www.cleveland19.com Open in urlscan Pro
2a02:26f0:6c00::210:ba19 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Submission: On January 02 via api (January 2nd 2022, 3:02:28 pm UTC) from BE — Scanned from DE

Summary HTTP 157 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 43 IPs in 7 countries across 34 domains to perform 157 HTTP transactions. The main IP is 2a02:26f0:6c00::210:ba19, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.cleveland19.com.
TLS certificate: Issued by R3 on November 2nd 2021. Valid for: 3 months.

This is the only time www.cleveland19.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:c00... 2a04:4e42:c00::282	54113 (FASTLY) (FASTLY)
11	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:20e... 2600:9000:20eb:4200:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
4	35.201.98.64 35.201.98.64	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
14	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	18.210.73.231 18.210.73.231	14618 (AMAZON-AES) (AMAZON-AES)
1 3	13.225.73.71 13.225.73.71	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
4	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:5a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	54.208.129.20 54.208.129.20	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	13.225.83.200 13.225.83.200	16509 (AMAZON-02) (AMAZON-02)
3	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	116.202.48.214 116.202.48.214	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
8	64.202.112.223 64.202.112.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
2	46.236.13.147 46.236.13.147	12703 (PULSANT-AS) (PULSANT-AS)
1 2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.73.126 13.225.73.126	16509 (AMAZON-02) (AMAZON-02)
2	3.248.87.88 3.248.87.88	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
157	43

8 2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.cleveland19.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:c00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:6c00::210:bb59 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

gray-woio-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:4200:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.98.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.98.201.35.bc.googleusercontent.com

reconditerespect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.73.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-73-231.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.73.71 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-71.fra2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:5a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.129.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-129-20.compute-1.amazonaws.com

cs.choozle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 116.202.48.214 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.214.48.202.116.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 136.243.149.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal900030.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 64.202.112.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Mannheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-126.fra2.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.87.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-87-88.eu-west-1.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	253 KB
19	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com mv.outbrain.com	172 KB
18	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net 8019191.fls.doubleclick.net	191 KB
15	outbrainimg.com tcheck.outbrainimg.com images.outbrainimg.com	536 KB
11	arcpublishing.com gray-woio-prod.cdn.arcpublishing.com	367 KB
9	piano.io api-esp.piano.io	30 KB
8	redintelligence.net hal9000.redintelligence.net hal900030.redintelligence.net	56 KB
8	cleveland19.com 1 redirects www.cleveland19.com	361 KB
6	google.com adservice.google.com www.google.com	2 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	googletagservices.com www.googletagservices.com	146 KB
4	ensighten.com nexus.ensighten.com	11 KB
4	reconditerespect.com reconditerespect.com	33 KB
3	webgains.io analytics.webgains.io api.webgains.io	51 KB
3	medialead.de 3 redirects pv.medialead.de medialead.de	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	cloudflare.com cdnjs.cloudflare.com	102 KB
2	gstatic.com fonts.gstatic.com	26 KB
2	webgains.com track.webgains.com	2 KB
2	adsrvr.org 1 redirects insight.adsrvr.org	408 B
2	googletagmanager.com www.googletagmanager.com	78 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	awin1.com www.awin1.com	702 B
1	ad-server.eu ad-server.eu	312 B
1	media01.eu pb.media01.eu	627 B
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	667 B
1	choozle.com cs.choozle.com	123 B
1	adsafeprotected.com static.adsafeprotected.com	481 B
1	google.de adservice.google.de	792 B
1	chartbeat.net ping.chartbeat.net	201 B
1	jquery.com code.jquery.com	29 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	polyfill.io polyfill.io	560 B
157	34

	Domain	Requested by
14	images.outbrainimg.com	www.cleveland19.com
14	securepubads.g.doubleclick.net	www.cleveland19.com securepubads.g.doubleclick.net www.googletagservices.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com tpc.googlesyndication.com
11	gray-woio-prod.cdn.arcpublishing.com	www.cleveland19.com gray-woio-prod.cdn.arcpublishing.com
9	api-esp.piano.io	www.cleveland19.com code.jquery.com api-esp.piano.io
8	mcdp-nydc1.outbrain.com	widgets.outbrain.com
8	www.cleveland19.com	1 redirects www.cleveland19.com
7	widgets.outbrain.com	www.cleveland19.com widgets.outbrain.com
6	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	hal900030.redintelligence.net	hal9000.redintelligence.net hal900030.redintelligence.net
4	hal9000.redintelligence.net	www.cleveland19.com hal900030.redintelligence.net
4	www.googletagservices.com	securepubads.g.doubleclick.net 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
4	www.google.com	www.cleveland19.com 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	nexus.ensighten.com	www.googletagmanager.com nexus.ensighten.com
4	reconditerespect.com	www.cleveland19.com reconditerespect.com
3	tags.mathtag.com	763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com tags.mathtag.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.cleveland19.com
3	sb.scorecardresearch.com	1 redirects www.cleveland19.com
3	cdnjs.cloudflare.com	www.cleveland19.com cdnjs.cloudflare.com
2	api.webgains.io	analytics.webgains.io
2	fonts.gstatic.com	fonts.googleapis.com
2	8019191.fls.doubleclick.net	1 redirects www.cleveland19.com
2	track.webgains.com	www.cleveland19.com 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
2	pv.medialead.de	2 redirects
2	odb.outbrain.com	widgets.outbrain.com
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net 8019191.fls.doubleclick.net
2	www.googletagmanager.com	www.cleveland19.com www.googletagmanager.com
1	analytics.webgains.io	track.webgains.com
1	fonts.googleapis.com	hal900030.redintelligence.net
1	mv.outbrain.com	widgets.outbrain.com
1	www.awin1.com	763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
1	ad-server.eu	763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	pb.media01.eu	hal900030.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	d1eoo1tco6rr5e.cloudfront.net	nexus.ensighten.com
1	cs.choozle.com	www.cleveland19.com
1	static.adsafeprotected.com	www.cleveland19.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	ping.chartbeat.net	www.cleveland19.com
1	code.jquery.com	api-esp.piano.io
1	widget-pixels.outbrain.com	www.cleveland19.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	static.chartbeat.com	www.cleveland19.com
1	polyfill.io	www.cleveland19.com
157	48

This site contains links to these domains. Also see Links.

Domain
woio.incentrev.com
www.greathealthdivide.com
www.cleweekend.com
cw43.revrocket.us
www.investigatetv.com
www.graydc.com
www.circleallaccess.com
www.fullcourtgreta.com
www.vuit.com
www.facebook.com
www.twitter.com
goo16.com
shefence-citional.com
bredings-person.com
forschung.aktuelles-zur-gesundheit.com
versicherung.dentolo.de
galleries.parentsdome.com
www.outbrain.com
www.fisherinvestments.com
safesly.com
track.rpggame5.com
canadaims.com
trck.tracking505.com
www.gentside.de
groovyhistory.com
publicfiles.fcc.gov
webpubcontent.gray.tv
cbs19advertising.com

Subject Issuer	Validity	Valid
gray3.web.arc-cdn.net R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2021-11-29` - `2022-12-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
reconditerespect.com R3	`2021-11-14` - `2022-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.choozle.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-21` - `2022-05-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
*.webgains.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-20` - `2022-06-20`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.webgains.io Amazon	`2021-03-12` - `2022-04-10`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Frame ID: C5F3CA129441AEF5D88EBC0D6AE4B179
Requests: 99 HTTP requests in this frame

Frame: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5F7ED9C59144AAFCD0ABA7CC48898A26
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV4P3Xo8g4xdbqSfhbetySUNRhvfHDTGg4M9e60tIX69X30Hs0XzmayOt5ksESubxflnpKktguPS8QrX5taz6acMkWe8p_7X1o1xhpc23UxhG77_RiXmBF7aKGtbfwSEZYtPyqMJxTCfayqPl2-3P7CZYuYD7hsu5NyooDs127YmGIjrkRk43pUEw-aY-pC4Xkt_5OpoPt50rVZ9GPlKJb4b5QtRbFeXsV_ikLrWJ0NCBrP9X5s3hQai6ktbhJE8WXZdek7MjaiEaJ5uws9bCvQNEbNXz47HAX-PCCqoVLqfSMHZ3m64ieMfzK&sai=AMfl-YS81mOhN7z7AxwIPY0u-_0d7xU7dqi9IIX-qmCc4OZdyD9jn61056RR6SXTycCYsefKUJpAk4-ejycqbmeBqVI6o0avm4GoMFH4xcCKWJ86np2jwRH_GAnLe2jsMhLq&sig=Cg0ArKJSzEn8p7ua-YIvEAE&uach_m=[UACH]&adurl=
Frame ID: ED85BF807471002087360793F2EB0A67
Requests: 6 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/tozgx5g/p3xe0m4/iframe
Frame ID: 0745778054BA4A507FDB4E8EC2BF4FDA
Requests: 2 HTTP requests in this frame

Frame: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3B859F42A8F3D64AF1A7222A8684D61D
Requests: 21 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=45399700218683000951393011827030&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 248FCB8A8B78B4B35813E3343A20E55B
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMKH7oerk_UCFZscBgAds6UDEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3346517045791.2266
Frame ID: 83C5E6E4C791CBBE9E9827C874A65DA8
Requests: 2 HTTP requests in this frame

Frame: https://hal900030.redintelligence.net/request_content.php?s=45399700218683000951393011827030&a=dafc026e
Frame ID: DED94310114C2A6669B3F0871347F1CE
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6Y5exoVodGUSFwfN6bvTU5cXL3YIySlCOO9h0j7nofTreWY2KQGaqI6Wabbzdfo0tBGtnE_x43mDZShIzhX_nvJEpTWxu3_YZqEmjyVjUvaDRYCtHyr5rc5xEtlOiFCxs-yX9Uqd4oTHUwCxUHETqG6KG9D7NsR9FjbNA2_QSrS57i-KjuEzyuUAtR8vPyutB0BLyC5mIK_tzXxkpqOXruaku8-ZMFx_xNMIagwYp42AG-DLN-CAcbrMS0NhNo0JwsisLY2Mzpzq02gNKcK4oqjlLYP2yzJVY2o2h36yR4JkUXC8Xjj0DX5AJ&sai=AMfl-YQeOdNEEmwOt9qj1ZGAPAU9f352ihvLrpubCLUNbsBE1zyDEm_VvAn68sLZyhg1gudLSyKU-q-gK4t2FOCIfvi1QzuthHGybB7YWFfa5X1a4r0_Zwz7SfEITW7XnELK&sig=Cg0ArKJSzAIhOO3SGyD4EAE&uach_m=[UACH]&adurl=
Frame ID: BDFFAB544058C88A29D0E19343A3B35E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwgMPIODCc_NjwSuFtoODi1nntXOljevb-5kOqiwRY4JkfkJudIlhsH19z4rK5u9eVqXnDXdNYm0qXVFhMjO_t8tpLBDSoLZra9t2LfHxSgrztin8fq3HCiqDspw5u4h4r3pHjypZQ1RgVdfO5nUDG1e-rWJVYuYyutUu5vGpqc_ctyiCERuJjr_o7ChWQU2537KydXkpClHrNwb-OgerFCqMOsgNoYu7BUnUvtiX7lkzJFQ7ASotsAROIWxTJWI1ax-X7Hg73QkIOfBOZ11s8Phi-YAPxG_NTWZHYELbttEgLHUWLUV17dw8&sai=AMfl-YSGSso6TGZWeBUsyE0AkcAqcvLW0bzE0Wc4Cr1dOVUPz7GOjMUoxPpYeEpfaD9ow1JneGbWRZFq13Ysbk1AL-AY22hI1gJfgv4lC03brnkcYTpU0YVgf7EmbZBnTZWY&sig=Cg0ArKJSzO9a0RetlXMVEAE&uach_m=[UACH]&adurl=
Frame ID: 1F2A52258186DD9C39FCA26E048E256B
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FFB9F9694F542F8B310F8A82D42A771B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0A9A57160C61E71EF9C0FB329A41B34D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 / Page Not Found

Page URL History Show full URLs

https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af HTTP 301
https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

157
Requests

99 %
HTTPS

43 %
IPv6

34
Domains

48
Subdomains

43
IPs

7
Countries

2488 kB
Transfer

5420 kB
Size

26
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://woio.incentrev.com/category/local
Title: Deals

Search URL Search Domain Scan URL

URL: https://www.greathealthdivide.com/northeast-ohio/
Title: Bridging the Great Health Divide

Search URL Search Domain Scan URL

URL: http://www.cleweekend.com/
Title: CLE Weekend

Search URL Search Domain Scan URL

URL: https://cw43.revrocket.us/n/#!/home
Title: CW43 Cleveland

Search URL Search Domain Scan URL

URL: https://www.investigatetv.com/
Title: Investigate TV

Search URL Search Domain Scan URL

URL: https://www.graydc.com/
Title: Gray DC Bureau

Search URL Search Domain Scan URL

URL: http://www.circleallaccess.com/
Title: Circle - Country Music & Lifestyle

Search URL Search Domain Scan URL

URL: https://www.fullcourtgreta.com/
Title: Full Court Press with Greta Van Susteren

Search URL Search Domain Scan URL

URL: https://www.vuit.com/live/15988/woio/vod
Title: Latest Newscasts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Cleveland19News

Search URL Search Domain Scan URL

URL: https://www.twitter.com/Cleveland19

Search URL Search Domain Scan URL

URL: https://goo16.com/click.php?key=wffwwc9ijqda9hsgra7z&ob_click_id=$ob_click_id$&trafficsource=00f676dcb94c818f1b841d7addc1a67bb4&clickcost=$cpc$&trafficsource_name=$section_name$&siteid=$section_id$&campaign_name=ED_AMS_DE_Desktop_Young_Semi&obOrigUrl=true
Title: Ohne Arztbesuch: Wie du die blaue Pille bekommst Apomeds.com

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/05b647a3-ac78-48c2-9dbb-31cddb69ab67?utm_source=ob%E2%80%A6&utm_source=ob&utm_campaign=1002_dk&utm_term=$section_name$&utm_content=000d4afa137a625a18a5afad80fb5c896d-Deutscher+Arzt%3A++Wie+Sie+Ihren+Darm+entleeren&t=$ob_click_id$&a=ob&obOrigUrl=true
Title: Deutscher Arzt: Wie Sie Ihren Darm entleeren Nutrivia

Search URL Search Domain Scan URL

URL: https://bredings-person.com/a97e0fbd-5d38-4bd5-a78a-4ef25e8a6bea?utm_source=ob&utm_campaign=2010_dk&utm_term=$section_name$&utm_content=00cb5491b53eacb6ad8ffcd0d037c00838&t=$ob_click_id$&a=ob&obOrigUrl=true
Title: Ärzte verblüfft: Ein einfacher Tipp lindert jahrelangen Tinnitus (Heute Abend testen) Tinnitus Research

Search URL Search Domain Scan URL

URL: https://forschung.aktuelles-zur-gesundheit.com/de-de/lp-psl-outbrain-pst-pdeoutpst211129?utm_source=outbrain&utm_medium=cpc&utm_campaign=pdeoutpst210806&OutbrainClickId=$ob_click_id$&obOrigUrl=true
Title: Vergrößerte Prostata? Wiederholen Sie dieses kurze Ritual täglich aktuelles-zur-gesundheit.com

Search URL Search Domain Scan URL

URL: https://versicherung.dentolo.de/comparison-native/?utm_source=outbrain&utm_medium=display&utm_campaign=00d606db179c8a280d1ad4f63923f85b95&utm_content=0000bed53206fadba74c8af393c3ac2f1c&source=out_comparearticle_content&utm_term=$section_id$&obclid=$ob_click_id$&title=Das+sind+die+besten+Zahnzusatzversicherungen+2021%21&obOrigUrl=true
Title: Das sind die besten Zahnzusatzversicherungen 2021! Zahnzusatzversicherung 2021

Search URL Search Domain Scan URL

URL: https://galleries.parentsdome.com/general-knowledge-quiz/?utm_source=ob-quiz&utm_template=quiz&utm_medium=$publisher_name$-$section_name$&utm_term=$publisher_name$&utm_content=003582f59b595b7f27cc7951069d3e69f8&utm_campaign=xpd-ob-ww1-d-wisdomquiz-21.12.06-7152-cnr_p10_quiz_9428_chrome&utm_cpc=$cpc$&obOrigUrl=true
Title: Your IQ Is Over 140 If You Get Even 5/20 On This Quiz Parentsdome Galleries

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/df018706-aaf7-4a81-bca0-122942839cfc?utm_source=ob&utm_campaign=1510_desktop&utm_term=$section_name$&utm_content=001928bf2550be1f0a20718e340858a86c-Arthrose%3A+Ein+einfacher+Tipp%2C+um+Schmerzen+einfach+zu+lindern&t=$ob_click_id$&a=ob&obOrigUrl=true
Title: Arthrose: Ein einfacher Tipp, um Schmerzen einfach zu lindern

Search URL Search Domain Scan URL

URL: https://www.fisherinvestments.com/de-de/campaigns/10-fehler-im-ruhestand/1f/?PC=OUTDEQYEI5&CC=09XUDNXX&utm_source=Outbrain&utm_medium=Native&utm_campaign=TargetCPA_Desktop&utm_term=$publisher_name$&obOrigUrl=true
Title: Was ist der größte Fehler, den Anleger mit 500.000 € begehen?

