www.paloaltoonline.com Open in urlscan Pro
104.26.14.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW2z8ZWv7grYPlW56dJz85c-bdC102?te=W3R5hFj4cm2z...
Effective URL:
https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Submission Tags: falconsandbox
Submission: On March 18 via api (March 18th 2023, 11:05:23 pm UTC) from US — Scanned from DE

Summary HTTP 103 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 27 domains to perform 103 HTTP transactions. The main IP is 104.26.14.44, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.paloaltoonline.com. The Cisco Umbrella rank of the primary domain is 522240.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 20th 2022. Valid for: a year.

This is the only time www.paloaltoonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:440... 2606:4700:4400::ac40:955a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	104.26.14.44 104.26.14.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
8	104.26.8.19 104.26.8.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1901:0:9... 2600:1901:0:9ed6::1	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
4	2606:4700:e4:... 2606:4700:e4::ac40:a816	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	162.244.66.114 162.244.66.114	18501 (CODERO-DFW) (CODERO-DFW)
1 16	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:400:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:223... 2600:9000:223f:ca00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:f400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.206.74.178 52.206.74.178	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
103	30

1 2606:4700:4400::ac40:955a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.sidekickopen80.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.26.14.44 (United States)

ASN13335 (CLOUDFLARENET, US)

www.paloaltoonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.26.8.19 (United States)

ASN13335 (CLOUDFLARENET, US)

www.embarcaderopublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:9ed6::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

rehabilitatereason.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.pushalert.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e4::ac40:a816 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.244.66.114 (United States)

ASN18501 (CODERO-DFW, US)
PTR: 162-244-66-114.dedicated.codero.net

magnetapi.klangoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.klangoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
magnetapi2.klangoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
magnetrack.klangoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c874370014d0f2b26534edfeac1349e2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:400:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:ca00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:f400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.74.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-74-178.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com c874370014d0f2b26534edfeac1349e2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 134 pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	427 KB
19	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 76 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32	180 KB
10	paloaltoonline.com www.paloaltoonline.com — Cisco Umbrella Rank: 522240	265 KB
8	embarcaderopublishing.com www.embarcaderopublishing.com — Cisco Umbrella Rank: 421635	100 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	318 KB
5	klangoo.com magnetapi.klangoo.com — Cisco Umbrella Rank: 79193 cdn.klangoo.com — Cisco Umbrella Rank: 81990 magnetapi2.klangoo.com — Cisco Umbrella Rank: 180002 magnetrack.klangoo.com — Cisco Umbrella Rank: 88860	41 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1365 ka-f.fontawesome.com — Cisco Umbrella Rank: 2483	100 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1587 m.addthis.com — Cisco Umbrella Rank: 1573	217 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6069 adservice.google.de — Cisco Umbrella Rank: 8720	1 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	216 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 980 pixel.quantserve.com — Cisco Umbrella Rank: 786	10 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2388	313 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 147	137 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	136 KB
2	rehabilitatereason.com rehabilitatereason.com — Cisco Umbrella Rank: 166019	22 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1269	201 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 933	634 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1766	875 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 541	483 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1533	15 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 171	2 KB
1	pushalert.co cdn.pushalert.co — Cisco Umbrella Rank: 49320	42 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 886	6 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 305	33 KB
1	sidekickopen80.com 1 redirects t.sidekickopen80.com	540 B
0	moatads.com Failed z.moatads.com Failed
103	27

	Domain	Requested by
18	tpc.googlesyndication.com	securepubads.g.doubleclick.net
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.paloaltoonline.com
10	www.paloaltoonline.com	www.paloaltoonline.com
8	www.embarcaderopublishing.com	www.paloaltoonline.com
7	www.googletagservices.com	www.paloaltoonline.com securepubads.g.doubleclick.net
4	ka-f.fontawesome.com	kit.fontawesome.com www.paloaltoonline.com
3	stats.g.doubleclick.net	1 redirects www.paloaltoonline.com
3	s7.addthis.com	www.paloaltoonline.com s7.addthis.com
2	www.facebook.com	www.paloaltoonline.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google.de	www.paloaltoonline.com
2	www.google.com	2 redirects
2	magnetapi.klangoo.com	www.paloaltoonline.com magnetapi.klangoo.com
2	connect.facebook.net	www.paloaltoonline.com connect.facebook.net
2	www.googletagmanager.com	www.paloaltoonline.com www.googletagmanager.com
2	rehabilitatereason.com	www.paloaltoonline.com rehabilitatereason.com
1	magnetrack.klangoo.com	www.paloaltoonline.com
1	pagead2.googlesyndication.com	www.googletagservices.com
1	magnetapi2.klangoo.com	cdn.klangoo.com
1	pixel.quantserve.com	www.paloaltoonline.com
1	ping.chartbeat.net	www.paloaltoonline.com
1	rules.quantcount.com	secure.quantserve.com
1	cdn.klangoo.com	magnetapi.klangoo.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	static.adsafeprotected.com	www.paloaltoonline.com
1	static.chartbeat.com	www.paloaltoonline.com
1	secure.quantserve.com	www.paloaltoonline.com
1	googleads.g.doubleclick.net	1 redirects
1	c874370014d0f2b26534edfeac1349e2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.pushalert.co	www.paloaltoonline.com
1	static.cloudflareinsights.com	www.paloaltoonline.com
1	kit.fontawesome.com	www.paloaltoonline.com
1	ajax.googleapis.com	www.paloaltoonline.com
1	t.sidekickopen80.com	1 redirects
0	z.moatads.com Failed	s7.addthis.com
103	39

This site contains links to these domains. Also see Links.

Domain
www.destinationpaloalto.com
portal.cityspark.com
twitter.com
facebook.com
instagram.com
mailchi.mp
www.mv-voice.com
www.almanacnews.com
www.thesixfifty.com
www.rwcpulse.com
www.embarcaderomediagroup.com
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-20` - `2023-05-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-22` - `2023-12-23`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
rehabilitatereason.com R3	`2023-03-15` - `2023-06-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-26`	2 months	crt.sh
*.pushalert.co Sectigo RSA Organization Validation Secure Server CA	`2022-04-28` - `2023-05-06`	a year	crt.sh
*.klangoo.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-29` - `2023-03-30`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-02` - `2023-05-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
quantserve.com R3	`2023-02-13` - `2023-05-14`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Frame ID: 7BE89FD74661196EDCD9AD670F15E0E6
Requests: 64 HTTP requests in this frame

Frame: https://c874370014d0f2b26534edfeac1349e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A96D24F351C4C061B1FE2AA737A59518
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0Rq2_zGZHWr21s0YkvYP5N5vf1UsOvtzgpBF28upZb0jki4BJYz8Uolnv3uK1Phgc4XZN_Ba_kg1WQjtF1HR4hL7qdaG2IWg8y3NzHutFum89knEpSXxRXlAx2PXq11_yuzydKWvNu4pn77bcPblDS1Kc9I0dJSBGNaVzD4ERkl2JkKc8zwmpVl8Tb86bfiVKQ3Z9yuDnk1DEINKIgYdrPy7015ai0zx_Hp0fOwCwgeKxZmfr7vSrGGQEm-wDLoC5y-4eCKJ5xXg7MDC3kOnpbzAeiNk4SYHq0D67ZDNXLgOJE2lSVHuuHgOlNM7qocwq9vBxUaGEz5oRvOY3AQMP5YUajg&sai=AMfl-YTcboImhj-6PdFD-1WJ5HdwiRRk2vzmpzn8YbTBcVBZ0oGPldY2EVNnBj2Ls83RnNWjK3En2YgSNIJXnRVOw7Wku7ZdCWErfPQojYK7CA9eah6enJlObvM9aRiqvqpZmeBl0f8uBHPR0wSiV7k&sig=Cg0ArKJSzEjjHi0jTCq0EAE&uach_m=[UACH]&adurl=
Frame ID: 8305B5AD6EA56A957E5043E739CA92F4
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxzcXPxZYrUZ0Y65_SoPx8c-At9ibdJTnqCsy59j1RFCrf6l_grwZF049oppp1NxKjAAYEgPDltTZXnlYHqP551zCKL9rEJMDhZo5aZUi-Kdq_79ZmwBvNxmCSbwTQLo89o7uNdlA4K43hKRTYk2e2rX9FyRXT00h8DaUlOUPUV_ZEAR4DNv9x4qbSV4SBYSQw3EdHnKouZtzJFvFpb-5IFfyl5DAFkfCwSJgCZuEfd0p65aeR5QPJBCwANULtrPKRu27hG8vFQgx5FQtemSbaR2w3XOVynkiapbzVRjVcfnP-iHVnMbe-sSP6Z40SdMHRh13BqHZG1lEA9Ja_lLqBDQ1fbw&sai=AMfl-YQnLSMnj9VEiIJ1C09RJigY_MHowMhu3vsWMhpHl56FRt64AlqqBoONhpVsdef9c8sUrdDTKiISWkyobOu1zZrfIvgSnzoaVoeLkj9cA7ROa4XBDoEInVqAzOyaS2GzX1Hh8K9agG42zc_HSJY&sig=Cg0ArKJSzDsCV7bq4wshEAE&uach_m=[UACH]&adurl=
Frame ID: 307957D9E189559F7B91FDB038DCA655
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBCp69a308W981IIahj1eZkczC1k1EWF_oCUdHAHa2fnw1Ta2pGnyHkwvBHH8DC_uotjdEu1vn_JSFWN17rbyuH45itL6IhRnUOukqwISS2ORr2DWGm9LodNonfcyiDZab9FXj7_mzBFD9XgTze7KfBaZoCIG95w5y5ggmr44Dkce6vuHJwtNp51T390kXjJ_U9R0HhpxWrWUsN8bcCRCFsEqMTiRUOeEbfWW428jRM6Wh9XynKckhufcP4kT8uMHVjljfVpPLHf0nmcmJ57ghRtu-aU104WN8K8fV0RcCMgkq_JGi5ZgLnoLhzXgEnEHPg-FmyUjkJV4usuxf2d4yjFhSYjYuMg&sai=AMfl-YRZP5unED27WBO4dZH-YhnLeXyIftn4GBLbxk1WVqu4Fq38nUZsxF--RIIsswoi5uG_gXRZHrlPZMFaejHn5OdeeTzB-x7s-1Htxefog5RgElZBSZSX_UcA-v_EyQrqsu2Cnr5lTbY3-9oko1o&sig=Cg0ArKJSzEG-PBJsJGt4EAE&uach_m=[UACH]&adurl=
Frame ID: F0E4D26444AB9AB8A90E52C762055147
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSJ1hMlhY5uzNXLx9W3xmFQjsC5Cu93Y7U-OjLoc4t4RRJ4hqGbRauVSRo1N_qDw5JmZRG8Y1gnSfMu5CywplaiW9fc2I0lsGnhk_zSlkQq6KWnRCzYTPN4hdPIw9c1rxIPxg8Vx0ukia8EZ4OS1cknYhKu1MAz0RTNEzM3G8BNyseJmtk-LR4YGTHYUDkLizBO-Jm85BqqYwZh4mUEFTrYKnfNcGRgi08xxt5WnuUxnckehW4kp_vZa7L1JQZANV9x_3r1apIhtZQUftq2MsCQqnHuytu0NeeAmtOKcrq4I7ctt3S6Bv8sa9bifGkTaCYWzkIE-vEeFgZst98LByhNeiArBDSHw&sai=AMfl-YS1yF0rwLmLqVgxIJR8qoRFJKLSSreFcVFcGcgwo8hktkMXkX_fPTdL1UMt7QYM6wkv5LNBc9DhPtdQN1cbg0z_ztyJoqj0lh9H0l5NieeuxVq5LNATR3K7EzKyxDe70wxMRxyYUX2CgQbj-6Y&sig=Cg0ArKJSzLUd5VCtHaAnEAE&uach_m=[UACH]&adurl=
Frame ID: 8D3DFBDA6DC37EAC4D5D1B97B9D50BC7
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurLv-0MD8UHAgW1Vu4z5lAP6tysGYBBE3CNramkK-O6L1gZxo-pb-o9job7D8Gv4ZqqhapqQPFja2jC-IoE8WmHpcejQeIlT_htUFYCAll-KyuInGMoDantUQMo3zWXhXEHLN7ibYygX7DCxweonE1_mxrEQiAGJZ2KScx68EZV6c7w6dPdKCriq-GXe0Djmg049bAHUGGxt7vo5x4UNBrJ3JZ1ZYl9p_QTIxRvStzdYNyJgM-2mT1gpFT12mDPSXMx4GoG6NsK3Dabmw4gWRw8eiTgvgAgTnSvSAXPoni0of_H3BmUg_IAM7Ge4YEmvbvry-vfjJVtaCBhFYzonaHyGV_21yFkQ&sai=AMfl-YSusm8iyx1OeU3yOMVYdr28S1PQiprVToZb-kjk0Wk1KMJ2_MkdFRtORY1wmH1yOxW5zGtwilzGDbyBO_QovFFl2vUQwL2qlctOowgrEt1vAFgZR3uexiuELmIBlF8cYAkb1MEcOu498URV_Lo&sig=Cg0ArKJSzDz71W9OXihWEAE&uach_m=[UACH]&adurl=
Frame ID: 4742A8F7FD5889CA7E9B730A577EF14F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgSrobrCpOHog3xUl_v8Mt-Ry6lkb18RLE7G7lN7PeZsbsSHAMflTUZUXfpfRkP0kFIksulZ9N5lT6PE3qvmnc3cDuTiBD3AH9CKKtenq8VfwnH05bnyxzJtDx2M7ngV1LR_fD-PGLk5MPdCeDc2G8wqCF4Q_ggGyqAqxLHypCqXwmpMHD3U0pfKyGKlrUPYD2cZ2J-1qkM9snKRm5cm-3rXhTLZBfrsqbybkC4i2fg5bx7vlLHbLz0wVGZ3ddXQ1yTCBpkv3PihMGhTRWYr5cdpWI1BTN-KCFKaQyF3XakTJbA9JLyxmVzkrlHXxd8C90Mm21rP_5_nUlYMAGJSzSDS0MMtL7pA&sai=AMfl-YSy8khQ-xKTYA-GBBuru_RPjFsgIg25_BdH-hVGb0dC9T5nb3EopXOLCg4Oc80fWNSDtBAXCL3dudszIpli1ZFlYEGPpN7Zq-hXCy-8Y1YvVgoJCl24y1OiQpdjb-AdLAS9PNUjzytLNEVYmRA&sig=Cg0ArKJSzBcnNGK7yQ6zEAE&uach_m=[UACH]&adurl=
Frame ID: 5A5F70FB39306A0CCC83123370AB6EBC
Requests: 7 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: E29E1B1DF1FC54475EC1D2565561AB5C
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 2CF104A183159C57DC1539FCEC4AF941
Requests: 1 HTTP requests in this frame

