www.westernjournal.com Open in urlscan Pro
2606:4700:10::6816:274b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Submission: On December 07 via api (December 7th 2021, 3:42:27 pm UTC) from US — Scanned from DE

Summary HTTP 246 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 81 IPs in 11 countries across 59 domains to perform 246 HTTP transactions. The main IP is 2606:4700:10::6816:274b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.westernjournal.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 14th 2021. Valid for: a year.

This is the only time www.westernjournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:10:... 2606:4700:10::6816:274b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225e:c000:d:99dd:3480:21	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
5	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:9000:223... 2600:9000:223d:200:9:78a:e540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:a200:14:248f:8500:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:10:... 2606:4700:10::6816:38ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	13.251.191.176 13.251.191.176	16509 (AMAZON-02) (AMAZON-02)
3	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2600:9000:223... 2600:9000:223f:1600:1c:386f:ec80:21	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.68 52.222.236.68	16509 (AMAZON-02) (AMAZON-02)
8	3.82.254.41 3.82.254.41	14618 (AMAZON-AES) (AMAZON-AES)
1	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	23.20.58.18 23.20.58.18	14618 (AMAZON-AES) (AMAZON-AES)
8	35.201.96.133 35.201.96.133	15169 (GOOGLE) (GOOGLE)
3	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
8	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
1 3	54.230.69.41 54.230.69.41	16509 (AMAZON-02) (AMAZON-02)
9	34.247.9.63 34.247.9.63	16509 (AMAZON-02) (AMAZON-02)
17	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
2	13.32.99.34 13.32.99.34	16509 (AMAZON-02) (AMAZON-02)
1 3	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.112.71 18.66.112.71	16509 (AMAZON-02) (AMAZON-02)
1	3.136.15.54 3.136.15.54	16509 (AMAZON-02) (AMAZON-02)
3	34.239.232.96 34.239.232.96	14618 (AMAZON-AES) (AMAZON-AES)
1	52.218.192.48 52.218.192.48	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4	52.202.233.191 52.202.233.191	14618 (AMAZON-AES) (AMAZON-AES)
4	151.101.65.194 151.101.65.194	54113 (FASTLY) (FASTLY)
1	52.222.214.95 52.222.214.95	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	13.32.99.122 13.32.99.122	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223e:b400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	23.62.140.165 23.62.140.165	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:1200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.112.89 18.66.112.89	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.53 18.66.112.53	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:6000:10:3422:3f00:21	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.111.219.144 104.111.219.144	16625 (AKAMAI-AS) (AKAMAI-AS)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
4	2600:9000:224... 2600:9000:2240:4c00:1a:5302:20c0:21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	54.231.133.120 54.231.133.120	16509 (AMAZON-02) (AMAZON-02)
2	51.195.5.40 51.195.5.40	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
15	2600:9000:225... 2600:9000:225e:be00:17:5bae:c7c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1 3	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:808::2014	15169 (GOOGLE) (GOOGLE)
3 4	37.157.2.238 37.157.2.238	198622 (ADFORM) (ADFORM)
2 2	213.155.156.184 213.155.156.184	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
8	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	51.222.80.231 51.222.80.231	16276 (OVH) (OVH)
2 2	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
246	81

16 2606:4700:10::6816:274b (United States)

ASN13335 (CLOUDFLARENET, US)

www.westernjournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.westernjournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:c000:d:99dd:3480:21 (United States)

ASN16509 (AMAZON-02, US)

d3l320urli0p1u.cloudfront.net.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223d:200:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)

product.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
auth.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:a200:14:248f:8500:93a1 (United States)

ASN16509 (AMAZON-02, US)

run.crtx.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:38ae (United States)

ASN13335 (CLOUDFLARENET, US)

users.api.jeeng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.251.191.176 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-191-176.ap-southeast-1.compute.amazonaws.com

go.automatad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

b2cdn.automatad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:1600:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)

d3lcz8vpax4lo2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-68.fra56.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.82.254.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-254-41.compute-1.amazonaws.com

soapps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.20.58.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-58-18.compute-1.amazonaws.com

pa.rxthdr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.201.96.133 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 133.96.201.35.bc.googleusercontent.com

partplanes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
breadbalance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-109-174.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.230.69.41 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-54-230-69-41.blr50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.247.9.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-34.fra60.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-71.fra56.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.136.15.54 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-15-54.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.239.232.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-232-96.compute-1.amazonaws.com

geoip.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eua.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.192.48 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.202.233.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-233-191.compute-1.amazonaws.com

geoip.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b2c.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
event.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.65.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-95.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:b400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.62.140.165 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-140-165.deploy.static.akamaitechnologies.com

cdneast2-xch.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2100889e6b6950c421d63f4eb128c352.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:1200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-89.fra56.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-53.fra56.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:6000:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)

df80k0z3fi8zg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.219.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-219-144.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2240:4c00:1a:5302:20c0:21 (United States)