Search URL Search Domain Scan URL

URL: https://safesly.com/c36d2a2b-a23a-4652-bca5-00e6350e809a?Campaign=DE_Verisure_Desktop_18&AdID=00802fbf3f85e0cc72b6ae604e6dca643b&PubID=$publisher_id$&PubName=$publisher_name$&SectionID=$section_id$&SectionName=$section_name$&SourceID=$source_id$&Headline=Mit+diesem+genialen+Trick+schlagen+Sie+jeden+Einbrecher+in+die+Flucht&OutbrainClickId=$ob_click_id$&conversionname=6HSale&obOrigUrl=true
Title: Mit diesem genialen Trick schlagen Sie jeden Einbrecher in die Flucht

Search URL Search Domain Scan URL

URL: https://track.rpggame5.com/44b6a7e8-f180-4726-9d5a-22afe0a2e25e?campaign_id=00b4129811e615b4720c11e3f48798ca10&publisher_id=$publisher_id$&publisher_name=$publisher_name$&ad_id=0052a59d05333d3e56e2faedc87fa17e7c&ad_title=Diese+neuen+Treppenlifte+sind+beeindruckend&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&promoted_link_id=0052a59d05333d3e56e2faedc87fa17e7c&time_stamp=$time_stamp$&cpc=$cpc$&ob_click_id=$ob_click_id$&obOrigUrl=true
Title: Diese neuen Treppenlifte sind beeindruckend

Search URL Search Domain Scan URL

URL: https://canadaims.com/landing/register-11?lang=de&utm_source=outbrain&utm_campaign=Germany_Desk&utm_lp_name=V11&utm_publisher=$publisher_name$&utm_section=$section_name$&utm_campaign_id=00a57235540f18ed0d4d2f8fd009b19b94&utm_ad_id=00cf786310d6957dc9650e9299aa326054&utm_doc_id=00a47064451b56f4ba04c58c89d9c8bd59&utm_text=M%C3%B6chten+Sie+eine+kanadische+Permanent+Resident+Card%3F+Kostenloser+Teiln&utm_clkid=$ob_click_id$&utm_ban=caconv-da&obOrigUrl=true
Title: Möchten Sie eine kanadische Permanent Resident Card? Kostenloser Teilnahmecheck!

Search URL Search Domain Scan URL

URL: https://forschung.aktuelles-zur-gesundheit.com/de-de/lp-psl-outbrain-pst-pdeoutpst211124?utm_source=outbrain&utm_medium=cpc&utm_campaign=pdeoutpst211124&OutbrainClickId=$ob_click_id$&obOrigUrl=true
Title: Vergrößerte Prostata: "Praktizieren Sie dieses 30-Sekunden-Ritual jeden Tag, um sie zu verkleinern" aktuelles-zur-gesundheit.com

Search URL Search Domain Scan URL

URL: https://trck.tracking505.com/38d31b18-e00e-4287-9f7e-2a0eb4944338?campaign_id=00fb0bd53b43e7ef499cdd6aae8803f78a&publisher_id=$publisher_id$&publisher_name=$publisher_name$&ad_id=00283be60ae39cc81b981853008fe6f0dc&ad_title=Sch%C3%B6ne+Dessous-Sets+f%C3%BCr+Frauen+%28Mehr+sehen%29&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&promoted_link_id=00283be60ae39cc81b981853008fe6f0dc&time_stamp=$time_stamp$&cpc=$cpc$&ob_click_id=$ob_click_id$&obOrigUrl=true
Title: Schöne Dessous-Sets für Frauen (Mehr sehen) BHs | Suchanzeigen

Search URL Search Domain Scan URL

URL: https://www.gentside.de/stories/dieser-mann-lebt-seit-1999-in-einem-passagierflugzeug_art21617.html?utm_source=outbrain&utm_medium=cpc&utm_campaign=pmo_ged_article_desktop_desktop&obOrigUrl=true
Title: Amerikaner lebt seit über 20 Jahren in einer Boeing 727 Die derzeit besten Videos

Search URL Search Domain Scan URL

URL: https://trck.tracking505.com/cfa0071c-4da6-4774-bdcc-dac738a69730?campaign_id=00168cec82e194f39f52dc798d348fead4&publisher_id=$publisher_id$&publisher_name=$publisher_name$&ad_id=00658ddfee2379c2fd9cc8e604748764dc&ad_title=Entdecken+Sie+diese+modernen+Mobilit%C3%A4tsroller&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&promoted_link_id=00658ddfee2379c2fd9cc8e604748764dc&time_stamp=$time_stamp$&cpc=$cpc$&ob_click_id=$ob_click_id$&obOrigUrl=true
Title: Entdecken Sie diese modernen Mobilitätsroller Seniorenmobil | Anzeigen suchen

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/05b647a3-ac78-48c2-9dbb-31cddb69ab67?utm_source=ob%E2%80%A6&utm_source=ob&utm_campaign=1002_dk&utm_term=$section_name$&utm_content=00c98ab5dc670e01fb3a0921506de2ec92-Deutscher+Fachmann%3A+Wie+Sie+Ihren+Darm+entleeren&t=$ob_click_id$&a=ob&obOrigUrl=true
Title: Deutscher Fachmann: Wie Sie Ihren Darm entleeren Nutrivia

Search URL Search Domain Scan URL

URL: https://goo16.com/click.php?key=wffwwc9ijqda9hsgra7z&ob_click_id=$ob_click_id$&trafficsource=00b48d7964f0cd1b7ad563ca3eb3872bcf&clickcost=$cpc$&trafficsource_name=$section_name$&siteid=$section_id$&campaign_name=ED_AMS_DE_Desktop_Young_Semi&obOrigUrl=true
Title: Ohne Arztbesuch: Wie du die blaue Pille bekommst legal, rasch und diskret Apomeds.com

Search URL Search Domain Scan URL

URL: http://groovyhistory.com/60-groovy-photos?utm_subid=1076122&utm_campaign=5INT_336523&utm_source=outbrain_tc&utm_medium=tc&utm_term=$publisher_name$_$section_name$&utm_content=0047137d4f6df941b33a183b2c35aef03d_$section_id$&obOrigUrl=true
Title: 60 Vintage Photos: Photos No Longer Censored groovyhistory.com

Search URL Search Domain Scan URL

URL: https://bredings-person.com/7ae4cf9a-a078-4b5c-8302-0a06079a7e4f?utm_source=ob&utm_campaign=pilze_dk&utm_term=$section_name$&utm_content=0018cd79eebe96d0676504baa9d9f52c6f-%C3%84rzte+verbl%C3%BCfft%3A+Ein+einfacher+Tipp+gegen+Nagelpilze+%28Heute+Abend+test&t=$ob_click_id$&a=ob&obOrigUrl=true
Title: Ärzte verblüfft: Ein einfacher Tipp gegen Nagelpilze (Heute Abend testen) Pilze Research

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/WOIO
Title: Public Inspection File

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/fcc/woio-fcc_applications.pdf
Title: FCC Applications

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WOIO/equal-employment-opportunity-records/additional-documents/eeo-public-file-reports/44f36053-18d1-5fcc-383e-ba1f70cd360d/
Title: EEO Report

Search URL Search Domain Scan URL

URL: https://cbs19advertising.com/
Title: CBS 19 Advertising

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af HTTP 301
https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://sb.scorecardresearch.com/b?c1=2&c2=10477191&cs_ucfr=1&ns__t=1641135741920&ns_c=UTF-8&cv=3.5&c8=404%20%2F%20Page%20Not%20Found&c7=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1641135741920&ns_c=UTF-8&cv=3.5&c8=404%20%2F%20Page%20Not%20Found&c7=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&c9=

Request Chain 68

https://insight.adsrvr.org/tags/tozgx5g/p3xe0m4/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/tozgx5g/p3xe0m4/iframe

Request Chain 99

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=45399700218683000951393011827030&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=45399700218683000951393011827030&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 101

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3346517045791.2266 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMKH7oerk_UCFZscBgAds6UDEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3346517045791.2266

Request Chain 103

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=45399700218683000951393011827030 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=45399700218683000951393011827030 HTTP 301
https://ad-server.eu/wm/pb/native.png

157 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Redirect Chain

https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af
https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

179 KB
30 KB

773ms
773ms

Document
text/html

2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

39615abe2d7a2d8abb6e4f4ab2726184600cd035b7cddc938d8914150abff640

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
content-length: 29923
server: openresty
content-encoding: gzip
etag: W/"2ca6e-MZFXbIiA+SiZBAlbn8jgK+FqPws"
last-modified: Sun, 02 Jan 2022 15:02:21 GMT
vary: Accept-Encoding
cache-control: private, max-age=110
expires: Sun, 02 Jan 2022 15:04:11 GMT
date: Sun, 02 Jan 2022 15:02:21 GMT
server-timing: cdn-cache; desc=MISS edge; dur=393 origin; dur=368
link: <https://polyfill.io>;rel="preconnect",<https://gray-woio-prod.cdn.arcpublishing.com>;rel="preconnect",<https://api-esp.piano.io>;rel="preconnect",<https://cdnjs.cloudflare.com>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://code.jquery.com>;rel="preconnect",<https://static.adsafeprotected.com>;rel="preconnect"
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400

Redirect headers

content-type: text/html
content-length: 166
server: openresty
location: /2020/11/18/cloudy-morning-turning-into-sunny-af/
cache-control: private, max-age=120
expires: Sun, 02 Jan 2022 15:04:20 GMT
date: Sun, 02 Jan 2022 15:02:20 GMT
server-timing: cdn-cache; desc=REVALIDATE edge; dur=425 origin; dur=4
link: <https://polyfill.io>;rel="preconnect",<https://gray-woio-prod.cdn.arcpublishing.com>;rel="preconnect",<https://api-esp.piano.io>;rel="preconnect",<https://cdnjs.cloudflare.com>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://code.jquery.com>;rel="preconnect",<https://static.adsafeprotected.com>;rel="preconnect"
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
560 B 25ms
8ms Script
text/javascript 2a04:4e42:c00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CArray.prototype.forEach%2CSymbol.hasInstance%2Ces6%2CIntl%2ClocalStorage%2CDate.prototype.toISOString%2CDate.now%2Cdefault%2CObject.entries%2CArray.prototype.entries

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:c00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cleveland19.com/
Origin: https://www.cleveland19.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 4207661
detected-user-agent: Chrome/96.0.4664
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Sun, 14 Nov 2021 16:39:57 GMT
date: Sun, 02 Jan 2022 15:02:21 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 react.js Show response
www.cleveland19.com/pf/dist/engine/ 667 KB
153 KB 13ms
12ms Script
application/javascript 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cleveland19.com/pf/dist/engine/react.js?d=214

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

705aaecb0250f6d3324ce9dbe741451851fce56c5be611df66ef7c59ac56864b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 3ZV8SSH05RS73KRK
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 156059
x-amz-id-2: q/Z6MQ/w2cu+TkAufYP0LXtn5jJfFtxvej9DUxdCobW7kqaGWI6jsSa5UPGKxbrPjkqP2UhwtIc=
last-modified: Thu, 30 Dec 2021 17:00:53 GMT
server: openresty
etag: W/"ebb253af876835483efc79bd323c38e2"
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 02 Jan 2023 15:02:21 GMT

GET
H2 200 default.js Show response
www.cleveland19.com/pf/dist/components/combinations/ 690 KB
166 KB 14ms
14ms Script
application/javascript 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cleveland19.com/pf/dist/components/combinations/default.js?d=214

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

c8dcef20a93364d4696d5d04c25c0ada1f99f22d684e1703ab5162322173281f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
vary: Accept-Encoding
x-amz-request-id: 3ZV95C97TJZ7HHVC
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 168882
x-amz-id-2: 4LZKNwj7yhlEFMeZyppgNxYcfnTcPNRQ3lTYu0WcGIDLXgVeGaC75S9eQ36yshQn1jriIEmF3aQ=
last-modified: Thu, 30 Dec 2021 17:00:53 GMT
server: openresty
etag: W/"836172863588d06cd2e49e8fad28ecb5"
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 02 Jan 2023 15:02:21 GMT

GET
H2 200 main.css
gray-woio-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/ 83 KB
14 KB 57ms
23ms Stylesheet
text/css 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-woio-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/main.css?d=214

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

6206823ece3aeb65eb7ba918f096d683b67a8848407378847b1f22551ab8721d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
x-amz-request-id: AVJ4BPSBW5GPKKH9
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=11
content-length: 14217
x-amz-id-2: QGnOammoXoBxlAuwCcp08YwEA0pUlvmUIg2YAQGNwi25EXoOIRQoanG7M4V+KAIZ0g6dtvueJpk=
last-modified: Thu, 30 Dec 2021 17:00:52 GMT
server: openresty
etag: W/"6dd05f673b04d6bedc7a004ad60ae072"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 02 Jan 2023 15:02:21 GMT

GET
H2 200 main.css
gray-woio-prod.cdn.arcpublishing.com/pf/resources/dist/woio/css/ 94 KB
15 KB 59ms
25ms Stylesheet
text/css 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-woio-prod.cdn.arcpublishing.com/pf/resources/dist/woio/css/main.css?d=214

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

d58485362c79cbf552aef0d4d946dcac55350bb5eb708d04a3895b0131145f62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
x-amz-request-id: AVJ5NDY2W65BQ6PB
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 15145
x-amz-id-2: ozPryYDxU0XwyXwI57cQEWfBhj+q/13Sx5f4YNvfX/oWOyPoUuOXk/PZmLAjXJf1SkN1vEB96Jc=
last-modified: Thu, 30 Dec 2021 17:00:52 GMT
server: openresty
etag: W/"e3f730692cee7b1e490aab7c9b03c3d8"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 02 Jan 2023 15:02:21 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 32ms
15ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?d=214

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7507591
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10462
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViVp1usvBClVfFaVC4th6dy2Zr%2FclPMo66DVpBfAZaa6jDqvj9wMaZSzYgirVv0lW7zMiWugYMifhRruOgr8IIBtyZa%2F1Ekk9Ru3i%2BIFRs%2FB6HbfLg807rNolDxvXWYElEcRxF5vmbQrzK7fyK0KIafG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c74de30c8b2c29a-FRA
expires: Fri, 23 Dec 2022 15:02:21 GMT

GET
H2 200 gtm.js Show response
gray-woio-prod.cdn.arcpublishing.com/pf/resources/js/analytics/ 584 B
874 B 82ms
48ms Script
application/javascript 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-woio-prod.cdn.arcpublishing.com/pf/resources/js/analytics/gtm.js?d=214

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
x-amz-request-id: AVJ7YR6FX5N8MW6Z
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=11
content-length: 305
x-amz-id-2: lmcUOK8qJJG5wP469H+XW1DcP10P1P8yxvUkJNxGtquc3P9F0+7wRhddZOq6E+XSh2VwKHFljqE=
last-modified: Thu, 30 Dec 2021 17:00:51 GMT
server: openresty
etag: W/"d95f5027a66e33b82dc537faa5603017"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 02 Jan 2023 15:02:21 GMT

GET
H2 200 arcads.js Show response
gray-woio-prod.cdn.arcpublishing.com/pf/resources/js/ads/ 35 KB
8 KB 91ms
58ms Script
application/javascript 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-woio-prod.cdn.arcpublishing.com/pf/resources/js/ads/arcads.js?d=214

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

09e4f0b788966ce2b1bf0a3c5af62dd6179e29662299e37e64f6a05c2af6b5f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
x-amz-request-id: AVJ9HZ13WXK7Y83Q
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=9
content-length: 7258
x-amz-id-2: CVWDbhxbwac3HdGP33eeqXMdaKMTvWi/SubvIOrl6N6AeA4B/KHZWP9AW0iSetRNCF0/8h44GeQ=
last-modified: Thu, 30 Dec 2021 17:00:52 GMT
server: openresty
etag: W/"4aa36db740c369c50d6c8e873ebe4d3f"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 02 Jan 2023 15:02:21 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 190 KB
66 KB 46ms
14ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 86b967beb0e130bc605337bf6bbfece968e3046c89c14121844648a0cdec51ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
last-modified: Tue, 28 Dec 2021 13:48:38 GMT
etag: "1d-CC2sNe6U/Ble+ZOCFRm8oQXGHSI"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 277a3b9782c2f9c64031c9bda168732c
timing-allow-origin: *, *
content-length: 67297

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 63ms
11ms Script
application/x-javascript 2600:9000:20eb:4200:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 13:21:33 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 6048
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: WJj4g3efi_XRY9iEUAQV72wiCZkh4lcPL7uFxomNgypyG3Fl4ON2xQ==
expires: Sun, 02 Jan 2022 15:21:33 GMT

GET
H2 200 v2lod79SG9wKATfoguFoa10t5dNtGYaXkSaiDnBGkqkgv_mtkWEfGoFvZiA Show response
reconditerespect.com/ 88 KB
26 KB 358ms
325ms Script
text/javascript 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2lod79SG9wKATfoguFoa10t5dNtGYaXkSaiDnBGkqkgv_mtkWEfGoFvZiA

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

2a1b70c9614339bb2b3b41854faf6ba61c08cdfdaf403db6360d0cb1fbc14c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "40a4d9e5cf4fbd8bd4fd8b981f41b290a92b125dd2089b31f5c140213d516ef8"
vary: Accept-Encoding, Accept-Language
x-hostname: 37b68176
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Sun, 02 Jan 2022 15:02:22 GMT
timing-allow-origin: *

