d
6d2ab774891ab10f070da7a80db17fd54e10645c175b273acca86357f0f8b4ea
7004c2926c3858a1228bde1ec4462d8a468a0945ec2fc2a3e86d08a5e0adeb01
723f72fa016da3d36dd0f8024beed74b040370331c9d9c69b4a09b2b089d1e95
771aab9b7a93154ca223a348e5ce6a88c311b74caeb687f8c0ced949296b9b8f
805a3554d61478a44d120b299471dd8bf020d64f8a5691f93977c1903e1c49bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89103cbb04e7b236ece75ca34ed4c6e84d40a60ee5ad613d6490f956be7c4157
8ac797c35537a963bde0adcb6d35aac1c0df87cf0227465ffc396b98ec68d1ea
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
94531da23994979a5942bff3c4b46adcda95ec8bf9a883b9c5a077df56bd6fb2
9a632b6422e1a56c75fe31d7696f7e3d9a98327f5fd441866d74756ebe120ae5
9c4e5748b76ca33caac131e0225d2e86ccbf6e156ad007145f6a9c4d34cecbf9
a01332d87086d5dfa7ddc473dabfcca011b9a98ef7611c9d0b003684c94d0329
a13bbfbdf5c062b7107267f9c2482364b29f46ea19295b03926ee6e65113359a
a164ab7d62fc337d27623915bc9dac449a279bf7c927b3be314cee68d6c45494
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af741a6627d0cba98a0dcdd237cbfd04d6aca87c5e0347c43ea34ddb7860d7f5
b16e4fdd3534e5df810787df45c2b8441ef95029ca125ab45d99f0bc68da9bc0
b1b0970b80049e03b5171a81345fc80246b61661dfeeef8f2e421fa9e65cf374
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b5721339b9e908505b371c18888b257eb637231045cc744afb1e7f3684ee478c
bd60fbf94f06ccee8f9d9b5f1222fa5c674e1bfcf07d8e9e9ee91c03c94155bb
be0ed21fa0200f3af2117db5b3551710d4b1b28be3f148348893e2b38774aaf0
c8749df62cad8b7c300bf709ad6dea89e59831cd5b305b6450877af40c131ffb
c93c78657ecbca578814bb085dfb61c548146d2199c6437dd80ff84b1539fc52
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d198aa686d1152dea61220e984befd325376330286ffbeb9bba9d43347c2f065
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d4ad1a75309d51073ff0590e7072bc74454da8c39a3344f28c01877867b80b05
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99bd769170a27455daef77ae15c487d2f3abcd36bdcdc7113af00ebe9c1d929
ec42f07a541675a00359a006ef8657fe29d19703a02850d436840ace4e939a65
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

www.politico.eu Open in urlscan Pro 2606:4700:20::681a:875 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

99 %HTTPS

50 %IPv6

20 Domains

29 Subdomains

27 IPs

3 Countries

1691 kBTransfer

4485 kBSize

28 Cookies

21 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.politico.eu Open in urlscan Pro
2606:4700:20::681a:875 Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

99 %
HTTPS

50 %
IPv6

20
Domains

29
Subdomains

27
IPs

3
Countries

1691 kB
Transfer

4485 kB
Size

28
Cookies

75 HTTP transactions
0 data transactions