Frame: https://www.paloaltoonline.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679169600
Frame ID: 8D69589E4084879CA362B2FB95EC4007
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Walgreens agrees to $7.5M settlement over alleged phony pharmacist | News | Palo Alto Online |FacebookTwitterPrintAddThisFacebookTwitterPrintAddThisFacebookTwitterPrintAddThis

Page URL History Show full URLs

https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW2z8ZWv7grYPlW56dJz85c-bd... HTTP 307
https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharma... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

103
Requests

96 %
HTTPS

77 %
IPv6

27
Domains

39
Subdomains

30
IPs

3
Countries

2054 kB
Transfer

5403 kB
Size

30
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.destinationpaloalto.com/eating-and-nightlife/
Title: Restaurants

Search URL Search Domain Scan URL

URL: http://www.destinationpaloalto.com/
Title: Visit Palo Alto

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/EventEntry/EventEntry/PaloAltoWeekly/
Title: Submit Calendar Item

Search URL Search Domain Scan URL

URL: https://twitter.com/paloaltoweekly
Title: @paloaltoweekly

Search URL Search Domain Scan URL

URL: https://facebook.com/paloaltoonline
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/paloaltoonline
Title: @paloaltoonline

Search URL Search Domain Scan URL

URL: https://mailchi.mp/embarcaderomediagroup/advertise
Title: Advertising Info

Search URL Search Domain Scan URL

URL: http://www.mv-voice.com/
Title: Mountain View Voice

Search URL Search Domain Scan URL

URL: http://www.almanacnews.com/
Title: The Almanac

Search URL Search Domain Scan URL

URL: https://www.thesixfifty.com/
Title: TheSixFifty.com

Search URL Search Domain Scan URL

URL: https://www.rwcpulse.com/
Title: Redwood City Pulse

Search URL Search Domain Scan URL

URL: http://www.embarcaderomediagroup.com/
Title: Embarcadero Media

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW2z8ZWv7grYPlW56dJz85c-bdC102?te=W3R5hFj4cm2zwW4mKLS-45LLYVW3zd7jZ43TCCNW41RcnV43T4P2W3KbWrJ1S1nmqW1L5LSS1N5Z0GW3zd69n3K3ptXW1Gy6NR3K3pWkW4fLG2L1ZqppXW3K9G6H3K6KvbW4fdhyd3K8JYDW3ZY6xL3K2Vj4W3R3bLV1GGm-JF49NQHrWtb91&si=8000000002011378&pi=3ab82409ad5c83bdf38c018cefc8eee4 HTTP 307
https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1764138116&utmhn=www.paloaltoonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&utmhid=1682413729&utmr=-&utmp=%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&utmht=1679180717899&utmac=UA-440011-1&utmcc=__utma%3D248443142.1192021031.1679180718.1679180718.1679180718.1%3B%2B__utmz%3D248443142.1679180718.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1326144960&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-440011-1&cid=1192021031.1679180718&jid=1326144960&_v=5.7.2dc&z=1764138116 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-440011-1&cid=1192021031.1679180718&jid=1326144960&_v=5.7.2dc&z=1764138116&slf_rd=1&random=654401426

Request Chain 44

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072652050/?random=127748425&cv=11&fst=1679180717881&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&label=GwJLCPfr1OcCEJK-vf8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&tiba=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&value=0&auid=813669181.1679180718&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=rUMWZJ-QOZ6j7_UPjdW0yAs&sscte=1&crd=&eitems=ChAI8MLVoAYQ9NOzmPOJjtJFEh0A6b9zwNfmTBp8gOJ7SbABxiRq59jjjnuFGKiQXg&pscrd=Ek5DaEVJOE1MVm9BWVF2dUd6d05iaHFZYWlBUklsQUJ5eVpnSV9VczJ0Mi1QTWdqWTh3TENJTmVyX09oak1pTUxwQUZ0RnhRV2VuS1FOUWcaWENoRUk4TUxWb0FZUXo5MnpoNF9HMzgyS0FSSXRBSWgtdFVOa1J2bEFFTnVfNjlSX0pVUTZoekVER1NwWHh2ck91eFdmTV9wajhYX0FfZWwwSzJSS2U0WlE HTTP 302
https://www.google.com/pagead/1p-conversion/1072652050/?random=127748425&cv=11&fst=1679180717881&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&label=GwJLCPfr1OcCEJK-vf8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&tiba=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&value=0&auid=813669181.1679180718&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1MVm9BWVF2dUd6d05iaHFZYWlBUklsQUJ5eVpnSV9VczJ0Mi1QTWdqWTh3TENJTmVyX09oak1pTUxwQUZ0RnhRV2VuS1FOUWcaWENoRUk4TUxWb0FZUXo5MnpoNF9HMzgyS0FSSXRBSWgtdFVOa1J2bEFFTnVfNjlSX0pVUTZoekVER1NwWHh2ck91eFdmTV9wajhYX0FfZWwwSzJSS2U0WlE&is_vtc=1&ocp_id=rUMWZJ-QOZ6j7_UPjdW0yAs&eitems=ChAI8MLVoAYQ9NOzmPOJjtJFEh0A6b9zwMDYVTOsj44hpTPPlGCdX-U190jj5G09Yg&random=3944858192 HTTP 302
https://www.google.de/pagead/1p-conversion/1072652050/?random=127748425&cv=11&fst=1679180717881&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&label=GwJLCPfr1OcCEJK-vf8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&tiba=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&value=0&auid=813669181.1679180718&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1MVm9BWVF2dUd6d05iaHFZYWlBUklsQUJ5eVpnSV9VczJ0Mi1QTWdqWTh3TENJTmVyX09oak1pTUxwQUZ0RnhRV2VuS1FOUWcaWENoRUk4TUxWb0FZUXo5MnpoNF9HMzgyS0FSSXRBSWgtdFVOa1J2bEFFTnVfNjlSX0pVUTZoekVER1NwWHh2ck91eFdmTV9wajhYX0FfZWwwSzJSS2U0WlE&is_vtc=1&ocp_id=rUMWZJ-QOZ6j7_UPjdW0yAs&eitems=ChAI8MLVoAYQ9NOzmPOJjtJFEh0A6b9zwMDYVTOsj44hpTPPlGCdX-U190jj5G09Yg&random=3944858192&ipr=y&prhg=0

103 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist Show response
www.paloaltoonline.com/news/2020/02/04/
Redirect Chain

https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW2z8ZWv7grYPlW56dJz85c-bdC102?te=W3R5hFj4cm2zwW4mKLS-45LLYVW3zd7jZ43TCCNW41RcnV43T4P2W3KbWrJ1S1nmqW1L5LSS1N5Z0GW3zd69...
https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

54 KB
14 KB

469ms
424ms

Document
text/html

104.26.14.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.14.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c6127d65d8a93ead696e0f02be535e8bd8143fad8129908df5e2a59a0b20b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7aa11e951f4230ed-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 18 Mar 2023 23:05:16 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6fhd73%2FM%2F%2BN1M67dUceT3Sz%2FieivcJnC5hb6Yy1lDCafglt8Rbw4AARgvaLogRlmXiQIlp6C34IZi5jjdFE31xAqLfB89euPQPuUH3znQC%2BiwcSd%2FEh4NmM8yKIutwUzank6vu2vQ4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 7aa11e924a6b2c25-FRA
date: Sat, 18 Mar 2023 23:05:16 GMT
link: <https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist>; rel="canonical"
location: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-hubspot-correlation-id: f667220c-3718-489b-bb65-270a9a204df3
x-robots-tag: none

GET
H2 200 U43NWRW5EQcX3AkTpxuRHQVgbZ0.js Show response
www.paloaltoonline.com/cdn-cgi/apps/head/ 5 KB
2 KB 31ms
29ms Script
application/javascript 104.26.14.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paloaltoonline.com/cdn-cgi/apps/head/U43NWRW5EQcX3AkTpxuRHQVgbZ0.js
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.14.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e562b3567fafca623f6a51fb7b64376e1b4fce37fb1f230a323da145f6799981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:16 GMT
x-amz-version-id: udiNMkRxAo38OMR_vKEYVdQwNP4NQNgZ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Q9E76K8T93NXEEJR
age: 8811546
x-amz-id-2: 5Oji9XC0SfU37K0RwGyvtYdaRyr1S8KZ3/dmzFOLOy/9LxbY89MfCk7WDOg6gTbIgD3IS963daA=
last-modified: Thu, 18 Aug 2022 15:46:25 GMT
server: cloudflare
etag: W/"2f41037057a4bbd213e4a6c98c2b14a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BTvisXKTGMNCJKyxuRxxkiHlHHyFKmOpyg4r1ZneI6ogzBsw36iVRoWC3nOe%2BNtgHUlQ58hXgO4jI%2FdBDQh2%2BXb8HwPUAgGcNTKr47iTlpUukVDyDMKyPJBZBncm78xEIzHJQZQbQCU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7aa11e97da1c30ed-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 67ms
17ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 06:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Mar 2024 06:15:18 GMT