GET
H2 200 v2flrNIGFpH6hKCi7-FOgZygPpmVocOikCh4vjeRnWCj6hudWJSg7Xq2eDETckaLgVretUNloQ2Q Show response
reconditerespect.com/ 16 KB
6 KB 234ms
202ms Script
text/javascript 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2flrNIGFpH6hKCi7-FOgZygPpmVocOikCh4vjeRnWCj6hudWJSg7Xq2eDETckaLgVretUNloQ2Q

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

d37290e6c8bbaa599ca49290fe23069c8c0f654ed828373749337ed014c7a068

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "a40660415c99bef83b5e4cf720f694467f486f7e8db9ce476f14ba90490f946b"
vary: Accept-Encoding, Accept-Language
x-hostname: 37b68176
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Sun, 02 Jan 2022 15:02:21 GMT
timing-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
37 KB 39ms
16ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cff2c257cadf78788ef7cf835866a5ec58a5878fe6b0f077314505ad0588b8af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37031
x-xss-protection: 0
expires: Sun, 02 Jan 2022 15:02:21 GMT

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 66ms
39ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 375338
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Dec 2021 13:48:37 GMT
server: cloudflare
etag: W/"1bbec-17dc3807b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c74de318a1a4e32-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Mon, 02 Jan 2023 15:02:21 GMT

GET
H2 200 woio.jpg
www.cleveland19.com/pf/resources/images/mastheads/backgrounds/ 7 KB
7 KB 106ms
105ms Image
image/webp 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cleveland19.com/pf/resources/images/mastheads/backgrounds/woio.jpg?d=214

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0fdb37b180cb5902c83d651436eb162c4e2f7a966f19d838d6cdc6cfe51ec382

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
last-modified: Thu, 30 Dec 2021 17:05:33 GMT
server: Akamai Image Manager
etag: W/"cdcd43a298013b3edeed778a7e4246ef"
strict-transport-security: max-age=86400
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31284258
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=92
content-length: 7302
expires: Fri, 30 Dec 2022 17:06:39 GMT

GET
H2 200 woio.svg
www.cleveland19.com/pf/resources/images/mastheads/logos/ 2 KB
1 KB 25ms
25ms Image
image/svg+xml 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cleveland19.com/pf/resources/images/mastheads/logos/woio.svg?d=214

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a87f93759b84e347ed5951cff369a43a36c5b84890194aa8a17eec5205dc9916

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
x-amz-request-id: AVJ33TM5AAWMKWFT
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=6
content-length: 966
x-amz-id-2: AGsrT3vq+WX2GujyBuuHoowN1I8gae5IIHl1DMdOuzqBs175MsCRkyhWtdUFO5MD0uC1SAwxFkw=
last-modified: Thu, 30 Dec 2021 17:00:51 GMT
server: openresty
etag: W/"9a330cbdb34235b84d337597a4611988"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 02 Jan 2023 15:02:21 GMT

GET
H2 200 grayLogoHorizontal.svg
gray-woio-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 14 KB
5 KB 15ms
14ms Image
image/svg+xml 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-woio-prod.cdn.arcpublishing.com/pf/resources/dist/images/grayLogoHorizontal.svg?d=214

Requested by

Host: gray-woio-prod.cdn.arcpublishing.com
URL: https://gray-woio-prod.cdn.arcpublishing.com/pf/resources/dist/woio/css/main.css?d=214

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gray-woio-prod.cdn.arcpublishing.com/pf/resources/dist/woio/css/main.css?d=214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
x-amz-request-id: AVJD1TSVD77ZACXR
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5010
x-amz-id-2: I2g6P7YlxBJOqRhBeE+j/LbcjQQBic8/9LbOYpvyHTgmO2tAZxdlFJ989x3MMzWMtm+xI7M7b0w=
last-modified: Thu, 30 Dec 2021 17:00:52 GMT
server: openresty
etag: W/"4228f26a863969873e28bcee1a6a4ded"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 02 Jan 2023 15:02:21 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 41ms
28ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?d=214

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?d=214
Origin: https://www.cleveland19.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13005905
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78268
timing-allow-origin: *
last-modified: Wed, 04 Aug 2021 22:34:28 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "610b15f4-131bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJkmCfINXmHf7vYR5ltQOUH5HaBgpHgkrDqaqBjCbJwCfVCX%2FIwehNgGmhyNyT7ULN0AtZW4ouW%2Be0JOUbhGY6e2GydZsq9MpOk8EQXl4KuxjpZJq%2ByNzV21ZH%2FQ5xi2y2UrlPA2Bkchf66yb6YkHhh2"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c74de317fab6967-FRA
expires: Fri, 23 Dec 2022 15:02:21 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/ 13 KB
14 KB 34ms
22ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?d=214

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css?d=214
Origin: https://www.cleveland19.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3525563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13224
timing-allow-origin: *
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-33a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ismE65GLAUC3leYXKn%2FFw8QzOuY0zEp76kAHHhsmt4IovaemrzK%2BA43vvC9e%2BWD4B5JrIs11FfRFqhYjnGNMo4uH4EQk3xF38wymYKEjD%2FSBtB2JRCiWQTJBTKfRhQdHTnuoTbv%2BU6qySaHMqk8QCu%2Fs"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c74de317faa6967-FRA
expires: Fri, 23 Dec 2022 15:02:21 GMT

GET
H2 200 wx-current-conditions-v3 Show response
www.cleveland19.com/pf/api/v3/content/fetch/ 319 B
494 B 120ms
120ms XHR
application/json 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cleveland19.com/pf/api/v3/content/fetch/wx-current-conditions-v3?_website=woio&filter=%7B%0A++imperial+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A++metric+%7B+location+%7B+city,+adminDistrictCode+%7D,+currentObservation+%7B+iconCode,+temperature+%7D+%7D%0A%7D

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/pf/dist/components/combinations/default.js?d=214

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f2a1e84aaca0aa4af49276d18bc985a406b788d24f37d86fae36129894666500

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
last-modified: Sun, 02 Jan 2022 15:01:07 GMT
server: openresty
etag: W/"13f-mM5ukEATnIVRZbTuE7u4eDsiR3I"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: max-age=77
server-timing: cdn-cache; desc=HIT, edge; dur=108
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
content-length: 184
expires: Sun, 02 Jan 2022 15:03:38 GMT

GET
H/1.1 200
OK d3d3LmNsZXZlbGFuZDE5LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
462 B 125ms
77ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmNsZXZlbGFuZDE5LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 15:02:21 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2606
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 8b70e20b8ae7c668c4b5780109ff8a4
Content-Length: 16
Expires: Sun, 02 Jan 2022 15:45:47 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 15ms
7ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=7.749692794417532
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Tue, 01 Feb 2022 15:02:21 GMT

GET
H2 200 63FZWZL3GNAKRKVWTOX56WVHX4.jpg
gray-woio-prod.cdn.arcpublishing.com/resizer/Hgvz4SrMT4qzVF52gx3GrSGEDrE=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 85 KB
86 KB 107ms
107ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-woio-prod.cdn.arcpublishing.com/resizer/Hgvz4SrMT4qzVF52gx3GrSGEDrE=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/63FZWZL3GNAKRKVWTOX56WVHX4.jpg

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c88931c127c726b883c30c9b89cd0f92575f741290360f9491ee7542b1a839a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
last-modified: Sat, 01 Jan 2022 23:34:13 GMT
server: Akamai Image Manager
etag: "b4ab8731e23a9a4c3dee97383a20b2cc50f8c143"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31480376
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=92
content-length: 87042
expires: Sun, 01 Jan 2023 23:35:17 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 43ms
16ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/pf/dist/components/combinations/default.js?d=214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1089 / 371 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 02 Jan 2022 15:02:21 GMT

GET
H2 200 HKYOWVWNKFDXNHGH7EALXJNR3M.png
gray-woio-prod.cdn.arcpublishing.com/resizer/e_fJDunxaDyrJwNzLxv2vbd1oL4=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 53 KB
54 KB 181ms
181ms Image
image/webp 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-woio-prod.cdn.arcpublishing.com/resizer/e_fJDunxaDyrJwNzLxv2vbd1oL4=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/HKYOWVWNKFDXNHGH7EALXJNR3M.png

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e64b42ca42eec4fe87c41581d6478c0c0cc2b8125ef1e2a7072f172309f4ea7e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
last-modified: Sun, 02 Jan 2022 01:24:29 GMT
server: Akamai Image Manager
etag: "34d0e130f54c6846fc6722005a4db05b22cd15a3"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: private, no-transform, max-age=31486922
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=160
content-length: 54716
expires: Mon, 02 Jan 2023 01:24:24 GMT

GET
H2 200 UAMFA6TD75HTZATJOYWW6WOSCQ.jpg
gray-woio-prod.cdn.arcpublishing.com/resizer/aIm6n5B9Pi1svnO-6Ztw-e8A6vw=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 35 KB
36 KB 97ms
97ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-woio-prod.cdn.arcpublishing.com/resizer/aIm6n5B9Pi1svnO-6Ztw-e8A6vw=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/UAMFA6TD75HTZATJOYWW6WOSCQ.jpg

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c41c0a51974a545f7296e04c661b3c5c236f9c39d2f14a8c190a07e064a2afde

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
last-modified: Sat, 01 Jan 2022 23:22:52 GMT
server: Akamai Image Manager
etag: "86f0d0c8700a898dc6252c9913b816d7f9e74a5b"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31479673
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=67
content-length: 36307
expires: Sun, 01 Jan 2023 23:23:34 GMT

GET
H2 200 E4CKPYEZJRHDBLARRHAP655VTE.png
gray-woio-prod.cdn.arcpublishing.com/resizer/uMLj_vFht1O_FzrYICWsiQNfDyA=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 26 KB
26 KB 471ms
471ms Image
image/webp 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-woio-prod.cdn.arcpublishing.com/resizer/uMLj_vFht1O_FzrYICWsiQNfDyA=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/E4CKPYEZJRHDBLARRHAP655VTE.png

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f40a733484704e5b18061c26e128141b7870cd3f06569ecab52853f127cc5cbc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
x-check-cacheable: YES
x-serial: 1697
etag: "8135fe61a5c4b7c90801174b98cbde69fefbb1a7"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: private, no-transform, max-age=31481358
last-modified: Sat, 01 Jan 2022 23:50:58 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=8, origin; dur=421
content-length: 26548
server: Akamai Image Manager
expires: Sun, 01 Jan 2023 23:51:40 GMT

GET
H2 200 QJLMKWNO2RF6HGQVAEAK72EAGA.jpg
gray-woio-prod.cdn.arcpublishing.com/resizer/1EGzTec_QqSh5_gSU3nz4rXMT_k=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 32 KB
32 KB 644ms
644ms Image
image/jpeg 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-woio-prod.cdn.arcpublishing.com/resizer/1EGzTec_QqSh5_gSU3nz4rXMT_k=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/QJLMKWNO2RF6HGQVAEAK72EAGA.jpg

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

1da9c26f06ba2c3ceb529265ed4e1d4e8bc99c089ebb6b38475583c76c591cca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
x-check-cacheable: YES
x-serial: 974
etag: "25089f3256a88b285ec1ca5ef8d7c38ae3c91989"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31532613
last-modified: Sun, 02 Jan 2022 14:06:01 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=296, origin; dur=293
content-length: 32596
server: Akamai Image Manager
expires: Mon, 02 Jan 2023 14:05:55 GMT

GET
H2 200 DMSFQMTCERCM7HCHGDQVEQ3OIU.png
gray-woio-prod.cdn.arcpublishing.com/resizer/n625JQfj1zWJpAaw-jx5yTHnfTY=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 89 KB
89 KB 106ms
106ms Image
image/webp 2a02:26f0:6c00::210:bb59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-woio-prod.cdn.arcpublishing.com/resizer/n625JQfj1zWJpAaw-jx5yTHnfTY=/800x533/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/DMSFQMTCERCM7HCHGDQVEQ3OIU.png

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb59 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

e611b2782c11a5322ea8416acf1a080a4b92e2373d13d6d1740185e65f2e565b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
last-modified: Sat, 01 Jan 2022 22:42:28 GMT
server: Akamai Image Manager
etag: "0cc9d1e9db75382c5a042b78bf34aec5cc84b87d"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: private, no-transform, max-age=31477193
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=29
content-length: 90674
expires: Sun, 01 Jan 2023 22:42:14 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ 84 KB
29 KB 116ms
42ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
last-modified: Fri, 08 Jan 2016 20:03:15 GMT
server: nginx
etag: W/"56901603-14e55"
vary: Accept-Encoding
x-hw: 1641135741.dop016.ml1.t,1641135741.cds211.ml1.hn,1641135741.cds027.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 280ms
91ms Image
image/gif 18.210.73.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=cleveland19.com&p=%2Ferror%2F404&u=DfA7XYCepf7NC7DZHR&d=cleveland19.com&g=39189&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2358&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1602&t=D7ssP8BEJcbpDKeHFxlW47D-G4wo&V=129&i=404%20%2F%20Page%20Not%20Found&tz=0&sn=1&sv=DFaOnqCFA4edVPXy3nGOQ7BGklZ3&sd=1&im=067b2cff&_
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.210.73.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-210-73-231.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jan 2022 15:02:22 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
41 KB 41ms
26ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSBB5DC&l=RCdataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc7fffc8a9eacf29ea814e1e799f734f71c6309ef44150f8bb8d80377b919b52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41886
x-xss-protection: 0
expires: Sun, 02 Jan 2022 15:02:21 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 35ms
8ms Script
application/javascript 13.225.73.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.73.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-71.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 04:50:27 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 117937
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 5p6q0YXMdfWF9KODWzMUdLA5lbCY0mW2iV0K0FWm_AqZG-Afa2NNfA==

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 30ms
16ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 02 Jan 2022 15:02:21 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 93 B
111 B 30ms
16ms XHR
application/json 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cleveland19.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

be3d541944e924eb13d96278191f9fdc81b5bcb16e4133bafdce8e7426f0511d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86
x-xss-protection: 0
expires: Sun, 02 Jan 2022 15:02:21 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10477191&cs_ucfr=1&ns__t=1641135741920&ns_c=UTF-8&cv=3.5&c8=404%20%2F%20Page%20Not%20Found&c7=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-...
https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1641135741920&ns_c=UTF-8&cv=3.5&c8=404%20%2F%20Page%20Not%20Found&c7=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy...

0
223 B

10ms
10ms

Image
text/plain

13.225.73.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1641135741920&ns_c=UTF-8&cv=3.5&c8=404%20%2F%20Page%20Not%20Found&c7=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&c9=
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Server: 13.225.73.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-71.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: oclrFrBZuysqc-A_IgHNUQ6SqQdb9T3HQI2E6ZZK7idtHZIJS1oIEg==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 02 Jan 2022 15:02:21 GMT
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1641135741920&ns_c=UTF-8&cv=3.5&c8=404%20%2F%20Page%20Not%20Found&c7=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&c9=
content-length: 256
x-amz-cf-id: cwST6HzVjTqw7TdG8vJ_eQ0WPl6HPwP1XZzFfC-JYwWyuUC200AMJA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBB5DC&l=RCdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5247
date: Sun, 02 Jan 2022 13:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 02 Jan 2022 15:34:54 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/15363/ 28 KB
9 KB 36ms
11ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/15363/Bootstrap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSBB5DC&l=RCdataLayer
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 68848ded919b92aecf81fa3c50464e1c95e5c6b9c8234ffba6e1c17739c0e68a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 17:14:03 GMT
server: nginx
etag: W/"615c87db-7013"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H2 200 14.svg
www.cleveland19.com/pf/resources/images/weather/weather-condition-icons/svgs/ 5 KB
2 KB 57ms
56ms Image
image/svg+xml 2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cleveland19.com/pf/resources/images/weather/weather-condition-icons/svgs/14.svg?d=214

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

9bb49ad6f2661ac8a4c312c636ce6788216bf5a8b1b3955e21b8e464e8142c6f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:21 GMT
content-encoding: gzip
x-amz-request-id: EWACFY5401WZWFV2
x-amz-server-side-encryption: AES256
server-timing: cdn-cache; desc=HIT, edge; dur=43
content-length: 1867
x-amz-id-2: m9NGV14n5p2GE1EdaFVGyr+qfCV1C6+QRfGxrcRv0k8s+zpvrSiR5Dtn8ukgu6SBLg7u+wAya5Q=
last-modified: Thu, 30 Dec 2021 17:00:51 GMT
server: openresty
etag: W/"248aed0a2393cf3427bd5748588450bc"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
expires: Mon, 02 Jan 2023 15:02:21 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cleveland19.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 59ms
34ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cleveland19.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 995ms
994ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2831567259390627&correlator=2549778690794836&output=ldjh&impl=fifs&vrg=2021120601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220102&iu_parts=63316753%2Cwoio%2Cweb&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=pt%3Dpage%26position%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1641135741&dt=1641135741999&dlt=1641135741530&idt=443&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=197&adks=2507732264&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x19&msz=970x0&ga_vid=1601679938.1641135742&ga_sid=1641135742&ga_hid=75657823&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ccc63df2a2ac4d609814a9f3c1f1abfe60cb8060992431afb85b75d0fa3d26e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12174
x-xss-protection: 0
google-lineitem-id: 5800992944
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138372142886
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cleveland19.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
10 KB 599ms
598ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2831567259390627&correlator=2549778690794836&output=ldjh&impl=fifs&vrg=2021120601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220102&iu_parts=63316753%2Cwoio%2Cweb&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&prev_scp=pt%3Dpage%26position%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1641135741&dt=1641135742005&dlt=1641135741530&idt=443&frm=20&biw=1600&bih=1200&oid=2&adxs=1135&adys=264&adks=2101742123&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x269&msz=300x250&ga_vid=1601679938.1641135742&ga_sid=1641135742&ga_hid=75657823&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