ASN16509 (AMAZON-02, US)

dh014lg6uwepv.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.231.133.120 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.195.5.40 (France)

ASN16276 (OVH, FR)
PTR: p17.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:225e:be00:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.instiengage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

liftable-bq-streamer.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.238 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.184 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-184.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.80.231 (Canada) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.14.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1957 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	revcontent.com trends.revcontent.com assets.revcontent.com cdn.revcontent.com img.revcontent.com images.revcontent.com	421 KB
21	instiengage.com product.instiengage.com geoip.instiengage.com auth.instiengage.com eua.instiengage.com static.instiengage.com	552 KB
17	googlesyndication.com 2100889e6b6950c421d63f4eb128c352.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	334 KB
17	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com image2.pubmatic.com image4.pubmatic.com simage2.pubmatic.com simage4.pubmatic.com	204 KB
16	doubleclick.net 4 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	134 KB
16	westernjournal.com www.westernjournal.com static.westernjournal.com	411 KB
10	ampproject.org cdn.ampproject.org	204 KB
9	criteo.com 2 redirects gum.criteo.com mug.criteo.com dis.criteo.com	3 KB
8	amazon-adsystem.com c.amazon-adsystem.com	81 KB
8	soapps.net soapps.net	636 KB
8	cloudfront.net d3lcz8vpax4lo2.cloudfront.net d31qbv1cthcecs.cloudfront.net df80k0z3fi8zg.cloudfront.net dh014lg6uwepv.cloudfront.net	126 KB
7	google.com 2 redirects adservice.google.com www.google.com	2 KB
7	media.net hbx.media.net prebid.media.net cdneast2-xch.media.net c21lg-d.media.net	125 KB
5	breadbalance.com breadbalance.com	60 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	crwdcntrl.net 2 redirects id.crwdcntrl.net sync.crwdcntrl.net	1 KB
4	fastly.net confiant-integrations.global.ssl.fastly.net	219 KB
4	insticator.com geoip.insticator.com b2c.insticator.com event.insticator.com	3 KB
4	automatad.com 1 redirects go.automatad.com b2cdn.automatad.com	95 KB
3	adsrvr.org 1 redirects match.adsrvr.org	2 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	id5-sync.com cdn.id5-sync.com id5-sync.com	11 KB
3	facebook.com www.facebook.com	636 B
3	google.de adservice.google.de www.google.de	1 KB
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com signal-beacon.s-onetag.com	17 KB
3	amazonaws.com s3-us-west-2.amazonaws.com s3.amazonaws.com	2 KB
3	quantserve.com 1 redirects secure.quantserve.com pixel.quantserve.com	11 KB
3	rlcdn.com ats.rlcdn.com api.rlcdn.com	115 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	partplanes.com partplanes.com	32 KB
3	google-analytics.com www.google-analytics.com	21 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	918 B
2	onaudience.com 2 redirects pixel.onaudience.com	883 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	gstatic.com fonts.gstatic.com	95 KB
2	facebook.net connect.facebook.net	113 KB
2	googletagservices.com www.googletagservices.com	53 KB
2	4dex.io script.4dex.io	23 KB
2	jeeng.com users.api.jeeng.com	119 KB
2	clean.gg i.clean.gg	104 B
1	simpli.fi um.simpli.fi	614 B
1	appspot.com liftable-bq-streamer.appspot.com	272 B
1	nr-data.net bam-cell.nr-data.net	725 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	fastclick.net secure.cdn.fastclick.net	17 KB
1	adsafeprotected.com static.adsafeprotected.com	481 B
1	quantcount.com rules.quantcount.com	344 B
1	privacymanager.io geo.privacymanager.io	593 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	alexametrics.com certify.alexametrics.com	552 B
1	lijit.com ap.lijit.com	527 B
1	rxthdr.com pa.rxthdr.com
1	contextweb.com bh.contextweb.com	406 B
1	crtx.info run.crtx.info	104 KB
1	googletagmanager.com www.googletagmanager.com	47 KB
1	net. d3l320urli0p1u.cloudfront.net.	38 KB
246	59