GET
H2 200 colorbox.css
www.embarcaderopublishing.com/colorbox/ 4 KB
1 KB 740ms
550ms Stylesheet
text/css 104.26.8.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/colorbox/colorbox.css?v=8
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 717bf9ad10598afacee727e234d18601a90132e3f0b92f2b2084124e751b20d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 28 Jul 2021 17:10:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1135-5c8320ea10960-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UI6f15u0dKgohMn1Lya%2BCLd8tEHLoLYnjx9ye8yOJVhFNM4ZrBoBmyQKy%2FzT1ry7a8NhHDd6ytAjDiYwLNUuAJ2qw8xjcJOOpGZUlgkMmSMJ6QFJCIpbxJ6j1rzyl9FzVQ%2F8Sw60huyNS8p1Jz6R"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7aa11e990d9c9b88-FRA

GET
H2 200 jquery.colorbox.js Show response
www.embarcaderopublishing.com/colorbox/ 28 KB
9 KB 735ms
545ms Script
application/javascript 104.26.8.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/colorbox/jquery.colorbox.js
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71096a60d61fc17ebd7846babcc1bfed67b5f65bbe7bce04aabd7ea41b93c299

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 28 Jul 2021 17:10:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"7105-5c8320ea7df60-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7ZNZ0n8AHJ2MMvxrKrf%2B9kVdAyvL83gdSqWho4vvJ62polVCMPeHmxaSOBntI4FVTQy141c10IM1kILwmoiSsTs84wmohPS6zk0y0n%2BEfsk3KZjxD0en86%2FfLMbAl65CFP%2FDy485JTF2IC4wOMZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7aa11e990d9e9b88-FRA

GET
H2 200 ajax.js Show response
www.embarcaderopublishing.com/class/ 5 KB
2 KB 696ms
507ms Script
application/javascript 104.26.8.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/class/ajax.js?v=8
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e4850c399d9fcecfb2c1977bc882dff7ca4c1393729a3e2c2890cb00cd1148a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 28 Jul 2021 17:09:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"12b5-5c8320e147900-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RHZnX5YqgKlVCUW5EQnh66lT1VUzRujVvVH%2FshuK6PVRI2BNC6lIA6RIXPYDAYLgsZUL6%2FwTEjgUkfwW2X7vAFaZD0BCHeL76kxuG5I5rUUUpRZCRbflQ8osF4m%2BYiB3x7YUZ05727Fkk3%2F4rdm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7aa11e990da09b88-FRA

GET
H2 200 hide_slide.js Show response
www.embarcaderopublishing.com/js/ 2 KB
959 B 742ms
553ms Script
application/javascript 104.26.8.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/js/hide_slide.js?v=8
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07cebc4e0f208791813887c1710c84a241522bb6428e58512b06efe2bbf8031c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Aug 2021 01:48:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6ae-5c8c61d0f7f60-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BqyBof3yVtRNOsN0OuVEJxQt2kcHR1UbeoQr3%2BF3495a3mZCM19YsTBl2HbsligASYlh4JfK2yryEA2USQq0vxcUdwAvcml5Ss5aPy3OyIAAuRCm0GUeOg4AC28K1HkkWaSjFfv2gG7HdoHQjPJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7aa11e990da19b88-FRA

GET
H2 200 cookie.js Show response
www.embarcaderopublishing.com/js/ 3 KB
1 KB 721ms
532ms Script
application/javascript 104.26.8.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/js/cookie.js?v=8
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 169a73226f810a0ba713f5145c28f8c66a5864d5a32c84d1abe89382390c8117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Aug 2021 01:48:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a0b-5c8c61d01e300-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeS02A09pPcinR0dcNDSNYicv%2Fnpy1Wtsb6glpNrirRuRkIuFX3zsmiRRfPwvAKgRxRJzfVMH5KDUzSDWTCe8Fuyyyilp0SQfmc08mMgmJ4P0QHDCrpnh4glIdTdnnP714HKBf1cfQSBhWisgZsk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7aa11e990da29b88-FRA

GET
H2 200 login_scripts.js Show response
www.embarcaderopublishing.com/js/ 4 KB
1 KB 731ms
542ms Script
application/javascript 104.26.8.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/js/login_scripts.js?v=8
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429f430d83b23af02d70781f2dd4200646e55304ef59b01bb9018e7a3d50310d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Aug 2021 01:48:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1035-5c8c61d30a3c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3QV0fEtZbr8e6LraicF0n9HftQ4nNv695NIQAmQda%2FZYkbmqGv1OhqsUBAAcGFiJpEHzdQEPsBn3ykbNv6JiAAsSatjyesfSVYluGU7N6%2BHdlMp%2FNt%2Fnlh1cvn9dIurMQoHNyTQzP00SmtoAPAs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7aa11e990da39b88-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 76ms
26ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce9c011b155c50fc6a7e648ce390f8229569ee094e951f8494075290aeb6c3ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27440
x-xss-protection: 0
server: sffe
etag: "1515 / 2 of 1000 / last-modified: 1679090814"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 18 Mar 2023 23:05:17 GMT

GET
H2 200 bootstrap.min.css
www.paloaltoonline.com/twitter_bootstrap/4.3.1/css/ 152 KB
24 KB 723ms
722ms Stylesheet
text/css 104.26.14.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paloaltoonline.com/twitter_bootstrap/4.3.1/css/bootstrap.min.css
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.14.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70c104563e945a1d986daac2f5896636676bf5c03a86883682957e755b32c0d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Mar 2023 23:05:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3g5E9302tz9qEVjTOEkct0eBcK0mFxesV5Dq1wJElEkZS007hpzY86T7QwhpWqUkRcRxwE7bOvi6bJlQhBzP8wOxo6NHWgwutW%2FlXE2xWMGH5t9viA3tYj0jGlHoTWbzsvpmKW6y4HM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=14400
cf-ray: 7aa11e97da1f30ed-FRA

GET
H2 200 jquery.js Show response
www.embarcaderopublishing.com/js/ 265 KB
80 KB 943ms
755ms Script
application/javascript 104.26.8.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/js/jquery.js
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344a7d902c6d219492e3c8e2f3a29c1634c73be7c410a8b5212ed67f56081e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Aug 2021 01:48:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"42586-5c8c61d209660-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbmW5SPlETrPEWYlQ1Ih4VGYYyyj8bc6xwC8xsQNrCDAkvWR9FMU%2FPY57S%2Bk2HIHudaYLKuSFwDOzeX9PzkeR5lLRwYS5TcrUjXniM%2FRz6Vy%2BnEqm4lwo1Iy%2B3tdIvywI7OsZ1dNvUC%2F4my7U9i3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 7aa11e990da49b88-FRA

GET
H2 200 styles_responsive.css
www.embarcaderopublishing.com/css/ 12 KB
3 KB 752ms
564ms Stylesheet
text/css 104.26.8.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/css/styles_responsive.css?v=8
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.8.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6867e6613d3695341e7280007485908d5ec270beabda722366c4266909496c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Tue, 09 Aug 2022 16:38:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"30e4-5e5d1903792c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7xwncynHCWFrRx0Jqosctfy%2FHn7R96RkqB6pgdF%2BnBC%2FyRCfLkHEQGDnA62K1f7gm0QhAMw%2BzCSbxiyY3YobjmR4fSHNG4vrmlWfz9YErMWXGW2kVyOmWwFdg%2BtauQUkdzqDbhIa0kWEhwzciID"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 7aa11e990d9d9b88-FRA

GET
H2 200 20c4b40556.js Show response
kit.fontawesome.com/ 11 KB
4 KB 229ms
41ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/20c4b40556.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07a3d22468f376c38de5b6cef82395389411c81a6b40fd04232cc6cf4522ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.paloaltoonline.com/
Origin: https://www.paloaltoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:16 GMT
strict-transport-security: max-age=31536000; preload
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-ray: 7aa11e990a089c10-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F0vaoB08e-RjOVJLPsqB

GET
H2 200 top_logo.png
www.paloaltoonline.com/art/ 18 KB
18 KB 693ms
689ms Image
image/png 104.26.14.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paloaltoonline.com/art/top_logo.png
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.14.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34082f605d5f6565e0721eeff723dd1c1aff205a6bafaf40a5fc4a7721d6faad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Oct 2013 22:29:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "46c1-4e82e2dd64780"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psU5UXJTN%2F4XLzvnOMOmmd65NZZfKzWNeFXR9iLmKyBgD%2BXepfnGxoUQKzKznFEFBOc2W87shwb2Y1SKZnbSxkHOrd0ryujtBO7tWhtP9yOHOv%2FCIALxH2IG4nqs0hvD4WBZs%2FvrF6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aa11e9df84e30ed-FRA
content-length: 18113

GET
H2 200 83515_full.jpg
www.paloaltoonline.com/news/photos/2020/february/4/ 150 KB
150 KB 782ms
779ms Image
image/jpeg 104.26.14.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paloaltoonline.com/news/photos/2020/february/4/83515_full.jpg
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.14.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b096fa9475588a1ced4799294851262112e97a03d8b573aa51a6dce6a54fd93e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Feb 2020 16:57:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2573b-59dc2f107054c"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jeWWarEVVmDZr44siCKz5Y8aZ7yGKgcJ2iyP97xhKz11MdFWHCfXOeXU5BGyMg6sPZJUMc7wLsxhUuXw9XK2f4Bff8jVvM8UperFJqoFMdKBIK7Pjlpj5Lg%2Fgq20LXMR1Cl%2B7%2BWaj5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7aa11e9df84f30ed-FRA
content-length: 153403

GET
H2 200 phone-330x270.jpg
www.paloaltoonline.com/express/img/ 24 KB
24 KB 671ms
669ms Image
image/jpeg 104.26.14.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paloaltoonline.com/express/img/phone-330x270.jpg
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.14.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43f5141d2b4b4c4291007910197d1272619345bba65807ef802255bb1d7119e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
cf-cache-status: MISS
last-modified: Sat, 18 Mar 2023 23:05:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BYZnGrk8Zr5VZ6jp45x4Ty86rwHJI39TduPsduej5L25Nc%2F0dujybZIipJakLK7aL20NpwclhIjD%2BjXwfw6%2FMIOy3K32DFZCAaczHXa%2FrXLjMt%2F8mqTZNxLPbbt2LbIuqvqgpOdJvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 7aa11e9df85030ed-FRA

GET
H2 200 bootstrap.min.js Show response
www.paloaltoonline.com/twitter_bootstrap/4.3.1/js/ 57 KB
16 KB 664ms
664ms Script
application/javascript 104.26.14.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paloaltoonline.com/twitter_bootstrap/4.3.1/js/bootstrap.min.js
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.14.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f29bd85aa6f169b65fc269b452b5c6884d2f3a97b5f9232d9d02dd2c7e542a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 18 Mar 2023 21:03:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJ%2Fec9oqxey71%2Bk8P8apPQM62oSG8ig35BqcjXXodhiv%2BmplNeeGpr89ah3AJr6FXuPebR4SxmHLv7OKHoO5j%2Bfh5AvH2Ghzw0GnBrMHKdaWZZuOoflp4Kcul7PhXBi4nJf4%2FmPfyQk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7aa11e9c8ef130ed-FRA

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 129ms
15ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sat, 18 Mar 2023 23:05:17 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116328