4cc1b55292c3ef623dfba1774b89448c80eb277b27ec25c6aee50c9d392646de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10336
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cleveland19.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 1268ms
1267ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2831567259390627&correlator=2549778690794836&output=ldjh&impl=fifs&vrg=2021120601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220102&iu_parts=63316753%2Cwoio%2Cweb&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=pt%3Dpage%26position%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1641135741&dt=1641135742006&dlt=1641135741530&idt=443&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=2048&adks=24505985&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x19&msz=970x0&ga_vid=1601679938.1641135742&ga_sid=1641135742&ga_hid=75657823&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

54ed29ea5064234b2cec2b4d2142a8a6bcd5f13ba4337627577f3986bbc87cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12040
x-xss-protection: 0
google-lineitem-id: 5848503808
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374061316
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cleveland19.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 303ms
302ms XHR
text/plain 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2831567259390627&correlator=2549778690794836&output=ldjh&impl=fifs&vrg=2021120601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20220102&iu_parts=63316753%2Cwoio%2Cweb&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=pt%3Dpage%26position%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1641135741&dt=1641135742008&dlt=1641135741530&idt=443&frm=20&biw=1600&bih=1200&oid=2&adxs=484&adys=1949&adks=2279098379&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=938x19&msz=300x0&ga_vid=1601679938.1641135742&ga_sid=1641135742&ga_hid=75657823&ga_fc=false&fws=4&ohw=938&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

83ac471d410bb113a597600ab3a0e6a54f3fff672fcc663bb37e998c312a9eef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12045
x-xss-protection: 0
google-lineitem-id: 5800992944
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138372142880
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cleveland19.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F7E 6 KB
4 KB 79ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 02 Jan 2022 15:02:22 GMT
expires: Mon, 02 Jan 2023 15:02:22 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=75657823&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&ul=en-us&de=UTF-8&dt=404%20%2F%20Page%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACEABBAAAAC~&jid=1644948367&gjid=1977749710&cid=1601679938.1641135742&tid=UA-22223248-29&_gid=2119780870.1641135742&_r=1&gtm=2wgc10KSBB5DC&cg2=page&cg3=woio&cd5=page&cd6=0&cd8=woio&cd9=woio&cd12=PageBuilder%20Fusion%20-%20Arc%20Publishing&cd13=&cd16=Sun%20Jan%2002%202022%2015%3A02%3A21%20GMT%2B0000%20(GMT)&cd17=%2B00%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&cd19=404%20%2F%20Page%20Not%20Found&cd40=default&z=1364921662

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cleveland19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Jan 2022 15:02:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cleveland19.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 427
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 144ms
131ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/427?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.cleveland19.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.cleveland19.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c74de33ec58692b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 427 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 2 KB
1 KB 145ms
136ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/427?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

393bb23b7e84c4b495065e65a12112431714456295a1e7c77648aaab134bc9c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cleveland19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
etag: W/"777-a+n0TLOUnAzrszOJSgmzwa9zKR8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cleveland19.com
access-control-allow-credentials: true
cf-ray: 6c74de34cedec295-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/15363/ 401 B
543 B 34ms
34ms Script
text/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/15363/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/15363/code/&publishedOn=Tue%20Oct%2005%2017:14:01%20GMT%202021&ClientID=923&PageID=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/15363/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e6e9a5a28ea00295489bc2824c0752fbc0dc93437b3d4bba0ef46582f4038d76

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 401
expires: Sun, 02 Jan 2022 15:02:21 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 46ms
7ms Image
image/gif 2600:9000:21f3:5a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
age: 12869268
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: ioGARRLtQBugP8KQ5s8yUmqC2epXjLY0u4Mjh9GQOgM-BjIZ5dpHAw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
443 B 43ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22223248-29&cid=1601679938.1641135742&jid=1644948367&gjid=1977749710&_gid=2119780870.1641135742&_u=YChACEAABAAAAC~&z=188354618

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cleveland19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 02 Jan 2022 15:02:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.cleveland19.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 130a1af39f4c89b5e6a30acb03d770b8.js Show response
nexus.ensighten.com/choozle/15363/code/ 1 KB
867 B 7ms
7ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/15363/code/130a1af39f4c89b5e6a30acb03d770b8.js?conditionId0=4913583&conditionId1=4913584
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/15363/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d4b15e8022561d96000c7fbb07636cec88a31d57f99f3bccf888832c6c114b22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 16:41:20 GMT
server: nginx
etag: W/"615c8030-5cc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 7e3bcccbe9be6061a65a6eb142929580.js Show response
nexus.ensighten.com/choozle/15363/code/ 2 KB
558 B 7ms
7ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/15363/code/7e3bcccbe9be6061a65a6eb142929580.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/15363/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 16:38:15 GMT
server: nginx
etag: W/"615c7f77-746"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H/1.1 200
OK 25245
cs.choozle.com/dp/chz/ 35 B
123 B 425ms
100ms Image
image/gif 54.208.129.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.choozle.com/dp/chz/25245?d=www.cleveland19.com&cb=7379212265
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.129.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-208-129-20.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 50ms
29ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22223248-29&cid=1601679938.1641135742&jid=1644948367&_u=YChACEAABAAAAC~&z=1592342848

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jan 2022 15:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ED85 0
0 41ms
41ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstV4P3Xo8g4xdbqSfhbetySUNRhvfHDTGg4M9e60tIX69X30Hs0XzmayOt5ksESubxflnpKktguPS8QrX5taz6acMkWe8p_7X1o1xhpc23UxhG77_RiXmBF7aKGtbfwSEZYtPyqMJxTCfayqPl2-3P7CZYuYD7hsu5NyooDs127YmGIjrkRk43pUEw-aY-pC4Xkt_5OpoPt50rVZ9GPlKJb4b5QtRbFeXsV_ikLrWJ0NCBrP9X5s3hQai6ktbhJE8WXZdek7MjaiEaJ5uws9bCvQNEbNXz47HAX-PCCqoVLqfSMHZ3m64ieMfzK&sai=AMfl-YS81mOhN7z7AxwIPY0u-_0d7xU7dqi9IIX-qmCc4OZdyD9jn61056RR6SXTycCYsefKUJpAk4-ejycqbmeBqVI6o0avm4GoMFH4xcCKWJ86np2jwRH_GAnLe2jsMhLq&sig=Cg0ArKJSzEn8p7ua-YIvEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Jan 2022 15:02:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 02 Jan 2022 15:02:22 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame ED85 2 KB
2 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jan 2022 15:01:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED85 119 KB
37 KB 48ms
26ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Jan 2022 15:02:22 GMT

GET
H2 200 1702591965042760582
tpc.googlesyndication.com/simgad/ Frame ED85 86 KB
86 KB 30ms
8ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1702591965042760582

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba57c6a5b0372eb368edb8d408b5d9d43c0aa0e536c7ec3462e1169fc58d6922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 23:50:19 GMT
x-content-type-options: nosniff
age: 141123
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87898
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 16:47:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 31 Dec 2022 23:50:19 GMT

OPTIONS
H3 200 773
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 123ms
123ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/773?story_url=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&visitor=7kxm9t1bhuubn5f6

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.cleveland19.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.cleveland19.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c74de35a8fd692b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 773 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
678 B 1538ms
1538ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/773?story_url=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&visitor=7kxm9t1bhuubn5f6

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

263bf62cb306731d79a8d80bbdbfde04f28a79e92646f607734be4a26deda5fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.cleveland19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Jan 2022 15:02:24 GMT
content-encoding: gzip
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
etag: W/"41-G/KV80Jo4mI8yn2jzIX9PzUmuLc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cleveland19.com
access-control-allow-credentials: true
cf-ray: 6c74de367987c295-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3 200 iframeResizer.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
5 KB 47ms
47ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vg.1.85.1-7713883&p=773

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 375089
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Dec 2021 13:48:37 GMT
server: cloudflare
etag: W/"2e2f-17dc3807b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c74de35a8a3c295-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Mon, 02 Jan 2023 15:02:22 GMT

GET
H3 200 state-machine.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 44ms
44ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vg.1.85.1-7713883&p=773

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 375089
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Dec 2021 13:48:37 GMT
server: cloudflare
etag: W/"f2a-17dc3807b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c74de35a8a5c295-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Mon, 02 Jan 2023 15:02:22 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 42ms
42ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vg.1.85.1-7713883&p=773

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 375089
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Dec 2021 13:48:37 GMT
server: cloudflare
etag: W/"8abb-17dc3807b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c74de35a8a7c295-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Mon, 02 Jan 2023 15:02:22 GMT

GET
H3 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 2 KB
2 KB 26ms
26ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vg.1.85.1-7713883&p=773

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 375089
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Dec 2021 13:48:37 GMT
server: cloudflare
etag: W/"19c7-17dc3807b08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6c74de35a8a9c295-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Mon, 02 Jan 2023 15:02:22 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-81117537-17&cid=1601679938.1641135742&jid=27095900&gjid=232545494&_gid=2119780870.1641135742&_u=ACCAgEABCAAAAE~&z=1329014150

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cleveland19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 02 Jan 2022 15:02:22 GMT
content-type: text/plain
access-control-allow-origin: https://www.cleveland19.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=75657823&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&ul=en-us&de=UTF-8&dt=404%20%2F%20Page%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ACCAgEABC~&jid=27095900&gjid=232545494&cid=1601679938.1641135742&tid=UA-81117537-17&_gid=2119780870.1641135742&z=976004697

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jan 2022 10:47:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15289
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/tozgx5g/p3xe0m4/ Frame 0745
Redirect Chain

https://insight.adsrvr.org/tags/tozgx5g/p3xe0m4/iframe
https://d1eoo1tco6rr5e.cloudfront.net/tozgx5g/p3xe0m4/iframe

138 B
667 B

36ms
8ms

Document
text/html

13.225.83.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/tozgx5g/p3xe0m4/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/15363/code/130a1af39f4c89b5e6a30acb03d770b8.js?conditionId0=4913583&conditionId1=4913584
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-200.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 835ef7d4f4e72a9c600bf5dcc2e76d3f832e07273ed3046fefc1e2fda60475fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/

Response headers

Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Last-Modified: Tue, 05 Oct 2021 15:56:42 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 02 Jan 2022 09:20:48 GMT
Cache-Control: max-age=86400
ETag: "871782a6032a3f4385abb608eb15dffe"
X-Cache: Hit from cloudfront
Via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: au-42NeHC6G0sxqbDxU5L-G4NMPuUWvdVg0KiF28W0Q3s9ryx9WhCQ==
Age: 20495

Redirect headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-type: text/html; charset=UTF-8
content-length: 183
location: https://d1eoo1tco6rr5e.cloudfront.net/tozgx5g/p3xe0m4/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame ED85 0
0 41ms
41ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshN-QXZXeBaN29l0I1HeW-pgVKsai93Sx_DLjKPIhZPxztm3N2TMWj2VnF0crgZgXX1lRH83j7245pb_OOjdj1GqqzgSRFJfYRdFcl4iPgY4XQEWMr8MjxmGBHmPzdD-6Y9LRKt8mjdmGcW_yUwRx7pAVMiXTEn1F29bTmvEj1hlDszSN46fsdHtU37QRjkFQalXnv1_MdzIdYDKUPUZm7xTSfSRlYu-PYLl95cWyREp1ZMTk1AKOGINIPIRe4K6S0gtMbJjVyxAiFDXrhiNENl58Yuc_O-twX0b7n3pAEdH0g9OL5jVrQ76zvvCg&sai=AMfl-YTPK41BB2hT8GXyJSmdMg6qVt4TIr_mztIX1o6tadhQ8ULLvof7R-jHGk44e-WQ8qQuz-2Cy1FYmF7Hnb8G2848_STYcjfHpoqRReBNpUh20VlpEjNOAbjO8jW5hpkf&sig=Cg0ArKJSzIFS57dmvzg1EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Jan 2022 15:02:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 02 Jan 2022 15:02:22 GMT

GET
DATA 200
OK truncated
/ Frame ED85 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31d4fc33c5138d6de87c0ba15b9b07b7f06194386db83ecb48ba86d819d6f3ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 get Show response
odb.outbrain.com/utils/ 39 KB
15 KB 351ms
324ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&idx=0&rand=39300&key=NANOWDGT01&widgetJSId=AR_4&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=165&py=2222&vpd=1022&cw=938&activeTab=true&darkMode=false&settings=true&recs=true&version=2000550&sig=DUct7C6W&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d5dd840aabcffdf8002c93a76cbd553a41da2528405d066b2e14341f368f78e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1641135742.479238,VS0,VE317
accept-ranges: bytes
x-served-by: cache-lga21936-LGA, cache-fra19121-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 61854f1130449c50594ce07d114ef2ca
content-encoding: gzip
content-length: 14530
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 v2feyTbVt-uY2lcPinVyQyBScVCJifvEI_yfWe7OvWa5Lq6Zg_WyBr9WvcaAafkoiAQu49PVYA2w Show response
reconditerespect.com/ 209 B
609 B 40ms
16ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2feyTbVt-uY2lcPinVyQyBScVCJifvEI_yfWe7OvWa5Lq6Zg_WyBr9WvcaAafkoiAQu49PVYA2w

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2lod79SG9wKATfoguFoa10t5dNtGYaXkSaiDnBGkqkgv_mtkWEfGoFvZiA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

d0a52de5a99bb8bfc7b8e2f9b4ce0af26f311f240fd3ec127182b19077243cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.cleveland19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Sun, 02 Jan 2022 15:02:22 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cleveland19.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 37b68176
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 209
expires: Sun, 02 Jan 2022 15:02:21 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 0745 70 B
260 B 30ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=tozgx5g&ct=0:p3xe0m4&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/tozgx5g/p3xe0m4/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jan 2022 15:02:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 200 v2lssidYX_JoSfCPbR2XHEOT4WJVq0uqRBhUDO2OeOX3bSezxqtztxyuex-o5vP_zk6CSstICvXg Show response
reconditerespect.com/ 3 B
36 B 31ms
31ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2lssidYX_JoSfCPbR2XHEOT4WJVq0uqRBhUDO2OeOX3bSezxqtztxyuex-o5vP_zk6CSstICvXg