GET
H2 200 vaafb692b2aea4879b33c060e79fe94621666317369993 Show response
static.cloudflareinsights.com/beacon.min.js/ 17 KB
6 KB 86ms
46ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer: https://www.paloaltoonline.com/
Origin: https://www.paloaltoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: gzip
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
server: cloudflare
etag: W/2022.10.1
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7aa11e9e2b1b9b39-FRA

GET
H2 200 v2pdgWEYYQsW9BPRdhwOxHy3ASfitv4gPiiH06qk85pgSzMV13zN6Wmg Show response
rehabilitatereason.com/ 60 KB
22 KB 91ms
27ms Script
text/javascript 2600:1901:0:9ed6::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rehabilitatereason.com/v2pdgWEYYQsW9BPRdhwOxHy3ASfitv4gPiiH06qk85pgSzMV13zN6Wmg

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/cdn-cgi/apps/head/U43NWRW5EQcX3AkTpxuRHQVgbZ0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:9ed6::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e9eaf5c64e3371f6c2a45bf13d664a9e976aeb137d5adc5a92377a8019454f1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Sat, 18 Mar 2023 23:05:17 GMT
x-datacenter: gce-europe-west1
etag: "285b4207fc96f573b1087b242fb534434a6384b9dbf2a6224abb0a09131b73c0"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-blst
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 787370472
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 159 KB
60 KB 70ms
33ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-2DXJ

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2cc74c4eee05c8be0e8c85ebc94414456391f20ae7d5081a84eb80a3d3822e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61221
x-xss-protection: 0
last-modified: Sat, 18 Mar 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Mar 2023 23:05:17 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 88ms
31ms Script
text/javascript 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Mar 2023 22:41:47 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1410
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17093
expires: Sun, 19 Mar 2023 00:41:47 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 107 KB
28 KB 62ms
15ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Mar 2023 23:05:17 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27907
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: uTGtTxUCC12JvbmB/fkzrVN1HBQRc9Yr1A+LhceXBblSH2SP0nDWwh/tT7QUkA7PUlkqOZ8aqm8LSDWiAePikw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrate_84c36689ca5c8a4c307a3236c41d43d3.js Show response
cdn.pushalert.co/ 230 KB
42 KB 108ms
24ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pushalert.co/integrate_84c36689ca5c8a4c307a3236c41d43d3.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Apache/2.4.10 (Debian) /

Resource Hash

98b03786476ceb647a44abaf8832a286afced16f69b53a3cf2719b0165e92a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 17 Mar 2023 12:37:08 GMT
server: Apache/2.4.10 (Debian)
etag: "1679056628"
x-frame-options: SAMEORIGIN
x-hw: 1679180717.cds286.lo4.hn,1679180717.cds286.lo4.c
content-type: application/javascript
cache-control: max-age=8640000, public
accept-ranges: bytes
content-length: 43107
x-xss-protection: 1; mode=block

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 76ms
26ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=20c4b40556
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/20c4b40556.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
via: 1.1 8ac93eaf91328abbc6951d3fbab21e80.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 15526034
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02tw9I4NmGB8d%2FBazY1%2B9llpx3Ugjer9sPkQTWCmtBeO29PLu8NV%2FV6rDfg4Wpk851w3j5gc%2FIyTIINkXdcMnv4bqpoy%2FSM5HxxoFkrSy2ty8tupPsCsh8pzwXJ3KDTneQQrabpb3YJ6gWtmDbS8360Akw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7aa11e9e3c9391e1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: MZtViinyMSUW5XoMQhUhEZy0twfmIp3KKvqbOWvuQA-Rgg6TTt1QQA==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 74ms
25ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=20c4b40556
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/20c4b40556.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
via: 1.1 c51e3be89c14e3f859ea898f7e36ecec.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-C1
age: 16297557
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IpNEKE81G4UFI1iZfYDVsHcNua5T86vt2EQFonex1V9gluL83fTSXSGm2cWFsComipyv9CuAT3Ruf6E1TNy43dwwOH9YbXxEuNsNMXaRE3m5sLaZYHhKpSZc6sQdf960QFcUIvKKZORLCIpHVND%2FK0jl1A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7aa11e9e3c9491e1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: YRFPdGet09yqKy-y7KXZFfo650NclE9xPEjfYTvxB7ms204Gf_ax9w==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 73ms
24ms Fetch
text/css 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=20c4b40556
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/20c4b40556.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 3719217
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JK6v4Z%2BPEhq6w4%2BpTeKNSRcs4OvWXKqEmRmAw7kqUTCsVP5qJya%2BDOtljn9xD4Apwuuzxj2PSidkTilmmRv0Wh52aJYXdTDc8UnMySmQaxFbejAjlts79O7nMwvXnfLsADnuNxvd8DbWooAxr3PwKWOVPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 7aa11e9e3c9591e1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: oIc9Z4WrhYGxE8-ECo1WPpUfFIVOLQrm-RwMZ_KnE_9_2sYEXAYODg==

GET
DATA 200
OK truncated
/ 192 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Widgets_30.js Show response
magnetapi.klangoo.com/w/ 5 KB
2 KB 539ms
125ms Script
application/javascript 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL

https://magnetapi.klangoo.com/w/Widgets_30.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b8d50c84a2260ae91fabc4defb64a4e0d45a6449288509817fd3c6afe68b62f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:06:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Sep 2020 14:14:09 GMT
Server: Microsoft-IIS/8.5
ETag: "804ebad04588d61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 1840

GET
H2 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 17ms
15ms Font
font/woff2 2606:4700:e4::ac40:a816
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://www.paloaltoonline.com/
Origin: https://www.paloaltoonline.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA60-P2
age: 8725343
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnQko4YW9x28oJCKxpy1tmKh5ZM1BrI2LolU4DMprDjPxhKEnIUtrlVOAQCXCX0BTG45kD8aXcRZqdEkgKJhB0xvw%2FXfaY%2BYBPPd8u8zUbwifXol4%2B%2FxMNwZFlmlEk5PmJ%2BNgp0o7xC6BUOEGbLCtMBQ1w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7aa11e9e7cde91e1-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: 7-_YLfF30hPqhydnb5DQJST8rbDU-As5DmNV8oPScrUh0lIsNcbB1w==

GET
H2 200 1381337412046565 Show response
connect.facebook.net/signals/config/ 378 KB
109 KB 330ms
329ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1381337412046565?v=2.9.99&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a9b0b77014b21668850cbdfc378789ebec00f8648ff8f0b61f061135b8cd2fc6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Mar 2023 23:05:18 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: GEl+o7StulmPYjOjYFRwKYwBva9CDGuWXyXVh9wh4RRWsytyBDsuA4u/41D+bKa5RL1jNBfxx84R+HWqVlOsMw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 2050670934
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl_2023031301.js Show response
securepubads.g.doubleclick.net/gpt/ 397 KB
134 KB 64ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 12:58:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36407
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136873
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 08:34:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 17 Mar 2024 12:58:30 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 116 B
622 B 73ms
18ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.paloaltoonline.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

772766cf0b83a1206b9def87346b96ea70b489fe2fe34929d07795c19ab2e9e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80
x-xss-protection: 0
expires: Sat, 18 Mar 2023 23:05:17 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/1072652050/ 3 KB
2 KB 60ms
21ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1072652050/?random=1679180717881&cv=11&fst=1679180717881&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&label=GwJLCPfr1OcCEJK-vf8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&tiba=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&value=0&bttype=purchase&auid=813669181.1679180718&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-2DXJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

5789de95347b4798cf2b925233a89b53bbda39263671daff843efb18c85926fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1698
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 217 KB
76 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KBH7GWY29S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-2DXJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4117747340e1975b6d30eb4e953e74272247fa5bf9931cb6300a2d3198d7c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78031
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Mar 2023 23:05:17 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1764138116&utmhn=www.paloaltoonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&ut...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-440011-1&cid=1192021031.1679180718&jid=1326144960&_v=5.7.2dc&z=1764138116
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-440011-1&cid=1192021031.1679180718&jid=1326144960&_v=5.7.2dc&z=1764138116&slf_rd=1&random=654401426

42 B
408 B

66ms
26ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-440011-1&cid=1192021031.1679180718&jid=1326144960&_v=5.7.2dc&z=1764138116&slf_rd=1&random=654401426

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:05:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-440011-1&cid=1192021031.1679180718&jid=1326144960&_v=5.7.2dc&z=1764138116&slf_rd=1&random=654401426
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
stats.g.doubleclick.net/ 35 B
194 B 22ms
22ms Image
image/gif 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=387987554&utmhn=www.paloaltoonline.com&utmt=event&utme=5(trafficQuality*botDetection*botExcluded)(1)8(2!User%20Type*Unlocked*Meter%20Count)9(2!Visitor*Viewed*1)11(2!1*1*1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&utmhid=1682413729&utmr=-&utmp=%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&utmht=1679180717904&utmac=UA-440011-1&utmni=1&utmcc=__utma%3D248443142.1192021031.1679180718.1679180718.1679180718.1%3B%2B__utmz%3D248443142.1679180718.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 15:47:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26267
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 39ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KBH7GWY29S&gtm=45je33f0&_p=1682413729&cid=1416233426.1679180718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679180717&sct=1&seg=0&dl=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&dt=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBH7GWY29S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:05:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.paloaltoonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 55ms
27ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.paloaltoonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 53ms
26ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.paloaltoonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 281 KB
26 KB 100ms
98ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1653274993148905&correlator=3708154222482508&eid=31072019%2C31072028%2C31073202%2C31073258%2C31073260%2C44785969&output=ldjh&gdfp_req=1&vrg=2023031301&ptt=17&impl=fifs&iu_parts=1006587%2Cpaloalto_news_responsive_1%2Cpaloalto_news_responsive_2%2Cpaloalto_news_story_300x250_1%2Cpaloalto_news_story_300x250_2%2Cpaloalto_news_story_300x250_3%2Cpaloalto_news_story_300x250_4&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x250%7C1x1%2C970x250%7C1x1%2C300x250%2C300x250%2C300x250%2C300x250&ifi=1&adks=2470967933%2C2765269385%2C3643861399%2C2525601685%2C809780643%2C1320052880&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1679180718019&lmt=1679180718&dlt=1679180716759&idt=1221&adxs=315%2C315%2C435%2C815%2C435%2C815&adys=80%2C1600%2C1180%2C1180%2C2071%2C2071&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C0%7C0%7C2%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&frm=20&vis=1&psz=1600x40%7C1600x35%7C380x0%7C380x0%7C380x0%7C380x0&msz=1600x0%7C1600x0%7C350x0%7C350x0%7C350x0%7C350x0&fws=0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1192021031.1679180718&ga_sid=1679180718&ga_hid=1682413729&ga_fc=true&ga_cid=1416233426.1679180718

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bf5306eb86418e48aeb4d632a673915a9efa7ddc697be316b1193efd8de66f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26644
x-xss-protection: 0
google-lineitem-id: 6239492141,6050633480,6237597749,5662915675,5860338190,6244741369
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424759499,138422295601,138424510791,138413373260,138411289485,138426157936
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.paloaltoonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c874370014d0f2b26534edfeac1349e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A96D 6 KB
3 KB 80ms
18ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c874370014d0f2b26534edfeac1349e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.paloaltoonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Mar 2023 23:05:18 GMT
expires: Sun, 17 Mar 2024 23:05:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
www.google.de/pagead/1p-conversion/1072652050/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072652050/?random=127748425&cv=11&fst=1679180717881&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&label=GwJLCPfr1OcCEJK-...
https://www.google.com/pagead/1p-conversion/1072652050/?random=127748425&cv=11&fst=1679180717881&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&label=GwJLCPfr1OcCEJK-vf8D&hn=www.googleads...
https://www.google.de/pagead/1p-conversion/1072652050/?random=127748425&cv=11&fst=1679180717881&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&label=GwJLCPfr1OcCEJK-vf8D&hn=www.googleadse...