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2lod79SG9wKATfoguFoa10t5dNtGYaXkSaiDnBGkqkgv_mtkWEfGoFvZiA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.cleveland19.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Sun, 02 Jan 2022 15:02:22 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cleveland19.com
access-control-allow-credentials: true
x-hostname: 37b68176
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H3 200 container.html Show response
763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3B85 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 02 Jan 2022 15:02:22 GMT
expires: Mon, 02 Jan 2023 15:02:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3B85 0
0 44ms
43ms Fetch
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CIZPXfr7RYaegEorJgQeY-JKgA8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMDg4MzEyNjcyNTc3MzAyNsgBCeACAKgDAaoEmQJP0IAi_eGSPaABJWhcjv1txz6MpM2c7WwD83MzJVG68HTx3k34bWXH4yCXjuI0OaCE8TBFbGlt0wPbNpCzLcJG2hwrscUgOsX4O6CtWIolYIO3y0Ny64FNlQmNURqPxdw7ffq6q6R6O99qA51cnpXYwLavfzvzkjCQ_bxpup3DqRqd9BpxmFzSNkkEBBN78O83VXe62vCaVqyGcNTywczWKgKyP3V9wQkF9krTciGxLcWed-HlCBEOYoDOMAXCApoPzTegxhc9uj04qTOnivRJ2Sq5W6a1C_J3FcLWsfA5UUL2OJifOnJtU9Cy-DFajgz5yLO15RmGE3TYVwrZAuHWdb9Lj2Og2eCyJ2CyoymCNDTl8X7_xntUp-AEAYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTA4ODMxMjY3MjU3NzMwMjYY2ZAd&sigh=r2vC_eGd6K4&uach_m=[UACH]&cid=CAQSPgCNIrLMEp842uJDQcn9lxyK-9zYWA7MRV4wqSlgDHv7-aStG1t6H7O-e26_XFoxiRA4X9bW_dhPOlxbashNGAE&tpd=AGWhJmuuTCFODmZHvSIqggDdhoOmFK_mabCl4n-2Uf9T68ZayteppMHPlV3kkU2qygK15_njwzDBmzillV2FidcEk1Eknr1utpCB1B_H4TJoinH5e0e4iYSo-2wm6AKl9TP2NZusqoqfXKPz_zVSHmdPP9pkDxd1RLvx7HDz3iHthRV78Og02f0EgFNtMPyZqme8LXcJzjS5X9OfL8wxZIXwOo-fHkZrYrA4bjKb82MKajJ_68Go3MCVNx3E3dZ001YjCQHI6OUPEST8J8z1cVemTVDfiA19YeytPhIccJpIGsPEvv3jwkITPqALc955mNWDKnKfzIEJwZUSEd7wHCVDRWZuiDq21_mFTpNi-7iTtO8UvAlmtqQ7dNquYNhwooAKIoqiJtJKGA9JKeARJyTI6RLexurejS4Pgqhv8n7qNc4gglqD-nwMpxSPNq1s_F2zREnlLk_lqdDOOrb_GpWMQIZ3tpgNV22H4pDYprF5Bse072fAfGyYNR7gYFzZSyRqU5fIIvpL_cbbYGSf2NwLKoa4EN_xdFFU55rhSysDav1jcjqSdRxYwp0Vd4hOzBqoPhbqwOQUhsIWOY2GPnXEu7eGwVpJCdv8KurvNgANelTA4diJuPqIv7ZWOjNuq2ObvQA-8HNvGeIArpqKgIARYP7kmD8oTqa__GOzj1PsltIT11vvcYQ37kem-Z1ScKg4-FWhsxi5C0tdKU4U9ydMUnYoTCoZUuDFMaSbYnVXJuc4mNhxhmkclFoHCSLG-nxQTMaKUMidN4WyfxA1IaHndbtXE_qsPSpGlQ4vxz7omF_ZxCVzoPxXjWYknDfhPUzqPMuZIW1DhkKU5EBqe_iBravxcmSqAWtU3ltPhQ-8FL0hW08OK7LnmtC-pHo7gzkOerK2a6J3Y8mxlmRWO2LzYxStITEdBcRla5Kja5X4fz3ilC5ahUi4ri-yNnWrZsMkbOv82PPwpdHeIXZHVFoIXpAEMzN32bGkzUiMn70IroB7BsFBi6NwyG1XlM8zXqCDhT2vlo_SJKlEtxcQyFREiWfTK9T_ef2Xv_4UVzkT4OYDQUByp3OsPBONPWEWKj4hsXh5UkFl-bm5YkRvOQ
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 3B85 3 KB
2 KB 44ms
15ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWmpFd1pqQXhZbVl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5MzI5MTI5NTQ0NzU3OTI1NzgvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWUNsN1RySWcwUURkT0RFZ1dxaUIzTS8xLzQvMC8wLzk1NjgwMy8xNTM5Nzk4NTI4LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTMyOTEyOTU0NDc1NzkyNTc4L2Ftcy8wLzQ5OC82Ni85OTkvMzIyLzkxLjE5OS4xMTguMC8wLjAwMC8xNjQxMTM1NzQyLzE2NDExNDgzNDIvNC9wdWItMDg4MzEyNjcyNTc3MzAyNi8/zkHns24PiG7kD3Rm8Vz85EFN-oI&nodeid=126&group=cdg&auctionid=3932912954475792578&shardkey=3932912954475792578&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.233&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK8Zrfr7RYaegEorJgQeY-JKgA8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMDg4MzEyNjcyNTc3MzAyNsgBCeACAKgDAaoEnAJP0IAi_eGSPaABJWhcjv1txz6MpM2c7WwD83MzJVG68HTx3k34bWXH4yCXjuI0OaCE8TBFbGlt0wPbNpCzLcJG2hwrscUgOsX4O6CtWIolYIO3y0Ny64FNlQmNURqPxdw7ffq6q6R6O99qA51cnpXYwLavfzvzkjCQ_bxpup3DqRqd9BpxmFzSNkkEBBN78O83VXe62vCaVqyGcNTywczWKgKyP3V9wQkF9krTciGxLcWed-HlCBEOYoDOMAXCApoPzTegxhc9uj04qTOnivRJ2Sq5W6a1C_J3FcLWsfA5UUL2OJifOnJtU9Cy-DFajgz5yLP35zgUv8h8UId9SkoONRC7kneqZeqcP4EPY2ktzpX73WZRX8dTKqD7EuAEAYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_08z_MuLuWVI1pzLSo-sNL8UwCUQw%26client%3Dca-pub-0883126725773026%26adurl%3D
Requested by: Host: 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
URL: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 9aac54f1243ac48d39618e963dff48833fdf4ad7c59331ab322ab7fded3a5cce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 15:02:22 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1641135742
Last-Modified: Sun, 02 Jan 2022 15:02:22 GMT
Server: MMBD/3.210.4
x-mm-latency: 1 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x81, cdg-bidder-x17
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Sun, 02 Jan 2022 15:02:21 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3B85 2 KB
1 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
URL: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jan 2022 15:01:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B85 119 KB
36 KB 42ms
27ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
URL: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Jan 2022 15:02:22 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3B85 15 KB
6 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
URL: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jan 2022 15:01:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3B85 0
0 31ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPOS7ZIQadbSfO4s_huxDSTnXBEEgJHOXiZdhMBVIoJmMizzwaon6B_V9C2Q0qytJTH_SVILyNcAJlfjRoCkCtsmQcgw
Requested by: Host: 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
URL: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3B85 22 KB
7 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
URL: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:53:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324503
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 29 Dec 2022 20:53:59 GMT

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame 3B85 10 KB
4 KB 39ms
12ms Script
text/html 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=3932912954475792578&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3932912954475792578%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0af261d1-be7e-4701-9197-8cbda6b4a0f1%26mt_cid%3D0af261d1-be7e-4701-9197-8cbda6b4a0f1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCK8Zrfr7RYaegEorJgQeY-JKgA8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMDg4MzEyNjcyNTc3MzAyNsgBCeACAKgDAaoEnAJP0IAi_eGSPaABJWhcjv1txz6MpM2c7WwD83MzJVG68HTx3k34bWXH4yCXjuI0OaCE8TBFbGlt0wPbNpCzLcJG2hwrscUgOsX4O6CtWIolYIO3y0Ny64FNlQmNURqPxdw7ffq6q6R6O99qA51cnpXYwLavfzvzkjCQ_bxpup3DqRqd9BpxmFzSNkkEBBN78O83VXe62vCaVqyGcNTywczWKgKyP3V9wQkF9krTciGxLcWed-HlCBEOYoDOMAXCApoPzTegxhc9uj04qTOnivRJ2Sq5W6a1C_J3FcLWsfA5UUL2OJifOnJtU9Cy-DFajgz5yLP35zgUv8h8UId9SkoONRC7kneqZeqcP4EPY2ktzpX73WZRX8dTKqD7EuAEAYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_08z_MuLuWVI1pzLSo-sNL8UwCUQw%2526client%253Dca-pub-0883126725773026%2526adurl%253D%26redirect%3D
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: f843f50ef57f10b91e2d6371c40624baf6e10ed6048849d581d809d0a0f55a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 15:02:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3384
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 3B85 49 B
329 B 41ms
15ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=3932912954475792578&node_id=126&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWmpFd1pqQXhZbVl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5MzI5MTI5NTQ0NzU3OTI1NzgvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWUNsN1RySWcwUURkT0RFZ1dxaUIzTS8xLzQvMC8wLzk1NjgwMy8xNTM5Nzk4NTI4LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTMyOTEyOTU0NDc1NzkyNTc4L2Ftcy8wLzQ5OC82Ni85OTkvMzIyLzkxLjE5OS4xMTguMC8wLjAwMC8xNjQxMTM1NzQyLzE2NDExNDgzNDIvNC9wdWItMDg4MzEyNjcyNTc3MzAyNi8/zkHns24PiG7kD3Rm8Vz85EFN-oI&nodeid=126&group=cdg&auctionid=3932912954475792578&shardkey=3932912954475792578&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.233&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK8Zrfr7RYaegEorJgQeY-JKgA8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMDg4MzEyNjcyNTc3MzAyNsgBCeACAKgDAaoEnAJP0IAi_eGSPaABJWhcjv1txz6MpM2c7WwD83MzJVG68HTx3k34bWXH4yCXjuI0OaCE8TBFbGlt0wPbNpCzLcJG2hwrscUgOsX4O6CtWIolYIO3y0Ny64FNlQmNURqPxdw7ffq6q6R6O99qA51cnpXYwLavfzvzkjCQ_bxpup3DqRqd9BpxmFzSNkkEBBN78O83VXe62vCaVqyGcNTywczWKgKyP3V9wQkF9krTciGxLcWed-HlCBEOYoDOMAXCApoPzTegxhc9uj04qTOnivRJ2Sq5W6a1C_J3FcLWsfA5UUL2OJifOnJtU9Cy-DFajgz5yLP35zgUv8h8UId9SkoONRC7kneqZeqcP4EPY2ktzpX73WZRX8dTKqD7EuAEAYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_08z_MuLuWVI1pzLSo-sNL8UwCUQw%26client%3Dca-pub-0883126725773026%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 15:02:22 GMT
Server: MMBD/3.210.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x83, cdg-bidder-x17
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 02 Jan 2022 15:02:21 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 3B85 43 B
405 B 48ms
22ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=3932912954475792578&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWmpFd1pqQXhZbVl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5MzI5MTI5NTQ0NzU3OTI1NzgvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWUNsN1RySWcwUURkT0RFZ1dxaUIzTS8xLzQvMC8wLzk1NjgwMy8xNTM5Nzk4NTI4LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTMyOTEyOTU0NDc1NzkyNTc4L2Ftcy8wLzQ5OC82Ni85OTkvMzIyLzkxLjE5OS4xMTguMC8wLjAwMC8xNjQxMTM1NzQyLzE2NDExNDgzNDIvNC9wdWItMDg4MzEyNjcyNTc3MzAyNi8/zkHns24PiG7kD3Rm8Vz85EFN-oI&nodeid=126&group=cdg&auctionid=3932912954475792578&shardkey=3932912954475792578&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.233&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK8Zrfr7RYaegEorJgQeY-JKgA8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMDg4MzEyNjcyNTc3MzAyNsgBCeACAKgDAaoEnAJP0IAi_eGSPaABJWhcjv1txz6MpM2c7WwD83MzJVG68HTx3k34bWXH4yCXjuI0OaCE8TBFbGlt0wPbNpCzLcJG2hwrscUgOsX4O6CtWIolYIO3y0Ny64FNlQmNURqPxdw7ffq6q6R6O99qA51cnpXYwLavfzvzkjCQ_bxpup3DqRqd9BpxmFzSNkkEBBN78O83VXe62vCaVqyGcNTywczWKgKyP3V9wQkF9krTciGxLcWed-HlCBEOYoDOMAXCApoPzTegxhc9uj04qTOnivRJ2Sq5W6a1C_J3FcLWsfA5UUL2OJifOnJtU9Cy-DFajgz5yLP35zgUv8h8UId9SkoONRC7kneqZeqcP4EPY2ktzpX73WZRX8dTKqD7EuAEAYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_08z_MuLuWVI1pzLSo-sNL8UwCUQw%26client%3Dca-pub-0883126725773026%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 15:02:22 GMT
Server: MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 02 Jan 2022 15:02:21 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 3B85 49 B
329 B 40ms
13ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=3932912954475792578&st=4562306&time=1641135742&nodeid=126
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWmpFd1pqQXhZbVl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5MzI5MTI5NTQ0NzU3OTI1NzgvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWUNsN1RySWcwUURkT0RFZ1dxaUIzTS8xLzQvMC8wLzk1NjgwMy8xNTM5Nzk4NTI4LzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC8zOTMyOTEyOTU0NDc1NzkyNTc4L2Ftcy8wLzQ5OC82Ni85OTkvMzIyLzkxLjE5OS4xMTguMC8wLjAwMC8xNjQxMTM1NzQyLzE2NDExNDgzNDIvNC9wdWItMDg4MzEyNjcyNTc3MzAyNi8/zkHns24PiG7kD3Rm8Vz85EFN-oI&nodeid=126&group=cdg&auctionid=3932912954475792578&shardkey=3932912954475792578&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.233&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCK8Zrfr7RYaegEorJgQeY-JKgA8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMDg4MzEyNjcyNTc3MzAyNsgBCeACAKgDAaoEnAJP0IAi_eGSPaABJWhcjv1txz6MpM2c7WwD83MzJVG68HTx3k34bWXH4yCXjuI0OaCE8TBFbGlt0wPbNpCzLcJG2hwrscUgOsX4O6CtWIolYIO3y0Ny64FNlQmNURqPxdw7ffq6q6R6O99qA51cnpXYwLavfzvzkjCQ_bxpup3DqRqd9BpxmFzSNkkEBBN78O83VXe62vCaVqyGcNTywczWKgKyP3V9wQkF9krTciGxLcWed-HlCBEOYoDOMAXCApoPzTegxhc9uj04qTOnivRJ2Sq5W6a1C_J3FcLWsfA5UUL2OJifOnJtU9Cy-DFajgz5yLP35zgUv8h8UId9SkoONRC7kneqZeqcP4EPY2ktzpX73WZRX8dTKqD7EuAEAYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_08z_MuLuWVI1pzLSo-sNL8UwCUQw%26client%3Dca-pub-0883126725773026%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.210.4 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 15:02:22 GMT
Server: MMBD/3.210.4
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x91, cdg-bidder-x17
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sun, 02 Jan 2022 15:02:21 GMT

GET
H/1.1 200
OK request.php Show response
hal900030.redintelligence.net/ Frame 3B85 4 KB
2 KB 110ms
79ms Script
application/x-javascript 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=f8b363a4a1&subid=&uid=484209ffab0ab7ba&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3932912954475792578%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0af261d1-be7e-4701-9197-8cbda6b4a0f1%26mt_cid%3D0af261d1-be7e-4701-9197-8cbda6b4a0f1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCK8Zrfr7RYaegEorJgQeY-JKgA8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMDg4MzEyNjcyNTc3MzAyNsgBCeACAKgDAaoEnAJP0IAi_eGSPaABJWhcjv1txz6MpM2c7WwD83MzJVG68HTx3k34bWXH4yCXjuI0OaCE8TBFbGlt0wPbNpCzLcJG2hwrscUgOsX4O6CtWIolYIO3y0Ny64FNlQmNURqPxdw7ffq6q6R6O99qA51cnpXYwLavfzvzkjCQ_bxpup3DqRqd9BpxmFzSNkkEBBN78O83VXe62vCaVqyGcNTywczWKgKyP3V9wQkF9krTciGxLcWed-HlCBEOYoDOMAXCApoPzTegxhc9uj04qTOnivRJ2Sq5W6a1C_J3FcLWsfA5UUL2OJifOnJtU9Cy-DFajgz5yLP35zgUv8h8UId9SkoONRC7kneqZeqcP4EPY2ktzpX73WZRX8dTKqD7EuAEAYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_08z_MuLuWVI1pzLSo-sNL8UwCUQw%2526client%253Dca-pub-0883126725773026%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3859968760450&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=3932912954475792578&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3932912954475792578%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0af261d1-be7e-4701-9197-8cbda6b4a0f1%26mt_cid%3D0af261d1-be7e-4701-9197-8cbda6b4a0f1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCK8Zrfr7RYaegEorJgQeY-JKgA8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMDg4MzEyNjcyNTc3MzAyNsgBCeACAKgDAaoEnAJP0IAi_eGSPaABJWhcjv1txz6MpM2c7WwD83MzJVG68HTx3k34bWXH4yCXjuI0OaCE8TBFbGlt0wPbNpCzLcJG2hwrscUgOsX4O6CtWIolYIO3y0Ny64FNlQmNURqPxdw7ffq6q6R6O99qA51cnpXYwLavfzvzkjCQ_bxpup3DqRqd9BpxmFzSNkkEBBN78O83VXe62vCaVqyGcNTywczWKgKyP3V9wQkF9krTciGxLcWed-HlCBEOYoDOMAXCApoPzTegxhc9uj04qTOnivRJ2Sq5W6a1C_J3FcLWsfA5UUL2OJifOnJtU9Cy-DFajgz5yLP35zgUv8h8UId9SkoONRC7kneqZeqcP4EPY2ktzpX73WZRX8dTKqD7EuAEAYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_08z_MuLuWVI1pzLSo-sNL8UwCUQw%2526client%253Dca-pub-0883126725773026%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: b215317d5a0888204bba54493b30dc5b35df2a8dae442311d1bee833e9b0070c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Jan 2022 15:02:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 45399700218683000951393011827030
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1266
Expires: Sun, 02 Jan 2022 15:02:22 +0100

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 30ms
29ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
last-modified: Mon, 20 Dec 2021 10:37:08 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1639997232.317797"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Tue, 01 Feb 2022 15:02:22 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 44ms
43ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
last-modified: Mon, 20 Dec 2021 10:37:08 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Tue, 01 Feb 2022 15:02:22 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 361ms
89ms Fetch
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=ad1942b4783516dee550305976d4b56c_1436_1641135742739&tm=964&eT=0&widgetWidth=938&widgetHeight=1640&widgetX=165&widgetY=2243&wRV=2000550&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=355&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Jan 2022 15:02:23 GMT
content-encoding: gzip
X-TraceId: b20631cda0bd5eea99e9feb064341b88
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000550/module/ 55 KB
19 KB 47ms
47ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000550/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c98393dd278a2a62f2dc484e11376b14693b4adf503758a0a321a05929b5a93a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
content-encoding: gzip
last-modified: Tue, 28 Dec 2021 13:20:34 GMT
server: AkamaiNetStorage
etag: "8b7c9547a71efbddb82be9e45d0c05ec:1640699060.746234"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 18987
expires: Sun, 02 Jan 2022 19:02:22 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 41 KB
15 KB 335ms
335ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&idx=1&rand=42117&key=NANOWDGT01&widgetJSId=AR_2&va=true&et=true&format=html&pdobuid=-1&t=YWQxOTQyYjQ3ODM1MTZkZWU1NTAzMDU5NzZkNGI1NmM=&adblck=false&abwl=false&px=165&py=3898&vpd=2698&cw=938&activeTab=true&darkMode=false&settings=true&recs=true&version=2000550&sig=DUct7C6W&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 27455f6dcdb1c39d4ceb6f9ccf057ebed25960e0cd4adbcf5409b849f6283369

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1641135743.820335,VS0,VE328
accept-ranges: bytes
x-served-by: cache-lga21943-LGA, cache-fra19121-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: ed10acaeda81d4610aef427b75013502
content-encoding: gzip
content-length: 15253
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6IjRiZGQzNWEzNjM1MTcxZDc0NjczY2FlZjQ3Y2JiNDBkNjBlNDE4MzExYjk5NzFjNDM5NGYyY2VhNDNhMmMxMGYiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 93 KB
93 KB 33ms
8ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjRiZGQzNWEzNjM1MTcxZDc0NjczY2FlZjQ3Y2JiNDBkNjBlNDE4MzExYjk5NzFjNDM5NGYyY2VhNDNhMmMxMGYiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 210e9f35d129d7aef02c65100267266ce7c7cdfdfc843dad251f2eaa831c9574

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
cache-control: max-age=2412801
last-modified: Mon, 22 Nov 2021 08:40:24 GMT
x-traceid: 3cf9243c1669e4baceccc5059f09bb20
timing-allow-origin: *
content-length: 94866
content-type: image/webp

GET
H2 200 eyJpdSI6IjYyZDYyYjNiM2YwNTg0YTlhZjU3Mjc3MzVhYThlMjBjOTZhNjFiYjgzYzQzY2EyOTMwNzU2NjAzNzI1NjIyNjQiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 37 KB
37 KB 46ms
22ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjYyZDYyYjNiM2YwNTg0YTlhZjU3Mjc3MzVhYThlMjBjOTZhNjFiYjgzYzQzY2EyOTMwNzU2NjAzNzI1NjIyNjQiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 97a38097cec76c4c2430fc4843c3284f3461dac7838b317baa77318106079691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
cache-control: max-age=2448325
last-modified: Fri, 12 Nov 2021 15:28:53 GMT
x-traceid: 04f494c58e5ce5b78365f7688a160cf2
timing-allow-origin: *
content-length: 37436
content-type: image/webp

GET
H2 200 eyJpdSI6IjFjZWNmODE5NDIzMDcyNmZkOTFmYmFlNWVlNGMxNDQ5NWI3YzFkYzNiMmI3NzZmZjYwODliMzI5OWRlNTc3NjAiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 37 KB
37 KB 48ms
24ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFjZWNmODE5NDIzMDcyNmZkOTFmYmFlNWVlNGMxNDQ5NWI3YzFkYzNiMmI3NzZmZjYwODliMzI5OWRlNTc3NjAiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 622e508f826c8c7d63a35f0501830752b98d552efe89ab3873204616c74b4385

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
cache-control: max-age=2401086
last-modified: Mon, 20 Dec 2021 05:26:04 GMT
x-traceid: 71a7a05d8be89e64ab8581b642233a99
timing-allow-origin: *
content-length: 37970
content-type: image/webp

GET
H2 200 eyJpdSI6IjhlYTViOWQ1MzAwNWZkY2Q3YjFiYjFiMmFhZGVhM2Q5NzVkMzU1N2FhYTI4ODBlYWE2ZWM2M2VjZDRiOWNjMWEiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 85 KB
85 KB 50ms
26ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhlYTViOWQ1MzAwNWZkY2Q3YjFiYjFiMmFhZGVhM2Q5NzVkMzU1N2FhYTI4ODBlYWE2ZWM2M2VjZDRiOWNjMWEiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 43d63710c5358d29a5ed5388d216c14df3379f354621cf416d01209f19304acb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
cache-control: max-age=974793
last-modified: Tue, 30 Nov 2021 08:16:29 GMT
x-traceid: 8fb32bbf44fa94db423e86ea13b04e48
timing-allow-origin: *
content-length: 87194
content-type: image/webp

GET
H2 200 eyJpdSI6Ijc3MTcxNmNmM2JlNjc2YWJkMTE2NjNhMTVlMDM0MTYyMTkwZDI4MWUzNGUyNjc3ZmVlNjU4MDU5ODg3MzViNzYiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 32 KB
33 KB 53ms
30ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc3MTcxNmNmM2JlNjc2YWJkMTE2NjNhMTVlMDM0MTYyMTkwZDI4MWUzNGUyNjc3ZmVlNjU4MDU5ODg3MzViNzYiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b4a59d4f95c2e8025495dba068a52a707fc9b0744bff0e5d32fb613711c46c27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
cache-control: max-age=1382479
last-modified: Mon, 13 Dec 2021 09:35:19 GMT
x-traceid: f5b72024c375d61415af625b7d6b138a
timing-allow-origin: *
content-length: 33258
content-type: image/webp

GET
H2 200 eyJpdSI6ImI5N2IwNDM5Y2RkZmYwOGNmZDkzZWY0YTRmY2MxZTQ2ZmM1MzEwYmMzNTdkYzFkZDM1ZjhhNTkzZDNjYjM3YjMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 96 KB
97 KB 55ms
31ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI5N2IwNDM5Y2RkZmYwOGNmZDkzZWY0YTRmY2MxZTQ2ZmM1MzEwYmMzNTdkYzFkZDM1ZjhhNTkzZDNjYjM3YjMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 527d90cdd5332e8d57256cd782554076a054dee6a8a5007c96dee0450557d777

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:22 GMT
cache-control: max-age=2113241
last-modified: Fri, 03 Dec 2021 10:49:32 GMT
x-traceid: 3be01b81213f467ae49f8a8018eea81a
timing-allow-origin: *
content-length: 98810
content-type: image/webp

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 248F
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=45399700218683000951393011827030&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=45399700218683000951393011827030&actionid=879111&produktid=ratenkredit&dt_url=

0
627 B

215ms
179ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=45399700218683000951393011827030&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=f8b363a4a1&subid=&uid=484209ffab0ab7ba&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3932912954475792578%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0af261d1-be7e-4701-9197-8cbda6b4a0f1%26mt_cid%3D0af261d1-be7e-4701-9197-8cbda6b4a0f1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCK8Zrfr7RYaegEorJgQeY-JKgA8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMDg4MzEyNjcyNTc3MzAyNsgBCeACAKgDAaoEnAJP0IAi_eGSPaABJWhcjv1txz6MpM2c7WwD83MzJVG68HTx3k34bWXH4yCXjuI0OaCE8TBFbGlt0wPbNpCzLcJG2hwrscUgOsX4O6CtWIolYIO3y0Ny64FNlQmNURqPxdw7ffq6q6R6O99qA51cnpXYwLavfzvzkjCQ_bxpup3DqRqd9BpxmFzSNkkEBBN78O83VXe62vCaVqyGcNTywczWKgKyP3V9wQkF9krTciGxLcWed-HlCBEOYoDOMAXCApoPzTegxhc9uj04qTOnivRJ2Sq5W6a1C_J3FcLWsfA5UUL2OJifOnJtU9Cy-DFajgz5yLP35zgUv8h8UId9SkoONRC7kneqZeqcP4EPY2ktzpX73WZRX8dTKqD7EuAEAYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_08z_MuLuWVI1pzLSo-sNL8UwCUQw%2526client%253Dca-pub-0883126725773026%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3859968760450&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Mannheim, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 02 Jan 2022 04:02:22 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Sun, 02 Jan 2022 15:02:22 GMT
content-length: 0

Redirect headers

Server: nginx/1.19.7
Date: Sun, 02 Jan 2022 15:02:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.34
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=45399700218683000951393011827030&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: 5BC7769B:D2CF_91EFC182:01BB_61D1BE7E_5859CDA:297E8
X-IPLB-Instance: 40028
Cache-control: private

GET
H/1.1 200
OK link.html Show response
track.webgains.com/ Frame 3B85 1 KB
2 KB 215ms
123ms Script
text/html 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3392355&wgcampaignid=99582&viewref=45399700218683000951393011827030&js=1&nw=1
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: f1f8e18b9866b641979473a102af5221396f1f1c473197b2115979244903d86a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Jan 2022 15:02:22 GMT
Last-Modified: Sun, 02 Jan 2022 15:02:22 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: text/html;charset=utf-8
Content-Length: 1239
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

activityi;dc_pre=CMKH7oerk_UCFZscBgAds6UDEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3346517045791.2266 Show response
8019191.fls.doubleclick.net/ Frame 83C5
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3346517045791.2266?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMKH7oerk_UCFZscBgAds6UDEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3346517045791.2266?

392 B
347 B

40ms
25ms

Document
text/html

142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CMKH7oerk_UCFZscBgAds6UDEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3346517045791.2266?

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

a3288e8f19365748b2a4042649b52348a18deb89e9457df007d10d55fc298ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jan 2022 15:02:22 GMT
expires: Sun, 02 Jan 2022 15:02:22 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 324
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Jan 2022 15:02:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMKH7oerk_UCFZscBgAds6UDEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3346517045791.2266?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900030.redintelligence.net/ Frame DED9 7 KB
2 KB 33ms
12ms Document
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/request_content.php?s=45399700218683000951393011827030&a=dafc026e
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=f8b363a4a1&subid=&uid=484209ffab0ab7ba&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D3932912954475792578%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D0af261d1-be7e-4701-9197-8cbda6b4a0f1%26mt_cid%3D0af261d1-be7e-4701-9197-8cbda6b4a0f1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCK8Zrfr7RYaegEorJgQeY-JKgA8-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMDg4MzEyNjcyNTc3MzAyNsgBCeACAKgDAaoEnAJP0IAi_eGSPaABJWhcjv1txz6MpM2c7WwD83MzJVG68HTx3k34bWXH4yCXjuI0OaCE8TBFbGlt0wPbNpCzLcJG2hwrscUgOsX4O6CtWIolYIO3y0Ny64FNlQmNURqPxdw7ffq6q6R6O99qA51cnpXYwLavfzvzkjCQ_bxpup3DqRqd9BpxmFzSNkkEBBN78O83VXe62vCaVqyGcNTywczWKgKyP3V9wQkF9krTciGxLcWed-HlCBEOYoDOMAXCApoPzTegxhc9uj04qTOnivRJ2Sq5W6a1C_J3FcLWsfA5UUL2OJifOnJtU9Cy-DFajgz5yLP35zgUv8h8UId9SkoONRC7kneqZeqcP4EPY2ktzpX73WZRX8dTKqD7EuAEAYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_08z_MuLuWVI1pzLSo-sNL8UwCUQw%2526client%253Dca-pub-0883126725773026%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=3859968760450&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: 4e53c34945d6f3db537782a146cea21dbba79d6ea34380ab651a30f5954be23e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/

Response headers

Date: Sun, 02 Jan 2022 15:02:22 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sun, 02 Jan 2022 15:02:22 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2047
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 3B85
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=45399700218683000951393011827030
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=45399700218683000951393011827030
https://ad-server.eu/wm/pb/native.png

68 B
312 B

139ms
28ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
URL: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 15:07:22 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Sun, 02 Jan 2022 15:02:22 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: 5BC7769B:D2CF_91EFC182:01BB_61D1BE7E_5859CE1:297E8
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3B85 43 B
702 B 80ms
55ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=45399700218683000951393011827030&pv=1

Requested by

Host: 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
URL: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Jan 2022 15:02:22 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame 3B85 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1b1ebb82101f272fcfa2116b45f0663b5e4f932c85ff9b6a5a5568c7d63800c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 156 KB
34 KB 982ms
976ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.cleveland19.com%2F2020%2F11%2F18%2Fcloudy-morning-turning-into-sunny-af%2F&settings=true&recs=true&widgetJSId=AR_4&key=NANOWDGT01&version=2000550&apv=true&sig=DUct7C6W&format=html&rand=28641&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=1&scrW=1600&scrH=1200&t=YWQxOTQyYjQ3ODM1MTZkZWU1NTAzMDU5NzZkNGI1NmM=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=0&fAB=8728-59448&layeredTestInfo=8728-59448-&dpr=1&cw=938&darkMode=false&activeTab=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000550/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 333ffd8a0e65ef18b2dd25bfc33bf249d7da7dd8de12cb1aa3ebfb06eb89e5cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1641135743.895998,VS0,VE958
accept-ranges: bytes
x-served-by: cache-lga21956-LGA, cache-fra19121-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 44e8b78ae9b777b59535a91489d7bd27
content-encoding: gzip
content-length: 34222
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DED9 4 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=45399700218683000951393011827030&a=dafc026e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Jan 2022 14:33:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 02 Jan 2022 15:02:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Jan 2022 15:02:22 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame DED9 16 KB
16 KB 35ms
13ms Image
image/png 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=45399700218683000951393011827030&a=dafc026e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: f31c1ff328c75ce07ad5608733aa1ca557ab862a574ef59b0e5ed895c77834b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 15:02:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16248
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame DED9 17 KB
17 KB 34ms
12ms Image
image/png 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=45399700218683000951393011827030&a=dafc026e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: f391d25e2d2f1b6ddf5d229ee6a9e50b02215b63c8655fd523d132dd1aeff9b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 15:02:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16857
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame DED9 15 KB
16 KB 35ms
13ms Image
image/png 116.202.48.214
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/52113/creativesup/paninicomics-banner-2021-1200x627.jpg
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=45399700218683000951393011827030&a=dafc026e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.48.214 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.214.48.202.116.clients.your-server.de
Software: Apache /
Resource Hash: 422c03ce6da5fb38193d58aad5b40a839ac0447a11f7bede5de0021db5bd5d14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 15:02:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 15705
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame DED9 0
150 B 33ms
12ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=45399700218683000951393011827030&a=3fc66ae0&vb=m
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=45399700218683000951393011827030&a=dafc026e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=45399700218683000951393011827030&a=dafc026e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 15:02:22 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame DED9 13 KB
13 KB 33ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900030.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 20:17:49 GMT
x-content-type-options: nosniff
age: 413073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 20:17:49 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame DED9 13 KB
13 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900030.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:22:37 GMT
x-content-type-options: nosniff
age: 358785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 11:22:37 GMT

GET
H3 200 dc_pre=CMKH7oerk_UCFZscBgAds6UDEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3346517045791.2266
adservice.google.com/ddm/fls/z/ Frame 83C5 42 B
63 B 62ms
48ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMKH7oerk_UCFZscBgAds6UDEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3346517045791.2266

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMKH7oerk_UCFZscBgAds6UDEQ;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3346517045791.2266?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jan 2022 15:02:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BDFF 0
0 42ms
41ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6Y5exoVodGUSFwfN6bvTU5cXL3YIySlCOO9h0j7nofTreWY2KQGaqI6Wabbzdfo0tBGtnE_x43mDZShIzhX_nvJEpTWxu3_YZqEmjyVjUvaDRYCtHyr5rc5xEtlOiFCxs-yX9Uqd4oTHUwCxUHETqG6KG9D7NsR9FjbNA2_QSrS57i-KjuEzyuUAtR8vPyutB0BLyC5mIK_tzXxkpqOXruaku8-ZMFx_xNMIagwYp42AG-DLN-CAcbrMS0NhNo0JwsisLY2Mzpzq02gNKcK4oqjlLYP2yzJVY2o2h36yR4JkUXC8Xjj0DX5AJ&sai=AMfl-YQeOdNEEmwOt9qj1ZGAPAU9f352ihvLrpubCLUNbsBE1zyDEm_VvAn68sLZyhg1gudLSyKU-q-gK4t2FOCIfvi1QzuthHGybB7YWFfa5X1a4r0_Zwz7SfEITW7XnELK&sig=Cg0ArKJSzAIhOO3SGyD4EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Jan 2022 15:02:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BDFF 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jan 2022 15:01:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BDFF 119 KB
36 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Jan 2022 15:02:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame BDFF 0
0 16ms
16ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ1oLZGUww4eJm10HgPskVuq1-D-WeCGfmr8CcpTb7lsSHq6N6p3jPkD4P498oaiTkg3ihABfdWxurKRd_Kzc-Z3N758g
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 200 14725796518216115751
tpc.googlesyndication.com/simgad/ Frame BDFF 60 KB
60 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14725796518216115751

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f2f7bbe7c478692736a22ea6b5faf1eacd43d6575c65d232e12d2a752249341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 00:08:56 GMT
x-content-type-options: nosniff
age: 53607
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61149
x-xss-protection: 0
last-modified: Fri, 19 Nov 2021 16:47:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 02 Jan 2023 00:08:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame BDFF 0
0 41ms
41ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupeQypSXOr2jSvMDoFSv1DBbfwKJzdS7pfstmDMQVqhH17q_fYgREWyhnspb6RdjXp2qBRcCr47C7NnuodJ3u2gaudDGNLRwa_k-8gafCA2RLkKCSepgPBxMuu8Qavh9nR9GXxJl_bg93ka76ZqRhMAktVqp-migzE2oUFtvfUosfw-JeM2qG5XsosqAqFHQbNP2HoaevV6c4yOg3IfdG-ujXPEgTdaTItxmuIZZ0nF2hJQpLs2DJzyqzpsbUPcjmRUgE4VorHRmsbbQ5MvkiO_m5Rcy-Ol6YXb07CXGDUTuZXFP1CW8_2Kra-z0c&sai=AMfl-YR2954zk9RMORzrkgloCAa-nMar77v2_FA0Z61Z7ZPD4kBcuta5Ch2T9BNe-HgFzsrDUkXogqvyRHbOpYg0fbsbXpvwu11QvZMVuQia0wfSwobYIaKO_I90dMwgAy_q&sig=Cg0ArKJSzGe3IO6MLPd6EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Jan 2022 15:02:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 02 Jan 2022 15:02:23 GMT

GET
DATA 200
OK truncated
/ Frame BDFF 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3245f9bfea7337886608b1c4f7bf6d45f93286d2925c7c42c18f42b7729868a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 3B85 51 KB
51 KB 27ms
9ms Script
application/javascript 13.225.73.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3392355&wgcampaignid=99582&viewref=45399700218683000951393011827030&js=1&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.73.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: wvDglZsFnxZ0eZ1mUErJkFMo1VNidWYJ
via: 1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
last-modified: Tue, 09 Nov 2021 11:05:10 GMT
server: AmazonS3
age: 48147
etag: "ec0ced40cbb5211db06b8a36f209e442"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 02 Jan 2022 01:40:00 GMT
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 51794
x-amz-cf-id: C7vzKoPHIAI3fm-Cm61D4uUn4ytMn95PV1qUZ68RtPk7CsTw28KN7Q==