42 B
154 B

24ms
24ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1072652050/?random=127748425&cv=11&fst=1679180717881&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&label=GwJLCPfr1OcCEJK-vf8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&tiba=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&value=0&auid=813669181.1679180718&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1MVm9BWVF2dUd6d05iaHFZYWlBUklsQUJ5eVpnSV9VczJ0Mi1QTWdqWTh3TENJTmVyX09oak1pTUxwQUZ0RnhRV2VuS1FOUWcaWENoRUk4TUxWb0FZUXo5MnpoNF9HMzgyS0FSSXRBSWgtdFVOa1J2bEFFTnVfNjlSX0pVUTZoekVER1NwWHh2ck91eFdmTV9wajhYX0FfZWwwSzJSS2U0WlE&is_vtc=1&ocp_id=rUMWZJ-QOZ6j7_UPjdW0yAs&eitems=ChAI8MLVoAYQ9NOzmPOJjtJFEh0A6b9zwMDYVTOsj44hpTPPlGCdX-U190jj5G09Yg&random=3944858192&ipr=y&prhg=0

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:05:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:05:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1072652050/?random=127748425&cv=11&fst=1679180717881&bg=ffffff&guid=ON&async=1&gtm=45He33f0&u_w=1600&u_h=1200&label=GwJLCPfr1OcCEJK-vf8D&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&tiba=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&value=0&auid=813669181.1679180718&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOE1MVm9BWVF2dUd6d05iaHFZYWlBUklsQUJ5eVpnSV9VczJ0Mi1QTWdqWTh3TENJTmVyX09oak1pTUxwQUZ0RnhRV2VuS1FOUWcaWENoRUk4TUxWb0FZUXo5MnpoNF9HMzgyS0FSSXRBSWgtdFVOa1J2bEFFTnVfNjlSX0pVUTZoekVER1NwWHh2ck91eFdmTV9wajhYX0FfZWwwSzJSS2U0WlE&is_vtc=1&ocp_id=rUMWZJ-QOZ6j7_UPjdW0yAs&eitems=ChAI8MLVoAYQ9NOzmPOJjtJFEh0A6b9zwMDYVTOsj44hpTPPlGCdX-U190jj5G09Yg&random=3944858192&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8305 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0Rq2_zGZHWr21s0YkvYP5N5vf1UsOvtzgpBF28upZb0jki4BJYz8Uolnv3uK1Phgc4XZN_Ba_kg1WQjtF1HR4hL7qdaG2IWg8y3NzHutFum89knEpSXxRXlAx2PXq11_yuzydKWvNu4pn77bcPblDS1Kc9I0dJSBGNaVzD4ERkl2JkKc8zwmpVl8Tb86bfiVKQ3Z9yuDnk1DEINKIgYdrPy7015ai0zx_Hp0fOwCwgeKxZmfr7vSrGGQEm-wDLoC5y-4eCKJ5xXg7MDC3kOnpbzAeiNk4SYHq0D67ZDNXLgOJE2lSVHuuHgOlNM7qocwq9vBxUaGEz5oRvOY3AQMP5YUajg&sai=AMfl-YTcboImhj-6PdFD-1WJ5HdwiRRk2vzmpzn8YbTBcVBZ0oGPldY2EVNnBj2Ls83RnNWjK3En2YgSNIJXnRVOw7Wku7ZdCWErfPQojYK7CA9eah6enJlObvM9aRiqvqpZmeBl0f8uBHPR0wSiV7k&sig=Cg0ArKJSzEjjHi0jTCq0EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 8305 22 KB
9 KB 65ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 19:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 19:40:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 8305 3 KB
1 KB 73ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 08:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 08:04:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8305 158 KB
49 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H2 200 15724609647824611826
tpc.googlesyndication.com/simgad/ Frame 8305 115 KB
115 KB 75ms
18ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15724609647824611826

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3931e7eb1aed7def38748b7de42e479f661751314d439cb4dca7338ca8c9658e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 20:14:23 GMT
x-content-type-options: nosniff
age: 96655
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117849
x-xss-protection: 0
last-modified: Sat, 04 Mar 2023 00:28:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Mar 2024 20:14:23 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3079 0
0 48ms
48ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxzcXPxZYrUZ0Y65_SoPx8c-At9ibdJTnqCsy59j1RFCrf6l_grwZF049oppp1NxKjAAYEgPDltTZXnlYHqP551zCKL9rEJMDhZo5aZUi-Kdq_79ZmwBvNxmCSbwTQLo89o7uNdlA4K43hKRTYk2e2rX9FyRXT00h8DaUlOUPUV_ZEAR4DNv9x4qbSV4SBYSQw3EdHnKouZtzJFvFpb-5IFfyl5DAFkfCwSJgCZuEfd0p65aeR5QPJBCwANULtrPKRu27hG8vFQgx5FQtemSbaR2w3XOVynkiapbzVRjVcfnP-iHVnMbe-sSP6Z40SdMHRh13BqHZG1lEA9Ja_lLqBDQ1fbw&sai=AMfl-YQnLSMnj9VEiIJ1C09RJigY_MHowMhu3vsWMhpHl56FRt64AlqqBoONhpVsdef9c8sUrdDTKiISWkyobOu1zZrfIvgSnzoaVoeLkj9cA7ROa4XBDoEInVqAzOyaS2GzX1Hh8K9agG42zc_HSJY&sig=Cg0ArKJSzDsCV7bq4wshEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 3079 22 KB
9 KB 55ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 19:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 19:40:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 3079 3 KB
1 KB 62ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 08:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 08:04:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3079 158 KB
48 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H2 200 6297368148244992720
tpc.googlesyndication.com/simgad/ Frame 3079 72 KB
72 KB 126ms
81ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6297368148244992720

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4cb9857e2c0d687018eb003713036940bb31022ea6a06ecb3e5c3568c83aba74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73270
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 23:52:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Mar 2024 23:05:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0E4 0
0 49ms
48ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBCp69a308W981IIahj1eZkczC1k1EWF_oCUdHAHa2fnw1Ta2pGnyHkwvBHH8DC_uotjdEu1vn_JSFWN17rbyuH45itL6IhRnUOukqwISS2ORr2DWGm9LodNonfcyiDZab9FXj7_mzBFD9XgTze7KfBaZoCIG95w5y5ggmr44Dkce6vuHJwtNp51T390kXjJ_U9R0HhpxWrWUsN8bcCRCFsEqMTiRUOeEbfWW428jRM6Wh9XynKckhufcP4kT8uMHVjljfVpPLHf0nmcmJ57ghRtu-aU104WN8K8fV0RcCMgkq_JGi5ZgLnoLhzXgEnEHPg-FmyUjkJV4usuxf2d4yjFhSYjYuMg&sai=AMfl-YRZP5unED27WBO4dZH-YhnLeXyIftn4GBLbxk1WVqu4Fq38nUZsxF--RIIsswoi5uG_gXRZHrlPZMFaejHn5OdeeTzB-x7s-1Htxefog5RgElZBSZSX_UcA-v_EyQrqsu2Cnr5lTbY3-9oko1o&sig=Cg0ArKJSzEG-PBJsJGt4EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame F0E4 22 KB
9 KB 33ms
11ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 19:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 19:40:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame F0E4 3 KB
1 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 08:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 08:04:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0E4 158 KB
48 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H2 200 11956599995306416154
tpc.googlesyndication.com/simgad/ Frame F0E4 26 KB
26 KB 29ms
26ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11956599995306416154

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b69ac02d480ba697159b5ad630c5b379f4c469db7917f5b5eab48d7c4ca64a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 23:52:49 GMT
x-content-type-options: nosniff
age: 83549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26576
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 00:01:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Mar 2024 23:52:49 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D3D 0
0 50ms
49ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSJ1hMlhY5uzNXLx9W3xmFQjsC5Cu93Y7U-OjLoc4t4RRJ4hqGbRauVSRo1N_qDw5JmZRG8Y1gnSfMu5CywplaiW9fc2I0lsGnhk_zSlkQq6KWnRCzYTPN4hdPIw9c1rxIPxg8Vx0ukia8EZ4OS1cknYhKu1MAz0RTNEzM3G8BNyseJmtk-LR4YGTHYUDkLizBO-Jm85BqqYwZh4mUEFTrYKnfNcGRgi08xxt5WnuUxnckehW4kp_vZa7L1JQZANV9x_3r1apIhtZQUftq2MsCQqnHuytu0NeeAmtOKcrq4I7ctt3S6Bv8sa9bifGkTaCYWzkIE-vEeFgZst98LByhNeiArBDSHw&sai=AMfl-YS1yF0rwLmLqVgxIJR8qoRFJKLSSreFcVFcGcgwo8hktkMXkX_fPTdL1UMt7QYM6wkv5LNBc9DhPtdQN1cbg0z_ztyJoqj0lh9H0l5NieeuxVq5LNATR3K7EzKyxDe70wxMRxyYUX2CgQbj-6Y&sig=Cg0ArKJSzLUd5VCtHaAnEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 8D3D 22 KB
9 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 19:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 19:40:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 8D3D 3 KB
1 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 08:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 08:04:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D3D 158 KB
48 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H2 200 12855200128288469113
tpc.googlesyndication.com/simgad/ Frame 8D3D 21 KB
21 KB 30ms
27ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12855200128288469113

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2020d6e6ac03dfcd33dcba99ab2bd458185a2b17f453c4ef88e849996f7d63dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 17 Mar 2023 23:52:49 GMT
x-content-type-options: nosniff
age: 83549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21676
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 17:05:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Mar 2024 23:52:49 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4742 0
0 47ms
46ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurLv-0MD8UHAgW1Vu4z5lAP6tysGYBBE3CNramkK-O6L1gZxo-pb-o9job7D8Gv4ZqqhapqQPFja2jC-IoE8WmHpcejQeIlT_htUFYCAll-KyuInGMoDantUQMo3zWXhXEHLN7ibYygX7DCxweonE1_mxrEQiAGJZ2KScx68EZV6c7w6dPdKCriq-GXe0Djmg049bAHUGGxt7vo5x4UNBrJ3JZ1ZYl9p_QTIxRvStzdYNyJgM-2mT1gpFT12mDPSXMx4GoG6NsK3Dabmw4gWRw8eiTgvgAgTnSvSAXPoni0of_H3BmUg_IAM7Ge4YEmvbvry-vfjJVtaCBhFYzonaHyGV_21yFkQ&sai=AMfl-YSusm8iyx1OeU3yOMVYdr28S1PQiprVToZb-kjk0Wk1KMJ2_MkdFRtORY1wmH1yOxW5zGtwilzGDbyBO_QovFFl2vUQwL2qlctOowgrEt1vAFgZR3uexiuELmIBlF8cYAkb1MEcOu498URV_Lo&sig=Cg0ArKJSzDz71W9OXihWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 4742 22 KB
9 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 19:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 19:40:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 4742 3 KB
1 KB 33ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 08:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 08:04:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4742 158 KB
48 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H2 200 9107272842764806797
tpc.googlesyndication.com/simgad/ Frame 4742 77 KB
77 KB 34ms
31ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9107272842764806797