GET
H/1.1 200
OK link.html
track.webgains.com/ Frame 3B85 160 B
618 B 75ms
28ms Image
image/jpeg 46.236.13.147
PULSANT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.webgains.com/link.html?wgcampaignid=99582&viewref=42307000198519400710776011827014&wglinkid=3392355
Requested by: Host: 763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
URL: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS: 46-236-13-147.servers.dedipower.net
Software: Apache /
Resource Hash: 6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Jan 2022 15:02:23 GMT
Last-Modified: Sun, 02 Jan 2022 15:02:23 GMT
Server: Apache
P3P: policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache: hit
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: close
Content-Type: image/jpeg
Content-Length: 160
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 9ms
8ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
last-modified: Mon, 20 Dec 2021 10:37:08 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1639997226.754678"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Tue, 01 Feb 2022 15:02:23 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 104ms
92ms Fetch
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=6391ccbdf837c5c1d8e348056a275737_1436_1641135743098&tm=1315&eT=0&widgetWidth=938&widgetHeight=411&widgetX=165&widgetY=4043&wRV=2000550&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=270&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Jan 2022 15:02:23 GMT
content-encoding: gzip
X-TraceId: cd292bfa72a7f3cbd789ec314c4c0bad
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6ImJiNDI5MWU1MjEwNzMzOWJjMGY3MTExMjhiY2FlN2E2M2ZjZTM5Y2E0MTIwN2ZlMjhkMzNiM2U2MzU1ZDE2NmIiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 8ms
7ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImJiNDI5MWU1MjEwNzMzOWJjMGY3MTExMjhiY2FlN2E2M2ZjZTM5Y2E0MTIwN2ZlMjhkMzNiM2U2MzU1ZDE2NmIiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 47d81a36dd172c9d73ea5f5842c3797358eac87f05d4fe1129074ddde1813313

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
cache-control: max-age=1255051
last-modified: Thu, 08 Apr 2021 10:03:33 GMT
x-traceid: 1c47b8967751d84043efca3e2af82545
timing-allow-origin: *
content-length: 8310
content-type: image/webp

GET
H2 200 eyJpdSI6ImY3ZTI2MWNmODdkODMwZmU2YzYxMjg4MGZkZGFhMTExZGEzOTU2MmQ0ZmIzYWM2YTRiZDk4ZDRkNTI3NzI2YTUiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 5 KB
5 KB 9ms
8ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY3ZTI2MWNmODdkODMwZmU2YzYxMjg4MGZkZGFhMTExZGEzOTU2MmQ0ZmIzYWM2YTRiZDk4ZDRkNTI3NzI2YTUiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b565663b025f53bf6ef8636bc547358b5261c2b09613af6f47af0611a1594be7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
cache-control: max-age=2218380
last-modified: Sun, 24 Oct 2021 10:33:37 GMT
x-traceid: 2b10f71a8708f6cc058e0986d7725d0c
timing-allow-origin: *
content-length: 5166
content-type: image/webp

GET
H2 200 eyJpdSI6ImRmYjc0YjA1YzZlODE3MTY5MjQ5NTY5ODhiNTY4NWVkNGVkZjZiMWUzNjU4ZjE1MTg0NDM2YWJlNjc1ZGRjYWQiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 4 KB
4 KB 9ms
9ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRmYjc0YjA1YzZlODE3MTY5MjQ5NTY5ODhiNTY4NWVkNGVkZjZiMWUzNjU4ZjE1MTg0NDM2YWJlNjc1ZGRjYWQiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 72080bfeab7a2a11ceec7698622952144d9afa510fdd528d042923f925a7a5e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
cache-control: max-age=2050514
last-modified: Tue, 28 Dec 2021 16:02:26 GMT
x-traceid: bde2f596f99f17115a9bfb86d978e2d5
timing-allow-origin: *
content-length: 4326
content-type: image/webp

GET
H2 200 eyJpdSI6ImI2NmRhMTIwYTRmMDMxNDMzN2M5MGI2MTczMjU4NzE0MTEzZmY2ODgyZDhhNmJkMWI4ZDI4NDJjNDM4YTFlZmYiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 4 KB
5 KB 9ms
9ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI2NmRhMTIwYTRmMDMxNDMzN2M5MGI2MTczMjU4NzE0MTEzZmY2ODgyZDhhNmJkMWI4ZDI4NDJjNDM4YTFlZmYiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f3f09aee1805d37a9120fab63358812a49f5b09c37210a90ffe3c8514e1572da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
cache-control: max-age=1367067
last-modified: Mon, 20 Dec 2021 20:45:27 GMT
x-traceid: 0ed9c97a63e78f8681f9a6d57126100f
timing-allow-origin: *
content-length: 4558
content-type: image/webp

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1F2A 0
0 41ms
40ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuwgMPIODCc_NjwSuFtoODi1nntXOljevb-5kOqiwRY4JkfkJudIlhsH19z4rK5u9eVqXnDXdNYm0qXVFhMjO_t8tpLBDSoLZra9t2LfHxSgrztin8fq3HCiqDspw5u4h4r3pHjypZQ1RgVdfO5nUDG1e-rWJVYuYyutUu5vGpqc_ctyiCERuJjr_o7ChWQU2537KydXkpClHrNwb-OgerFCqMOsgNoYu7BUnUvtiX7lkzJFQ7ASotsAROIWxTJWI1ax-X7Hg73QkIOfBOZ11s8Phi-YAPxG_NTWZHYELbttEgLHUWLUV17dw8&sai=AMfl-YSGSso6TGZWeBUsyE0AkcAqcvLW0bzE0Wc4Cr1dOVUPz7GOjMUoxPpYeEpfaD9ow1JneGbWRZFq13Ysbk1AL-AY22hI1gJfgv4lC03brnkcYTpU0YVgf7EmbZBnTZWY&sig=Cg0ArKJSzO9a0RetlXMVEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Jan 2022 15:02:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 1F2A 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:01:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jan 2022 15:01:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F2A 119 KB
36 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Jan 2022 15:02:23 GMT

GET
H3 200 11521353295637802428
tpc.googlesyndication.com/simgad/ Frame 1F2A 48 KB
48 KB 7ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11521353295637802428

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66a5d47b7ea8649f6e8c642e4d55a4e84054f07fadd5f64447a40517da0067a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 16:39:07 GMT
x-content-type-options: nosniff
age: 339796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48782
x-xss-protection: 0
last-modified: Wed, 01 Dec 2021 16:04:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Dec 2022 16:39:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1F2A 0
0 42ms
41ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPv_yzXqYQ_ExrKkVeStbA6JUUsiM-3lWikmn_5cohJDSE7yjiVLJ-3I6c3jbFpmnOIeQgKRMuHZst2NhGIsP4v4SE3qnRQse4iHubzmN7F2jiM791eocEij3DuC6RXHnZ89zeBxHpCrgs2pFX6VaYstPgF4-p9Dps_WFVm6SkRdgGm3Y2-afiJwWChSy5fYDiRp8uvPQVlsaTzwPpH003PwfDt1XF77SCdTjY8OZrko5YMejwy0mpgB8QOc82em_9wtWW47CZ9w_1bZYQwwKXVQcLm0WgDawNpVESWRAJNeuIXnkeLRxMj3mO-w&sai=AMfl-YTUhmdNkya5iuRyPMdApXeXYJEYMDGq_LGFvrBq8rjguNnPxhGhSccejBgWapqfsY37xC7cv_MdyaOADH9HGr-hK5t036LulPM5HH5lg8ePjqGc5jT63JIL8M42TVA5&sig=Cg0ArKJSzFLElTYwumD7EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Jan 2022 15:02:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 02 Jan 2022 15:02:23 GMT

GET
DATA 200
OK truncated
/ Frame 1F2A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcb3c513e6fab70b70e1978c794e5abe7f85147ccc772eff71a56032076516b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 3B85 16 B
232 B 85ms
84ms Fetch
application/json 3.248.87.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-87-88.eu-west-1.compute.amazonaws.com

Software

nginx / PHP/7.4.25

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.25
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 108ms
34ms Preflight 3.248.87.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.87.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-248-87-88.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
server: nginx
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3B85 42 B
497 B 69ms
41ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUlhuOUxMTZ3QqN4d52ZAaX_TVKlG4kvGYG9IcXR9rS4lstRlqDpJ8nu4K94CFAmfdzDHEUAPGGhXFto7L1S8Edg&sig=Cg0ArKJSzDLu5HICAtLKEAE&id=lidar2&mcvt=1001&p=264,1135,514,1435&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2101742123&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641135742614&rpt=252&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jan 2022 15:02:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 reel.js Show response
widgets.outbrain.com/nanoWidget/2000550/module/ 23 KB
8 KB 20ms
20ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000550/module/reel.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 47c961ab7f20c7b6e42cbe783fe09969961d701b43637c430b75e319e23d4a7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
content-encoding: gzip
last-modified: Tue, 28 Dec 2021 13:20:34 GMT
server: AkamaiNetStorage
etag: "decdf093c6104f94cf470a4a056edb27:1640699053.226289"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7580
expires: Sun, 02 Jan 2022 19:02:23 GMT

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000550/module/ 503 B
666 B 22ms
22ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000550/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: eee1807b6aa60fabd89cb374b26a21ec5f56d4281c183b6c56c6a72a85ddbc7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
content-encoding: gzip
last-modified: Tue, 28 Dec 2021 13:20:34 GMT
server: AkamaiNetStorage
etag: "7729c15a51ea48f26a25ceb3a5d80fbf:1640699056.166564"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 338
expires: Sun, 02 Jan 2022 19:02:23 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 91ms
90ms Fetch
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=6276a506ed7efba412d0bef43e22383e_1436_1641135743157&tm=2042&eT=0&widgetWidth=938&widgetHeight=553&widgetX=165&widgetY=3993&wRV=2000550&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=992&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Jan 2022 15:02:23 GMT
content-encoding: gzip
X-TraceId: b47e316acb6db4318b0d0fc037290e39
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 89ms
88ms Fetch
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=906682f40c617adff73f97af9d86e059_1436_1641135743271&tm=2049&eT=0&widgetWidth=938&widgetHeight=353&widgetX=165&widgetY=4565&wRV=2000550&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=992&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Jan 2022 15:02:23 GMT
content-encoding: gzip
X-TraceId: 376ff8877f8045cc1a6787b93960a859
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 178ms
89ms Fetch
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=94669d4a9e3c0f810bc76e554a239c63_1436_1641135743462&tm=2050&eT=0&widgetWidth=938&widgetHeight=421&widgetX=165&widgetY=4938&wRV=2000550&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=992&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Jan 2022 15:02:24 GMT
content-encoding: gzip
X-TraceId: 97920c05580e1d1c0f340c7ac4a0872d
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 178ms
88ms Fetch
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=3da5839bbcad977091cedd6fd262987c_1436_1641135743547&tm=2050&eT=0&widgetWidth=938&widgetHeight=332&widgetX=165&widgetY=5379&wRV=2000550&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=992&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Jan 2022 15:02:24 GMT
content-encoding: gzip
X-TraceId: 7b46561bc22d0030d0e20090fd2d17df
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 267ms
89ms Fetch
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=c48269da0e48b3550ef292ac9c013c94_1436_1641135743737&tm=2051&eT=0&widgetWidth=938&widgetHeight=400&widgetX=165&widgetY=5731&wRV=2000550&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=992&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Jan 2022 15:02:24 GMT
content-encoding: gzip
X-TraceId: f65f8732228b1b89499a3bbe2a8cd008
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 266ms
88ms Fetch
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=60101cb71f2fb85f30abb5738af1aa4b_1436_1641135743790&tm=2051&eT=0&widgetWidth=938&widgetHeight=353&widgetX=165&widgetY=6151&wRV=2000550&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=992&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 02 Jan 2022 15:02:24 GMT
content-encoding: gzip
X-TraceId: 9bd7c8bfadd92c027cee7e8063c2c3be
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6IjllNjFjMWE5N2JlYjNmZGQ2ZWY5OTY3ZGQ4MjM3YjZkMjgyMDFmMTU2YTA4MDgzMWQyNGM0NDhhNmYxNWE4YTAiLCJ3Ijo0MCwiaCI6NDAsImQiOjIuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 1 KB
1 KB 7ms
7ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjllNjFjMWE5N2JlYjNmZGQ2ZWY5OTY3ZGQ4MjM3YjZkMjgyMDFmMTU2YTA4MDgzMWQyNGM0NDhhNmYxNWE4YTAiLCJ3Ijo0MCwiaCI6NDAsImQiOjIuMCwiY3MiOjAsImYiOjR9.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 72bca94eeb632ffd9d8ad04134915e4b69a8c5fd48769d07773f7fb019a4eb85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
cache-control: max-age=754826
last-modified: Sat, 13 Mar 2021 10:50:23 GMT
x-traceid: b0a25de9751a177be2ce8bebf0c6d7e7
timing-allow-origin: *
content-length: 1278
content-type: image/webp

GET
H2 200 eyJpdSI6IjRiMzE3MWMyODVkMDM3NTRiMmNkODY2ZjFiZjIyOTIzZDNkY2NkZmFkYzNkYzMwOGU2YzE4MzhlYjc1Y2NkMjAiLCJ3Ijo4MDAsImgiOjQ1MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 56 KB
57 KB 11ms
10ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjRiMzE3MWMyODVkMDM3NTRiMmNkODY2ZjFiZjIyOTIzZDNkY2NkZmFkYzNkYzMwOGU2YzE4MzhlYjc1Y2NkMjAiLCJ3Ijo4MDAsImgiOjQ1MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 02900f002068acfd90466386e47f8eddc74d6ef67336705ec594965bb4e4004d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
cache-control: max-age=546622
last-modified: Tue, 22 Jun 2021 13:57:12 GMT
x-traceid: 19777a3dc92999b84d5160cbc265100e
timing-allow-origin: *
content-length: 57794
content-type: image/webp

GET
H2 200 eyJpdSI6ImMyMDMwNjlmZjlkMGYwYzZiZjQ1YTM5ZTI2ZTdhMWQ2MjA1Y2Y4MGI1ZTA3YmUwZmQzMWYyMTc0ZDY1ZDE1ZGIiLCJ3Ijo4MDAsImgiOjQ1MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 42 KB
42 KB 13ms
12ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImMyMDMwNjlmZjlkMGYwYzZiZjQ1YTM5ZTI2ZTdhMWQ2MjA1Y2Y4MGI1ZTA3YmUwZmQzMWYyMTc0ZDY1ZDE1ZGIiLCJ3Ijo4MDAsImgiOjQ1MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 240255769c02bf42701c5c18b8d770a92de13d3abcebecb999adac538d1f6595

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
cache-control: max-age=2012808
last-modified: Tue, 28 Dec 2021 08:51:39 GMT
x-traceid: b7764b424551abc144f93f8745a8d9a3
timing-allow-origin: *
content-length: 42602
content-type: image/webp

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 eyJpdSI6IjQyM2Q3OWU0MmM4NjRlNGM1OTVhMzAzM2ZiMmFiZWZiZmVhN2Q5ZTc5NGQ0YTE2YjRiNDlhY2MyMGFkNjUxNjAiLCJ3Ijo4MDAsImgiOjQ1MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 30 KB
30 KB 8ms
8ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQyM2Q3OWU0MmM4NjRlNGM1OTVhMzAzM2ZiMmFiZWZiZmVhN2Q5ZTc5NGQ0YTE2YjRiNDlhY2MyMGFkNjUxNjAiLCJ3Ijo4MDAsImgiOjQ1MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.cleveland19.com
URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e61bdb27c04f07fe99353c0809dafe47b6243bd8bcd0aad7e35a50f2b07a192

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
cache-control: max-age=763907
last-modified: Sun, 05 Sep 2021 23:30:18 GMT
x-traceid: 265e0c76a649142b4b70b311aae0090b
timing-allow-origin: *
content-length: 30920
content-type: image/webp

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c58eee20d73bb0457b519293e6f706c68f3c8df081918b37b0094fe17a7f48d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 02 Jan 2022 15:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8522
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 02 Jan 2022 15:02:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Sun, 02 Jan 2022 15:02:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FFB9 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Sun, 02 Jan 2022 13:01:27 GMT
expires: Mon, 02 Jan 2023 13:01:27 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0A9A 783 B
535 B 18ms
18ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5be0031dab260ff828cdc5425a9a99fb686a7f6ce9d5dcab92ba7650f9971b3d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GRJ120442GYiinlsdAA44A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 02 Jan 2022 15:02:24 GMT
date: Sun, 02 Jan 2022 15:02:24 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-GRJ120442GYiinlsdAA44A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js Show response
pagead2.googlesyndication.com/bg/ Frame FFB9 35 KB
13 KB 29ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 01 Jan 2022 12:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 96982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13555
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Jan 2023 12:06:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0A9A 0
0 57ms
47ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120601&jk=2831567259390627&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H/1.1 200
OK viewability Show response
hal900030.redintelligence.net/ Frame DED9 0
150 B 34ms
12ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900030.redintelligence.net/viewability?s=45399700218683000951393011827030&a=3fc66ae0&vb=v
Requested by: Host: hal900030.redintelligence.net
URL: https://hal900030.redintelligence.net/request_content.php?s=45399700218683000951393011827030&a=dafc026e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900030.redintelligence.net/request_content.php?s=45399700218683000951393011827030&a=dafc026e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sun, 02 Jan 2022 15:02:24 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BDFF 42 B
64 B 55ms
40ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvZpD6DnVRYuwqUcm39tnRvN04hUXO-JUg-bkIfrw5w904pDAyaj3xYTWyTJW2fIIPEmb6axO9Bn-vI4glaRbKvxKPy_HQFb4fbUY0ZomVG1Iqdb-U&sig=Cg0ArKJSzKYRwdBVhirfEAE&id=lidar2&mcvt=1016&p=197,436,287,1164&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2507732264&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1641135743010&rpt=44&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jan 2022 15:02:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120601&jk=2831567259390627&bg=!Tk2lTQnNAAZKWFskSlg7ACkAdvg8WjJnM3maNV81hVq7tcNOisHu2pVoXNa2aZzqiLfdAdslACefCAIAAABRUgAAAAloAQcKACsjbK5PhDoAZbKilaQbMJ_MU75ue4ExF-qecBMRd_n9t0RQAA7fxYiP7WIYmQK1CfGU6Qpk0pS1bupS7nganhS30fKGCqPLLEWL8UYqgs4xxtg30FHCmeKkhoSpR1x0c_7eFEuHy338X0G8HsUVuCxk0e-uJWZUyFPj9DJu8OMN2Xt1e3rVnBka0t61Y_d83Y2hiMyXB2x8TK3eEGwEmECpqENTZjfuDhkUUTOsjmqReabrkAtjIPcxM0w_d5sZglSsdagEFxbUSXuG53CEhyEyVR8UcvDK3ctpaAmpxYqt4PSWvpuZhRoNk0DIqqCux4y2ZatTY9gKJXpFgH5hIsWqAX1MGMD8If9tusqIV-adk4LXBz2O-pixwaQnamfznMit8excwmfgJ4TZPEF4XUVw7fA5b_B9OzujQ5tid-QXUqsNlhALLncP6kTvam3EjRm4A1QmvAm4Wxp7quSEGwtWk-9x2UJEgaeFnfoP8rQQzL8W5JkxqQblu9OEqSfzTZMO0fPu7u1KIqGSctMdCjeeyMOBxHiv07rVnCmhk48dkXHaLvBNq6Pjpb-kGMIc-XU2lYJ8Qltm7BaBz0IG6lvi02QwBzEBp4EYc20yl4y1hSE3vmMTVNO180hBQxjyzW51oUZDwFVRMXuDeUSYlVO4M6iMr3yi7ULbXcI7tzyBNsuibQqIwSpgWEZHI52Q0-hKgSO7PI527-_iIhHW__ItgdQfUz9WHHXtD_AshoaC-kzBLjwHPTWOLEO7p2FrwrYtjM_1nnci349r2FXjtRGvSkefph27rGwlhSIrVVHmeccezF2Yl-TtgrKMhvu1lrMt9r9U8wItUYr9ysKOp3AGrxx3L34_NoN3Wj0YQ3ChyW5GY3K3IcgcRm-K1zkoNjSdkMKEfrO0SX-cSWEBweMA_pr5XGDbr29Srb7RQ_dmpet0vzMWWlCP8sj98oYUQg0DDlUJfB8Xqo_rPZn_aM7jVG6b

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cleveland19.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Jan 2022 15:02:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cleveland19.com/	1970-01-19 23:52:19	Name: AKA_A2 Value: A
www.cleveland19.com/	1970-01-25 20:31:23	Name: akaas_AS_gray_woio_prod Value: 2147483647~rv=58~id=576569b699fb17dee53cdf420f6f651e
gray-woio-prod.cdn.arcpublishing.com/	1970-01-25 20:31:23	Name: akaas_AS_gray_woio_prod Value: 2147483647~rv=47~id=9df9a3a7679d4f01316f89fcb7376a83
.piano.io/	1970-01-19 23:52:17	Name: __cf_bm Value: fLnxCitGVWuauQPw2zeCRwNPVn2a7BOcTZhmx2KDWME-1641135741-0-AWCcX+6hfbKGDw0y4PCbDO+iCXN2tEs5NY4suYmbFffhFbUhZey0MbqTSnzYptYH08ZFQFN/sjh2ocPohOoJfpM=
www.cleveland19.com/	1970-01-20 09:21:03	Name: _cb_ls Value: 1
www.cleveland19.com/	1970-01-20 09:21:03	Name: _cb Value: DfA7XYCepf7NC7DZHR
www.cleveland19.com/	1970-01-20 09:21:03	Name: _chartbeat2 Value: .1641135741862.1641135741862.1.DFaOnqCFA4edVPXy3nGOQ7BGklZ3.1
www.cleveland19.com/	1970-01-19 23:52:17	Name: _cb_svref Value: null
www.cleveland19.com/	1970-01-20 08:37:51	Name: usprivacy Value: 1---
.scorecardresearch.com/	1970-01-20 17:09:03	Name: UID Value: 1CWST6HZVJTQW7TDG8VJEQg1641135742
.cleveland19.com/	1970-01-20 17:23:27	Name: _ga Value: GA1.2.1601679938.1641135742
.cleveland19.com/	1970-01-19 23:53:42	Name: _gid Value: GA1.2.2119780870.1641135742
.cleveland19.com/	1970-01-19 23:52:15	Name: _gat_RMD Value: 1
www.cleveland19.com/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1641135742345%2C%22visitNumber%22%3A1%7D
www.cleveland19.com/	1970-01-20 08:37:51	Name: pnespsdk_visitor Value: 7kxm9t1bhuubn5f6
.cleveland19.com/	1970-01-19 23:52:15	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 09:13:51	Name: IDE Value: AHWqTUnGDjBiIDB33Ey-XzG8HHLGVRgC5n5bTgj2bXv4mEjI0zOneNMKGFdyfVv_kf4
.cleveland19.com/	1970-01-21 02:09:03	Name: _awl Value: 2.1641135742.0.5-b03acc3756912a5d0a2e0434ec2a29ae-6763652d6575726f70652d7765737431-0
.doubleclick.net/	1970-01-19 23:52:16	Name: test_cookie Value: CheckForPermission
.mathtag.com/	1970-01-20 08:37:51	Name: uuid Value: 0af261d1-be7e-4701-9197-8cbda6b4a0f1
.awin1.com/	1970-01-20 00:02:20	Name: awpv14098 Value: 296283\|1641135742\|fd59ca21-6bdc-11ec-ae0b-2238728762ca
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379097:2519595
.medialead.de/	1970-01-20 08:37:51	Name: trscj Value: MTY0MTEzNTc0MnxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRRMU16azVOekF3TWpFNE5qZ3pNREF3T1RVeE16a3pNREV4T0RJM01ETXdKblE5YUhSc2NBPT18YUhSMGNITTZMeTgzTmpObFpHTmtaV0ppWVdaak9UZGhNREV6WVdaaVltSXlZemN5Wm1FM055NXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: yrwbsqud5icarcfstbj0q2sp
pb.media01.eu/	1970-01-20 17:23:27	Name: DTU Value: C454EA440088A0ACF18E6580723D5D97
.cleveland19.com/	1970-01-20 09:13:51	Name: __gads Value: ID=eb89975b43685e4e-228d471e14cd0085:T=1641135742:S=ALNI_MYvg9NafFtLmeAsCSTwD7EPsJA-YQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.cleveland19.com/2020/11/18/cloudy-morning-turning-into-sunny-af/ Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

763edcdebbafc97a013afbbb2c72fa77.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
ad-server.eu
adservice.google.com
adservice.google.de
analytics.webgains.io
api-esp.piano.io
api.webgains.io
cdnjs.cloudflare.com
code.jquery.com
cs.choozle.com
d1eoo1tco6rr5e.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
gray-woio-prod.cdn.arcpublishing.com
hal9000.redintelligence.net
hal900030.redintelligence.net
images.outbrainimg.com
insight.adsrvr.org
mcdp-nydc1.outbrain.com
medialead.de
mv.outbrain.com
nexus.ensighten.com
odb.outbrain.com
pagead2.googlesyndication.com
pb.media01.eu
ping.chartbeat.net
pixel.mathtag.com
polyfill.io
pv.medialead.de
reconditerespect.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
tags.mathtag.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
track.webgains.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.awin1.com
www.cleveland19.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.111.239.217
116.202.48.214
13.225.73.126
13.225.73.71
13.225.83.200
136.243.149.243
142.250.184.194
142.250.185.70
145.239.193.130
15.197.193.217
151.101.14.132
18.197.253.20
18.210.73.231
185.29.134.249
2.18.232.28
2.18.233.201
2.18.234.190
2001:4de0:ac18::1:a:1b
2600:9000:20eb:4200:18:1fcd:34f:cdc1
2600:9000:21f3:5a00:8:48e:53c0:93a1
2606:4700::6810:125e
2606:4700::6810:2a41
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:812::200e
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9c
2a02:26f0:6c00::210:ba19
2a02:26f0:6c00::210:bb59
2a04:4e42:c00::282
3.248.87.88
35.201.98.64
46.236.13.147
54.208.129.20
54.76.176.197
64.202.112.223
88.198.250.30
94.23.99.218
02900f002068acfd90466386e47f8eddc74d6ef67336705ec594965bb4e4004d
09e4f0b788966ce2b1bf0a3c5af62dd6179e29662299e37e64f6a05c2af6b5f4
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0fdb37b180cb5902c83d651436eb162c4e2f7a966f19d838d6cdc6cfe51ec382
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1da9c26f06ba2c3ceb529265ed4e1d4e8bc99c089ebb6b38475583c76c591cca
1e61bdb27c04f07fe99353c0809dafe47b6243bd8bcd0aad7e35a50f2b07a192
210e9f35d129d7aef02c65100267266ce7c7cdfdfc843dad251f2eaa831c9574
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
240255769c02bf42701c5c18b8d770a92de13d3abcebecb999adac538d1f6595
263bf62cb306731d79a8d80bbdbfde04f28a79e92646f607734be4a26deda5fb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27455f6dcdb1c39d4ceb6f9ccf057ebed25960e0cd4adbcf5409b849f6283369
2a1b70c9614339bb2b3b41854faf6ba61c08cdfdaf403db6360d0cb1fbc14c33
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31d4fc33c5138d6de87c0ba15b9b07b7f06194386db83ecb48ba86d819d6f3ad
3245f9bfea7337886608b1c4f7bf6d45f93286d2925c7c42c18f42b7729868a2
333ffd8a0e65ef18b2dd25bfc33bf249d7da7dd8de12cb1aa3ebfb06eb89e5cc
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
393bb23b7e84c4b495065e65a12112431714456295a1e7c77648aaab134bc9c7
39615abe2d7a2d8abb6e4f4ab2726184600cd035b7cddc938d8914150abff640
3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa
422c03ce6da5fb38193d58aad5b40a839ac0447a11f7bede5de0021db5bd5d14
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43d63710c5358d29a5ed5388d216c14df3379f354621cf416d01209f19304acb
47c961ab7f20c7b6e42cbe783fe09969961d701b43637c430b75e319e23d4a7e
47d81a36dd172c9d73ea5f5842c3797358eac87f05d4fe1129074ddde1813313
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
4cc1b55292c3ef623dfba1774b89448c80eb277b27ec25c6aee50c9d392646de
4e53c34945d6f3db537782a146cea21dbba79d6ea34380ab651a30f5954be23e
527d90cdd5332e8d57256cd782554076a054dee6a8a5007c96dee0450557d777
54ed29ea5064234b2cec2b4d2142a8a6bcd5f13ba4337627577f3986bbc87cbd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5be0031dab260ff828cdc5425a9a99fb686a7f6ce9d5dcab92ba7650f9971b3d
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6206823ece3aeb65eb7ba918f096d683b67a8848407378847b1f22551ab8721d
622e508f826c8c7d63a35f0501830752b98d552efe89ab3873204616c74b4385
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66a5d47b7ea8649f6e8c642e4d55a4e84054f07fadd5f64447a40517da0067a9
68848ded919b92aecf81fa3c50464e1c95e5c6b9c8234ffba6e1c17739c0e68a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b71d2bd27010cbb01e505314423d9c903230bf4182019eb1ca8016bd2b624a0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
705aaecb0250f6d3324ce9dbe741451851fce56c5be611df66ef7c59ac56864b
72080bfeab7a2a11ceec7698622952144d9afa510fdd528d042923f925a7a5e8
72bca94eeb632ffd9d8ad04134915e4b69a8c5fd48769d07773f7fb019a4eb85
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835ef7d4f4e72a9c600bf5dcc2e76d3f832e07273ed3046fefc1e2fda60475fe
83ac471d410bb113a597600ab3a0e6a54f3fff672fcc663bb37e998c312a9eef
86b967beb0e130bc605337bf6bbfece968e3046c89c14121844648a0cdec51ff
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f2f7bbe7c478692736a22ea6b5faf1eacd43d6575c65d232e12d2a752249341
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
9186ad0839410bf3d20f3c5b242b36027562baac85ffb8cba18b50b6e4d7945d
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
97a38097cec76c4c2430fc4843c3284f3461dac7838b317baa77318106079691
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9aac54f1243ac48d39618e963dff48833fdf4ad7c59331ab322ab7fded3a5cce
9bb49ad6f2661ac8a4c312c636ce6788216bf5a8b1b3955e21b8e464e8142c6f
9c58eee20d73bb0457b519293e6f706c68f3c8df081918b37b0094fe17a7f48d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3288e8f19365748b2a4042649b52348a18deb89e9457df007d10d55fc298ae7
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87f93759b84e347ed5951cff369a43a36c5b84890194aa8a17eec5205dc9916
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b1ebb82101f272fcfa2116b45f0663b5e4f932c85ff9b6a5a5568c7d63800c
b215317d5a0888204bba54493b30dc5b35df2a8dae442311d1bee833e9b0070c
b4a59d4f95c2e8025495dba068a52a707fc9b0744bff0e5d32fb613711c46c27
b565663b025f53bf6ef8636bc547358b5261c2b09613af6f47af0611a1594be7
ba57c6a5b0372eb368edb8d408b5d9d43c0aa0e536c7ec3462e1169fc58d6922
be3d541944e924eb13d96278191f9fdc81b5bcb16e4133bafdce8e7426f0511d
c41c0a51974a545f7296e04c661b3c5c236f9c39d2f14a8c190a07e064a2afde
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c88931c127c726b883c30c9b89cd0f92575f741290360f9491ee7542b1a839a2
c8dcef20a93364d4696d5d04c25c0ada1f99f22d684e1703ab5162322173281f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c98393dd278a2a62f2dc484e11376b14693b4adf503758a0a321a05929b5a93a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc7fffc8a9eacf29ea814e1e799f734f71c6309ef44150f8bb8d80377b919b52
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
ccc63df2a2ac4d609814a9f3c1f1abfe60cb8060992431afb85b75d0fa3d26e2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2c257cadf78788ef7cf835866a5ec58a5878fe6b0f077314505ad0588b8af
d0a52de5a99bb8bfc7b8e2f9b4ce0af26f311f240fd3ec127182b19077243cf5
d37290e6c8bbaa599ca49290fe23069c8c0f654ed828373749337ed014c7a068
d4b15e8022561d96000c7fbb07636cec88a31d57f99f3bccf888832c6c114b22
d58485362c79cbf552aef0d4d946dcac55350bb5eb708d04a3895b0131145f62
d5dd840aabcffdf8002c93a76cbd553a41da2528405d066b2e14341f368f78e8
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e611b2782c11a5322ea8416acf1a080a4b92e2373d13d6d1740185e65f2e565b
e64b42ca42eec4fe87c41581d6478c0c0cc2b8125ef1e2a7072f172309f4ea7e
e6e9a5a28ea00295489bc2824c0752fbc0dc93437b3d4bba0ef46582f4038d76
eee1807b6aa60fabd89cb374b26a21ec5f56d4281c183b6c56c6a72a85ddbc7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f8e18b9866b641979473a102af5221396f1f1c473197b2115979244903d86a
f2a1e84aaca0aa4af49276d18bc985a406b788d24f37d86fae36129894666500
f31c1ff328c75ce07ad5608733aa1ca557ab862a574ef59b0e5ed895c77834b3
f391d25e2d2f1b6ddf5d229ee6a9e50b02215b63c8655fd523d132dd1aeff9b9
f3f09aee1805d37a9120fab63358812a49f5b09c37210a90ffe3c8514e1572da
f40a733484704e5b18061c26e128141b7870cd3f06569ecab52853f127cc5cbc
f843f50ef57f10b91e2d6371c40624baf6e10ed6048849d581d809d0a0f55a6a
fcb3c513e6fab70b70e1978c794e5abe7f85147ccc772eff71a56032076516b8
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.cleveland19.com Open in urlscan Pro 2a02:26f0:6c00::210:ba19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

157 Requests

99 %HTTPS

43 %IPv6

34 Domains

48 Subdomains

43 IPs

7 Countries

2488 kBTransfer

5420 kBSize

26 Cookies

35 Outgoing links

Page URL History

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cleveland19.com Open in urlscan Pro
2a02:26f0:6c00::210:ba19 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

99 %
HTTPS

43 %
IPv6

34
Domains

48
Subdomains

43
IPs

7
Countries

2488 kB
Transfer

5420 kB
Size

26
Cookies

157 HTTP transactions
5 data transactions