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46f91f8ae3c8d6c30037a2f00195dd173c828013147879c4916d70667d658453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 05:09:59 GMT
x-content-type-options: nosniff
age: 64519
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79089
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 22:13:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Mar 2024 05:09:59 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5A5F 0
0 54ms
47ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstgSrobrCpOHog3xUl_v8Mt-Ry6lkb18RLE7G7lN7PeZsbsSHAMflTUZUXfpfRkP0kFIksulZ9N5lT6PE3qvmnc3cDuTiBD3AH9CKKtenq8VfwnH05bnyxzJtDx2M7ngV1LR_fD-PGLk5MPdCeDc2G8wqCF4Q_ggGyqAqxLHypCqXwmpMHD3U0pfKyGKlrUPYD2cZ2J-1qkM9snKRm5cm-3rXhTLZBfrsqbybkC4i2fg5bx7vlLHbLz0wVGZ3ddXQ1yTCBpkv3PihMGhTRWYr5cdpWI1BTN-KCFKaQyF3XakTJbA9JLyxmVzkrlHXxd8C90Mm21rP_5_nUlYMAGJSzSDS0MMtL7pA&sai=AMfl-YSy8khQ-xKTYA-GBBuru_RPjFsgIg25_BdH-hVGb0dC9T5nb3EopXOLCg4Oc80fWNSDtBAXCL3dudszIpli1ZFlYEGPpN7Zq-hXCy-8Y1YvVgoJCl24y1OiQpdjb-AdLAS9PNUjzytLNEVYmRA&sig=Cg0ArKJSzBcnNGK7yQ6zEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/ Frame 5A5F 22 KB
9 KB 24ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 19:40:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9101
x-xss-protection: 0
server: cafe
etag: 583283675565503348
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 19:40:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/ Frame 5A5F 3 KB
1 KB 25ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230315/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 08:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Apr 2023 08:04:45 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A5F 158 KB
48 KB 30ms
23ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49519
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678880156327103"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H2 200 9961149377379516915
tpc.googlesyndication.com/simgad/ Frame 5A5F 50 KB
50 KB 26ms
18ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9961149377379516915

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023031301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a346bce9c2d3a0a0c4bd0ef01789c6a099d107a9d0a71fcc391c3c40be9d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 22:55:11 GMT
x-content-type-options: nosniff
age: 607
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50814
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 18:10:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Mar 2024 22:55:11 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 63ms
9ms Script
application/javascript 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e8cd4bf2f547eb60b69a54a5340d5feed5905e1e5ea0ef3d3aefe6a6c1523fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: gzip
etag: "qnbLQo87mD/KmvsyZTIxlQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 25 Mar 2023 23:05:18 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 77ms
9ms Script
application/x-javascript 2600:9000:2057:400:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 00:31:18 GMT
content-encoding: gzip
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 81240
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: fiFy8O3dtr9roQpEet6KW2_O_1k-of4nLuaiw8tYaxriNDD2bHvDXQ==
expires: Sun, 19 Mar 2023 00:31:18 GMT

GET moatframe.js
z.moatads.com/addthismoatframe568911941483/ 0
0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 64ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1381337412046565&ev=PageView&dl=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&rl=&if=false&ts=1679180718401&sw=1600&sh=1200&v=2.9.99&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1679180718400.2062649529&it=1679180717844&coo=false&rqm=GET

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Mar 2023 23:05:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
DATA 200
OK truncated
/ Frame 8305 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e79233aec84319d7f3b30b32d89291d489364fcc011353756100ecb46214895

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3079 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e31d57ade8fc5703e209c28e3c6c0f3160142005779ccf323cab19f4b0068c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F0E4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01a14a699bdc4e948e3562a955cf24f1819199878350fb28254c1de2d046ddb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8D3D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64f8d16cd3d6a0b881fa08618cfcafa25148c5d320f8ee10323d5fcea8275317

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4742 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d787763cabc42a6abedb82c54feb440a87fd7289fe5d858025ff975ec8716a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5A5F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90709d5fa7452f21f44fd81f38d8e34f840cce9ac37d40632e67a87e69627776

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5A5F 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbVEknDPFblyxYW573ZK1cArW0XLe96guSeKvQxZCvgO6icalkLNTj_Y6uBxymcYAh-jGOOR_-ReNrFKZbz9jWt73XsOaBqm-FCJVdX_Tbtl2QOuMfyHOHIdBNS1eKLpA_sBrBetmwtk10IMTeRUs9ZGaO9nVWblrrm2vG9cbAL7NVGWSaUXfqEYGpsI1S09mR2525sGQ0pRKfteEa9MX1oML8e1x6lrEnZ08GUxI8nnaysXuLu9wHyGpYnT5w5kLTaehlzlE3RlUn9z2fn2-QHcrqGxrS4RHbkEGN3UUOvpKlkHpWKUEsLobNsXuyT8dSOLqK5WtQdZ6Nmo7QPX_BVBWGj7faGa0y&sai=AMfl-YSp_TnRC7H1XSaumjuJxNNHqskagJkGi7ixkOr3pQR0Sas3ZAFrtiGwmU6ovzQ1ZXg4Uc2jLFPtbdQPIfSJj6yb2vL6_5oFsbYL58_FlyERkim9M2F-_yoUDu9Pfg-AmOKa6PtktkpF4W9cZ4c&sig=Cg0ArKJSzHcWAeD2_7FLEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3079 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwz6qOHlkzOmzJqUU8oC9C8a7S7-lT0BXUCPBHRhgGAr_PuutT95AlHFRS8ZwRADwExdy7aHgxGvQOHqHYjosJGTM1XspeL0fqcPtW8OML0DqK2bTIYXa5pQ5V-YwjaltflTlaaKj_yKRYzZFkBHGs3TKHQefdIS7TPolYqnPjifleZdXJf97GmkgqhabBDpBgK3Oh59kw5YXkkaaftP5NVRUMyWPn3LHtr0yKba_gH_9pmCvL-d1c8pT3_2Js3l_A75HIS2JPhgG8oie6_bIgyH1K3NdD5s2XjIRUw3Mf_HV_oG99HU8RSAGnlrRpRuCJ77Y05CUQaoLbXP0gv5mbxcHUWuh8&sai=AMfl-YQtAkBy5zz4P0pXW5qzT2VGNODWDk0U2HucFD3myV5ZGtG32XEXKHVFQBkMT0tkgyNW_TFocXzUAWQFdgewOn6c5GaCo5sqFgjaWOmiOT2Qin04SrJ4-qxsQ96WYqgrbG6mjBru7nxfWyFk7hI&sig=Cg0ArKJSzNx4eHWxF-GMEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F0E4 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvElEY5Kfil8muiuK6pGJqQZ8OR02Hu-x1A7UzuvpDzqbDT2FocKoI_KiDP_uBt-Af83B6zIbv3-vuL7emjXuj6pYgvw-R3FVJvPxopwqfE__LzLCwlIotV_KYZhTK4xjs4fimxWv1TfhfjYN6voCGoCPishqL39jkFESE_Wl62LCgqjnvobxNXcV5HSFx3Od4-4DwIcB0ivd4oXuqELNWR3hVRUgdwVNqvoJP_6R6QhJ2CR8ydJPJFV1kHQz86hyqzkHARA6FGaHlqPETKJIDSWW5w6qTaP-B4HDB7O2DO8USftVTsqWPhrEQZqHvKVOEnY4B60COW2qseM3KOh79ThwLi9bFeH15-&sai=AMfl-YTuOQnThZd8z6i9EX67nESQwA5SODvXV12JBPF181tZFg2jsNzDPiAohIG6bW2ZjA4IWlQUQOWxcaqJ2MqmgxxxDZDH3ct0RaV7XHWCH_DtFSpMkJeHJn8oHvDoGCCOHuiYXhYi9rWOF0_QXWc&sig=Cg0ArKJSzOolBotQI-YCEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4742 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRDeWMt9CdF8UoWHcKHuFXPQIW9Vc-g3d1ydpdTRzQTjTKBLu5YE3k334QFllPIK5z8WJQez-Qvi08F3WQMNmIKHH1rIE_K3SAP5GsLn2m_8TrxQYYAHckx2gIDd9qwUyCPbznBTIfew2ewxjhj6CmkD4H5q2y0AwyHM-_GFbRBacPKgi8fTar_PuT3fbjYPK99ZjpJMvQitPQiO2zHW7-ZiiSrNQfP1z2TZl694_bIY9Gwsq5HFE7aQUxB3OiNOsSF-k_fXpl0UNVDS9BLCPZoSf3SIzs9C8AmXRE9NeOt2X_D-BFrtSeipNo2zVV05aYAeLF40FwodPC14GUNBDb1XRAIUoZz0ya&sai=AMfl-YSWRb-ppGOVsuQr9r5M_DwMujBTQGELd0y7I5UaXD3suYqhqi4K8gdMWjmGub2ITG1X20wZv9r0XkRP-8cemJEh10yYJxLFo6zygwo-JSCohNTO3oJ97-wCVErI3Xs0Zf4cdCSgsWaa5Q37ZBk&sig=Cg0ArKJSzKzSZD1i-WpWEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8305 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNUo4Nk6kXHRaTjIkcgzJT9mQcBFI0Ua-EjbPEDv6hfffN8_Q5-OGX3t9HoPWgh55dE6V7Uzqq8ZSyNp-BvFNmxNvgzESXTqSamLnNjafhO2-3oyBZbh2Kitg2Pfyz8QMAGvKHnFdFNsvtO55KS2YFUyrKzer3d1kwGYpirPXjixEMH4dfk9Ky3lDlOG5QVAEV8pqZ4JrQmmrRTeWn4Hn_onQxE_y1yFjqGD0vxGvHoBtZoyK1rVAJsqRQL8XuPtQity-AD7kEvyb1GbRC2SVFe0ZAqRkxP-9YckdG9kNiL3gRoF5Jw5xO8C7Ck2dfdHQ1G5d5j8Skg8rERY_oWJCh2oYxR4eh&sai=AMfl-YR_3--z8DEHIaLiU8lD4iWl4wEK9K2j35wsGdorSDJonmplydj7ywiy8F7XmpHi8C1t9NeBfDzLAcENE90aO4Y8UD9npq8Hezec71XVVlkPkg3F6uDtmjT-dKDSvVvZsTixYDUmc2fKfeMM1A0&sig=Cg0ArKJSzEk_Lp27GcA_EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D3D 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPmkLghx53vK7pnQXz5xI9R15hc9Yr4loY9zjrUzIrVUaW_js46UDX4UtGz6SyeMuwpzpJIlTCTp9yb-BzAC8xRJcA_bbGllMbePkm9EKbSOaEUche_tHzFP-AkzC0FCNOs_O7DiR1L7pbjX2ANtRsmQjaLJpgFZaIa7b5CWMfrJUUmRn0OcQ2kbU0LMMePDnoSiRyEixjipshPpWXSIjT0BSJ4C0Ay8hOqPmclaCm3QQ0kU0o6UILeC8cb04xDxJdckdxff5P3gv9nUA1nCDCsgYjLpznKROMjMjRJBfRfoqmrajL1TYMgHHoTT-L5QafcoMR3bu_UJ1EEe6ZdmJ0wnkBfQkWrwfL&sai=AMfl-YSiUZCCHxrWFJGMrdN85XYS36Grkg9Y66w69EcAmQHjpuZ__EA2ddoBWIhwZYmJQ3LfRgIR7wplHU-8MrAnqMcD47ufz5vA9Ad82pJ3ALmB9neffNdjNzCwqRTJyNHr0pDEW0PF3KL9dE1MBmY&sig=Cg0ArKJSzLXjI9Ywa7DnEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
483 B 62ms
8ms Image
image/gif 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adunitid=yjvbku&adnum=800322
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 23011940
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: Gpag8Z7BXqqDLyAfKw32WdSvM9ldpWtvs0OFrtMOU5tdwdjz3EKLPA==

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5988981069fd470d/ 2 KB
875 B 211ms
132ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5988981069fd470d/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d2e73d41ed98b2f23dc207b99356f35999495484a5890e4d043cadedb1fc0a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: gzip
etag: -152112856--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=13, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 699

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 90 B
250 B 348ms
134ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=641643ae01420e29&bkl=0&bl=1&pdt=1160&sid=641643ae01420e29&pub=ra-5988981069fd470d&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.paloaltoonline.com&fp=news%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1679180718618&jsl=135201&uvs=641643ae7baf6c0f000&skipb=1&callback=addthis.cbs.jsonp__442244029934488970
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5947c5dbdc498806f92ce75f4b083f07ccad3ee2262c167bb85f2e6a8aa2098a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:05:18 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 90
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame E29E 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 2CF1 71 KB
26 KB 21ms
21ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.paloaltoonline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Sat, 18 Mar 2023 23:05:18 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 invisible.js Show response
www.paloaltoonline.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 8D69 27 KB
12 KB 16ms
16ms Script
application/javascript 104.26.14.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paloaltoonline.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679169600
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.14.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6707a79fafbe57cb6ae069c348b6d747fb9f61b95110ac8e11c5046e2d992a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsTovGAS3vMRdtbR397pmAJcGLx3d%2BAs4%2FY2TVXX%2B5i614sD0Y24UAiqBHs%2BIqF5EkhRTwG8NesFEFFV8CJCjysbFLHNdltFd9l5O71JvfnlflVZe7GFBQ6wwqebahy67X%2BsGZWPyW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7aa11ea36eb230ed-FRA

GET
H/1.1 200
OK Widgets_30.css
magnetapi.klangoo.com/w/ 6 KB
1 KB 129ms
129ms Stylesheet
text/css 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL

https://magnetapi.klangoo.com/w/Widgets_30.css

Requested by

Host: magnetapi.klangoo.com
URL: https://magnetapi.klangoo.com/w/Widgets_30.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

2456d9285598d9087f535f346da7d988824f80bb274f1b0e595a659cf6c73666

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:06:03 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Sep 2020 14:14:09 GMT
Server: Microsoft-IIS/8.5
ETag: "804ebad04588d61:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 921

GET
H/1.1 200
OK magnet.min.js Show response
cdn.klangoo.com/wgt/ 118 KB
36 KB 680ms
267ms Script
application/javascript 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.klangoo.com/wgt/magnet.min.js
Requested by: Host: magnetapi.klangoo.com
URL: https://magnetapi.klangoo.com/w/Widgets_30.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS: 162-244-66-114.dedicated.codero.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b4206f55e1f92f9e51cf5b109ae9d539c4c77aa6ce4bb346f4cc05d9a3e2bd7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:06:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jun 2022 13:46:19 GMT
Server: Microsoft-IIS/8.5
ETag: "80c73fc8d087d81:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 36746

GET
H2 200 rules-p-7apeS9pNVYMQo.js Show response
rules.quantcount.com/ 160 B
634 B 53ms
11ms Script
application/javascript 2600:9000:223c:f400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-7apeS9pNVYMQo.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 846dbd7bf751152fe0e958b67495727f90ea135e0e3228802ac34dfc41b2d0b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 22:44:55 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 1348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 06:33:13 GMT
server: AmazonS3
etag: "958f743e0db7db3b663fd792f0688878"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: ViGsgBI7CjCRZFTJ47_aXSpbZG9elO2sB08pnlUbM2ryfV2b6Ikm2Q==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 313ms
103ms Image
image/gif 52.206.74.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=paloaltoonline.com&p=%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&u=CRFTJ3CQgOrZz9jNc&d=paloaltoonline.com&g=26708&g0=News&g1=Bay%20City%20News%20Service&n=1&f=00001&c=0&x=0&m=0&y=5451&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&b=3093&t=C8Qj54B678YWCji8oBChVktcD1Du7L&V=139&i=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&tz=0&_acct=anon&sn=1&sv=DfYBOt5yKFACXeKueyzu8_Dw6syP&sd=1&im=06530c40&_
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.74.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-74-178.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 18 Mar 2023 23:05:18 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 pica.js
www.paloaltoonline.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 8D69 7 KB
4 KB 19ms
18ms Other
application/javascript 104.26.14.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paloaltoonline.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.14.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 106610ff7e795889ba6d33bc06b202829b77f169b695dded0e6a675c3bb451c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoJw2ohZteqsNtrncmHBFrKFiLJ6cAHVtmDrqKDXJURemanv3U%2FlBSJHvwVlYUx9bcCXnNoBKblDVScw7ePPPs3y5shAAeEaxjR5bb0dZBWKTgB43WvW8tO1ysWn3kvaxOcj1shIzbg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7aa11ea40f3930ed-FRA

GET
H2 200 pixel;r=1640964784;rf=0;a=p-7apeS9pNVYMQo;url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist;uht=2;fpan=1;fpa=P0-351...
pixel.quantserve.com/ 35 B
371 B 24ms
14ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1640964784;rf=0;a=p-7apeS9pNVYMQo;url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist;uht=2;fpan=1;fpa=P0-351657019-1679180718672;pbc=;ns=0;ce=1;qjs=1;qv=757f3135-20230316172511;cm=;gdpr=0;ref=;d=paloaltoonline.com;dst=0;et=1679180718729;tzo=0;ogl=url.https%3A%2F%2Fwww%252Epaloaltoonline%252Ecom%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlemen%2Ctitle.Walgreens%20agrees%20to%20%247%252E5M%20settlement%20over%20alleged%20phony%20pharmacist%2Cdescription.Walgreens%20has%20settled%20a%20consumer%20protection%20lawsuit%20alleging%20that%20it%20put%20people'%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Epaloaltoonline%252Ecom%2Fnews%2Fphotos%2F2020%2Ffebruary%2F4%2F83515_original%252Ejpg;ses=556cccf9-e1e5-4a14-84f6-304047020445

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:05:18 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 7aa11e951f4230ed Show response
www.paloaltoonline.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 8D69 2 B
537 B 33ms
33ms XHR
text/plain 104.26.14.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paloaltoonline.com/cdn-cgi/challenge-platform/h/g/cv/result/7aa11e951f4230ed
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1679169600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.14.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 18 Mar 2023 23:05:18 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7aa11ea5485830ed-FRA
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnsaP4UqOmUq3QanxLyfVcjYXu5346hJCNfkaisYHTJg6VSTV0ivu%2BgcX9G%2F72CIPOyoxlv2Si%2BMlDhEkwuO8u0P0QW9mZkr3z%2FfgnAxtvIXGzNflyJmPZqoXKqbXbEdhGXhxnZXP6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
6ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1381337412046565&ev=Microdata&dl=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&rl=&if=false&ts=1679180718927&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C%22%2C%22meta%3Adescription%22%3A%22Walgreens%20has%20settled%20a%20consumer%20protection%20lawsuit%20alleging%20that%20it%20put%20people%27s%20health%20at%20risk%20by%20allowing%20an%20unlicensed%20pharmacist%20to%20handle%20more%20than%20745%2C000%20prescriptions%20in%20the%20Bay%20Area.%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist%22%2C%22og%3Atitle%22%3A%22Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%22%2C%22og%3Adescription%22%3A%22Walgreens%20has%20settled%20a%20consumer%20protection%20lawsuit%20alleging%20that%20it%20put%20people%27s%20health%20at%20risk%20by%20allowing%20an%20unlicensed%20pharmacist%20to%20handle%20more%20than%20745%2C000%20prescriptions%20in%20the%20Bay%20Area.%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2Fphotos%2F2020%2Ffebruary%2F4%2F83515_original.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.99&r=stable&ec=1&o=30&fbp=fb.1.1679180718400.2062649529&it=1679180717844&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Mar 2023 23:05:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 15ms
15ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Sat, 18 Mar 2023 23:05:18 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 v2ycckRmW08nRGeu-hDftOIzJWyPO133WiYnp6S0rSwMZVKkvzbHCRVPU4DzK9q-O5gX2H1nZ Show response
rehabilitatereason.com/ 206 B
233 B 60ms
31ms Fetch
application/json 2600:1901:0:9ed6::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rehabilitatereason.com/v2ycckRmW08nRGeu-hDftOIzJWyPO133WiYnp6S0rSwMZVKkvzbHCRVPU4DzK9q-O5gX2H1nZ

Requested by

Host: rehabilitatereason.com
URL: https://rehabilitatereason.com/v2pdgWEYYQsW9BPRdhwOxHy3ASfitv4gPiiH06qk85pgSzMV13zN6Wmg

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:9ed6::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

eca976798512f1bf678007616ef5bcf32c123461fca55ad5bc385fb29f2ab725

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.paloaltoonline.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Sat, 18 Mar 2023 23:05:19 GMT
via: 1.1 google
x-buildnumber: 787370472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paloaltoonline.com
x-hostname: fen-hoothoot-europe-west1-blst
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Sat, 18 Mar 2023 23:05:18 GMT

GET
H/1.1 200
OK WidgetLoad Show response
magnetapi2.klangoo.com/NewsAgencyService.svc/ 296 B
911 B 732ms
319ms Script
text/javascript 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL

https://magnetapi2.klangoo.com/NewsAgencyService.svc/WidgetLoad?calk=3b021afa-927e-40e6-b47c-66b1e5a13326&request=%7B%22pt%22%3A1%2C%22id%22%3A%2255271%22%2C%22v%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist%22%2C%22dp%22%3A%222020-02-04T09%3A01%3A00-08%3A00%22%2C%22ws%22%3A%5B%7B%22id%22%3A%22rel_30-1%22%2C%22ty%22%3A1%2C%22lf%22%3A%22en%22%2C%22mr%22%3A2%2C%22fd%22%3A%2218%20DEC%202022%22%2C%22rf%22%3A2%2C%22sd%22%3A1%7D%2C%7B%22id%22%3A%22rel_30-3%22%2C%22ty%22%3A1%2C%22lf%22%3A%22en%22%2C%22mr%22%3A4%2C%22fd%22%3A%2218%20DEC%202022%22%2C%22rf%22%3A2%2C%22sd%22%3A1%7D%5D%7D&format=json&callback=__CB

Requested by

Host: cdn.klangoo.com
URL: https://cdn.klangoo.com/wgt/magnet.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

5e796cbc8c76641d614daa726f8d957a21ffb999b26f74fabd7d4dcdb795d4d9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sat, 18 Mar 2023 23:06:05 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Content-Length: 298
Expires: Sat, 18 Mar 2023 23:11:05 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8305 42 B
404 B 88ms
44ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuv7kWrlQMi-3zD2IaV56jCHTt-T4Lx5lzt2v8iXRkSzP6wE-87saoBgrtc0ya1Airm6z7CdyTp8Piu-kY2pH3sR063cj7PM0XZhFi5ga1zVPnvpv0T&sig=Cg0ArKJSzI8uMWU8eO41EAE&id=lidar2&mcvt=1000&p=80,315,330,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230315&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2470967933&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679180718179&rpt=387&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:05:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track.ashx
magnetrack.klangoo.com/v1.1/ 35 B
339 B 539ms
130ms Image
image/gif 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://magnetrack.klangoo.com/v1.1/track.ashx?e=A_PAGE_VIEW&p=55271&r=&c=3b021afa-927e-40e6-b47c-66b1e5a13326&u=ed109c03-302c-43c8-9f82-7a83929f4712&l=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&ran=1679180719760445

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 18 Mar 2023 23:06:05 GMT
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Length: 35

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 28ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KBH7GWY29S&gtm=45je33f0&_p=1682413729&cid=1416233426.1679180718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1679180717&sct=1&seg=0&dl=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&dt=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&en=Read%20story&ep.story_tags=&_et=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBH7GWY29S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Mar 2023 23:05:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.paloaltoonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: z.moatads.com
URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.sidekickopen80.com/	1970-01-20 19:11:56	Name: _hetc Value: efa7389d-0224-4c25-84dd-dc8f40d80dc4\|1679180716230\|ACOD57cwLAIUXWOXbpVQWTYlNmQm8QlWdUEBSMUCFECwdpGt/RSo/TlTyLnOkSs7fMRE
www.paloaltoonline.com/	1969-12-31 23:59:59	Name: X-Mapping-fjhppofk Value: 2B48456CF2A54CD58536D013E11B869E
www.paloaltoonline.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: kep1pqo45rehbvmvtd19t5230u
.paloaltoonline.com/	1970-01-20 20:02:20	Name: uti Value: 8cfa84eff8252cb5c40612fd2fb88d3c
www.paloaltoonline.com/	1970-01-20 20:02:20	Name: uti Value: 8cfa84eff8252cb5c40612fd2fb88d3c
.paloaltoonline.com/	1970-01-20 12:35:56	Name: _gcl_au Value: 1.1.813669181.1679180718
.paloaltoonline.com/	1970-01-20 20:02:20	Name: __utma Value: 248443142.1192021031.1679180718.1679180718.1679180718.1
.paloaltoonline.com/	1969-12-31 23:59:59	Name: __utmc Value: 248443142
.paloaltoonline.com/	1970-01-20 14:49:08	Name: __utmz Value: 248443142.1679180718.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.paloaltoonline.com/	1970-01-20 10:26:21	Name: __utmt Value: 1
.paloaltoonline.com/	1970-01-20 10:26:22	Name: __utmb Value: 248443142.2.9.1679180718
.paloaltoonline.com/	1970-01-20 20:02:20	Name: __utmv Value: 248443142.\|2=User%20Type=Visitor=1^3=Unlocked=Viewed=1^4=Meter%20Count=1=1^5=hiding=not%20private=1
.paloaltoonline.com/	1970-01-20 20:02:20	Name: _ga Value: GA1.1.1416233426.1679180718
.paloaltoonline.com/	1970-01-20 20:02:20	Name: _ga_KBH7GWY29S Value: GS1.1.1679180717.1.0.1679180717.0.0.0
.paloaltoonline.com/	1970-01-20 19:47:56	Name: __gads Value: ID=6d288bbab3c5e17d:T=1679180718:S=ALNI_MaF_R09pEhNGWUX095bSJkSa5gmJQ
.paloaltoonline.com/	1970-01-20 19:47:56	Name: __gpi Value: UID=00000bc82158417e:T=1679180718:RT=1679180718:S=ALNI_MZ4i_VLwWzBubqX6XBTb2P9ho-uZA
.doubleclick.net/	1970-01-20 19:47:56	Name: IDE Value: AHWqTUkl12C6CC7WvkdCoGTIKxFF1O5epvh5fsSHWojz9I55g0yj6Pddg7H_SjHWYwo
.paloaltoonline.com/	1970-01-20 12:35:56	Name: _fbp Value: fb.1.1679180718400.2062649529
www.paloaltoonline.com/	1970-01-20 19:58:01	Name: __atuvc Value: 1%7C11
www.paloaltoonline.com/	1970-01-20 10:26:22	Name: __atuvs Value: 641643ae7baf6c0f000
.paloaltoonline.com/	1970-01-20 19:55:08	Name: _cb Value: CRFTJ3CQgOrZz9jNc
.paloaltoonline.com/	1970-01-20 19:55:08	Name: _chartbeat2 Value: .1679180718689.1679180718689.1.DfYBOt5yKFACXeKueyzu8_Dw6syP.1
.paloaltoonline.com/	1970-01-20 10:26:22	Name: _cb_svref Value: null
.addthis.com/	1970-01-20 19:58:01	Name: uvc Value: 1%7C11
.quantserve.com/	1970-01-20 19:56:35	Name: mc Value: 641643ae-b67d3-9ec04-b81a4
.paloaltoonline.com/	1970-01-20 19:50:49	Name: __qca Value: P0-351657019-1679180718672
.paloaltoonline.com/	1970-01-20 10:26:22	Name: __cf_bm Value: cM6Bg0S6_j8txNBfnqvj0FdIM5paNvqSNrzSFTUFBIg-1679180718-0-AUFh8mLzOVkLglVoivUr/dGEeAbl5NB56E8CxS4wQDIuPl0AaWCXz38UvLOeMcv6Ym3niA9CwlZs/Iw1daw1fjn499ZLYWVc1N4971oSP3GwmxfNYAqYXkvw9keO4+8BLg==
.addthis.com/	1970-01-20 19:58:01	Name: loc Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==
.paloaltoonline.com/	1970-01-20 19:55:08	Name: _awl Value: 2.1679180719.5-839b3e06a3871b5a576789c9390bc0de-6763652d6575726f70652d7765737431-0
.paloaltoonline.com/	1970-01-20 20:02:20	Name: _ma_uid Value: ed109c03-302c-43c8-9f82-7a83929f4712\|1681772719460

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
c874370014d0f2b26534edfeac1349e2.safeframe.googlesyndication.com
cdn.klangoo.com
cdn.pushalert.co
connect.facebook.net
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
m.addthis.com
magnetapi.klangoo.com
magnetapi2.klangoo.com
magnetrack.klangoo.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
region1.google-analytics.com
rehabilitatereason.com
rules.quantcount.com
s7.addthis.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.chartbeat.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.sidekickopen80.com
tpc.googlesyndication.com
v1.addthisedge.com
www.embarcaderopublishing.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.paloaltoonline.com
z.moatads.com
s7.addthis.com
z.moatads.com
104.26.14.44
104.26.8.19
104.75.88.126
142.250.186.34
151.139.128.10
162.244.66.114
2001:4860:4802:34::36
2600:1901:0:9ed6::1
2600:9000:2057:400:18:1fcd:351:7bc1
2600:9000:223c:f400:6:44e3:f8c0:93a1
2600:9000:223f:ca00:8:48e:53c0:93a1
2606:4700:4400::ac40:955a
2606:4700::6810:3965
2606:4700::6812:1634
2606:4700:e4::ac40:a816
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:800::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2001
2a00:1450:4001:827::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.206.74.178
01a14a699bdc4e948e3562a955cf24f1819199878350fb28254c1de2d046ddb1
07cebc4e0f208791813887c1710c84a241522bb6428e58512b06efe2bbf8031c
0a19fce040b8127f3e2e3ed609f7800153be329d6420b53295fb79a4f40012ec
0d2e73d41ed98b2f23dc207b99356f35999495484a5890e4d043cadedb1fc0a8
0e79233aec84319d7f3b30b32d89291d489364fcc011353756100ecb46214895
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
106610ff7e795889ba6d33bc06b202829b77f169b695dded0e6a675c3bb451c8
169a73226f810a0ba713f5145c28f8c66a5864d5a32c84d1abe89382390c8117
2020d6e6ac03dfcd33dcba99ab2bd458185a2b17f453c4ef88e849996f7d63dc
2456d9285598d9087f535f346da7d988824f80bb274f1b0e595a659cf6c73666
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2bf5306eb86418e48aeb4d632a673915a9efa7ddc697be316b1193efd8de66f5
2e4850c399d9fcecfb2c1977bc882dff7ca4c1393729a3e2c2890cb00cd1148a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f
34082f605d5f6565e0721eeff723dd1c1aff205a6bafaf40a5fc4a7721d6faad
344a7d902c6d219492e3c8e2f3a29c1634c73be7c410a8b5212ed67f56081e39
3456dcd3eb25196e68e2822cca66a20c2f123bedf5986f159be674e4c40a05cb
3931e7eb1aed7def38748b7de42e479f661751314d439cb4dca7338ca8c9658e
3e31d57ade8fc5703e209c28e3c6c0f3160142005779ccf323cab19f4b0068c5
429f430d83b23af02d70781f2dd4200646e55304ef59b01bb9018e7a3d50310d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43f5141d2b4b4c4291007910197d1272619345bba65807ef802255bb1d7119e9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46f91f8ae3c8d6c30037a2f00195dd173c828013147879c4916d70667d658453
4cb9857e2c0d687018eb003713036940bb31022ea6a06ecb3e5c3568c83aba74
4f29bd85aa6f169b65fc269b452b5c6884d2f3a97b5f9232d9d02dd2c7e542a7
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5789de95347b4798cf2b925233a89b53bbda39263671daff843efb18c85926fb
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5947c5dbdc498806f92ce75f4b083f07ccad3ee2262c167bb85f2e6a8aa2098a
5e796cbc8c76641d614daa726f8d957a21ffb999b26f74fabd7d4dcdb795d4d9
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
64f8d16cd3d6a0b881fa08618cfcafa25148c5d320f8ee10323d5fcea8275317
6707a79fafbe57cb6ae069c348b6d747fb9f61b95110ac8e11c5046e2d992a8b
6867e6613d3695341e7280007485908d5ec270beabda722366c4266909496c86
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
70c104563e945a1d986daac2f5896636676bf5c03a86883682957e755b32c0d6
71096a60d61fc17ebd7846babcc1bfed67b5f65bbe7bce04aabd7ea41b93c299
717bf9ad10598afacee727e234d18601a90132e3f0b92f2b2084124e751b20d1
772766cf0b83a1206b9def87346b96ea70b489fe2fe34929d07795c19ab2e9e9
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846dbd7bf751152fe0e958b67495727f90ea135e0e3228802ac34dfc41b2d0b2
90709d5fa7452f21f44fd81f38d8e34f840cce9ac37d40632e67a87e69627776
98b03786476ceb647a44abaf8832a286afced16f69b53a3cf2719b0165e92a57
9d787763cabc42a6abedb82c54feb440a87fd7289fe5d858025ff975ec8716a6
a0a346bce9c2d3a0a0c4bd0ef01789c6a099d107a9d0a71fcc391c3c40be9d5e
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2cc74c4eee05c8be0e8c85ebc94414456391f20ae7d5081a84eb80a3d3822e7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9b0b77014b21668850cbdfc378789ebec00f8648ff8f0b61f061135b8cd2fc6
aaaeff283d77d5f0d27c6ae7768ea2bba13a624a99b79208db30e0a7ca2e7c27
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b07a3d22468f376c38de5b6cef82395389411c81a6b40fd04232cc6cf4522ab2
b096fa9475588a1ced4799294851262112e97a03d8b573aa51a6dce6a54fd93e
b2c6127d65d8a93ead696e0f02be535e8bd8143fad8129908df5e2a59a0b20b5
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b4206f55e1f92f9e51cf5b109ae9d539c4c77aa6ce4bb346f4cc05d9a3e2bd7e
b69ac02d480ba697159b5ad630c5b379f4c469db7917f5b5eab48d7c4ca64a20
b8d50c84a2260ae91fabc4defb64a4e0d45a6449288509817fd3c6afe68b62f9
bb7d39384f8a58e23c5e8c78b974aabb9cd28238d451301a12b43c321783fe6c
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
ce9c011b155c50fc6a7e648ce390f8229569ee094e951f8494075290aeb6c3ff
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4117747340e1975b6d30eb4e953e74272247fa5bf9931cb6300a2d3198d7c37
e562b3567fafca623f6a51fb7b64376e1b4fce37fb1f230a323da145f6799981
e8cd4bf2f547eb60b69a54a5340d5feed5905e1e5ea0ef3d3aefe6a6c1523fe7
e9eaf5c64e3371f6c2a45bf13d664a9e976aeb137d5adc5a92377a8019454f1e
eca976798512f1bf678007616ef5bcf32c123461fca55ad5bc385fb29f2ab725
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

www.paloaltoonline.com Open in urlscan Pro 104.26.14.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

96 %HTTPS

77 %IPv6

27 Domains

39 Subdomains

30 IPs

3 Countries

2054 kBTransfer

5403 kBSize

30 Cookies

13 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paloaltoonline.com Open in urlscan Pro
104.26.14.44 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

96 %
HTTPS

77 %
IPv6

27
Domains

39
Subdomains

30
IPs

3
Countries

2054 kB
Transfer

5403 kB
Size

30
Cookies

103 HTTP transactions
10 data transactions