	Domain	Requested by
15	static.instiengage.com	soapps.net
15	www.westernjournal.com	www.westernjournal.com
11	tpc.googlesyndication.com	www.westernjournal.com d3l320urli0p1u.cloudfront.net.
10	cdn.ampproject.org	d3l320urli0p1u.cloudfront.net.
9	securepubads.g.doubleclick.net	d3l320urli0p1u.cloudfront.net. www.westernjournal.com
9	trends.revcontent.com	d3l320urli0p1u.cloudfront.net. www.westernjournal.com
8	images.revcontent.com	www.westernjournal.com
8	c.amazon-adsystem.com	d3l320urli0p1u.cloudfront.net. www.westernjournal.com srcdoc c.amazon-adsystem.com
8	soapps.net	www.westernjournal.com d3l320urli0p1u.cloudfront.net. soapps.net
5	image2.pubmatic.com	ads.pubmatic.com
5	pagead2.googlesyndication.com	www.westernjournal.com tpc.googlesyndication.com
5	breadbalance.com	d3l320urli0p1u.cloudfront.net. www.westernjournal.com breadbalance.com
5	www.google.com	2 redirects www.westernjournal.com d3l320urli0p1u.cloudfront.net.
5	assets.revcontent.com	d3l320urli0p1u.cloudfront.net.
5	ads.pubmatic.com	d3l320urli0p1u.cloudfront.net. ads.pubmatic.com
4	cm.g.doubleclick.net	4 redirects
4	c1.adform.net	3 redirects ads.pubmatic.com
4	dh014lg6uwepv.cloudfront.net	www.westernjournal.com
4	confiant-integrations.global.ssl.fastly.net	d3l320urli0p1u.cloudfront.net. srcdoc
4	mug.criteo.com	www.westernjournal.com
4	gum.criteo.com	2 redirects
3	simage2.pubmatic.com	ads.pubmatic.com
3	match.adsrvr.org	1 redirects www.westernjournal.com
3	fonts.googleapis.com	soapps.net
3	cdn.revcontent.com	d3l320urli0p1u.cloudfront.net. www.westernjournal.com
3	www.facebook.com	www.westernjournal.com
3	cdneast2-xch.media.net	www.westernjournal.com
3	sb.scorecardresearch.com	1 redirects d3l320urli0p1u.cloudfront.net. www.westernjournal.com
3	ib.adnxs.com	2 redirects www.westernjournal.com
3	partplanes.com	d3l320urli0p1u.cloudfront.net. www.westernjournal.com
3	www.google-analytics.com	d3l320urli0p1u.cloudfront.net. www.westernjournal.com
3	b2cdn.automatad.com	www.westernjournal.com d3l320urli0p1u.cloudfront.net.
2	sync.crwdcntrl.net	2 redirects
2	pixel.onaudience.com	2 redirects
2	sync.mathtag.com	2 redirects
2	d5p.de17a.com	2 redirects
2	id.crwdcntrl.net	www.westernjournal.com
2	fonts.gstatic.com	fonts.googleapis.com
2	event.insticator.com	www.westernjournal.com
2	googleads.g.doubleclick.net	www.westernjournal.com
2	id5-sync.com	cdn.id5-sync.com www.westernjournal.com
2	s3.amazonaws.com	d3l320urli0p1u.cloudfront.net.
2	pixel.quantserve.com	1 redirects www.westernjournal.com
2	eua.instiengage.com	auth.instiengage.com
2	adservice.google.com	d3l320urli0p1u.cloudfront.net.
2	adservice.google.de	d3l320urli0p1u.cloudfront.net.
2	connect.facebook.net	d3l320urli0p1u.cloudfront.net.
2	auth.instiengage.com	d3l320urli0p1u.cloudfront.net. auth.instiengage.com
2	ats.rlcdn.com	d3l320urli0p1u.cloudfront.net. srcdoc
2	www.googletagservices.com	d3l320urli0p1u.cloudfront.net.
2	script.4dex.io	d3l320urli0p1u.cloudfront.net. www.westernjournal.com
2	hbx.media.net	d3l320urli0p1u.cloudfront.net.
2	d3lcz8vpax4lo2.cloudfront.net	d3l320urli0p1u.cloudfront.net.
2	users.api.jeeng.com	www.westernjournal.com
2	i.clean.gg	www.westernjournal.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	liftable-bq-streamer.appspot.com	www.westernjournal.com
1	image6.pubmatic.com	ads.pubmatic.com
1	c21lg-d.media.net	hbx.media.net
1	bam-cell.nr-data.net	d3l320urli0p1u.cloudfront.net.
1	js-agent.newrelic.com	d3l320urli0p1u.cloudfront.net.
1	api.rlcdn.com	www.westernjournal.com
1	cdnjs.cloudflare.com	www.westernjournal.com
1	img.revcontent.com	www.westernjournal.com
1	cdn.id5-sync.com	srcdoc
1	secure.cdn.fastclick.net	srcdoc
1	df80k0z3fi8zg.cloudfront.net	d3l320urli0p1u.cloudfront.net.
1	signal-beacon.s-onetag.com	d3l320urli0p1u.cloudfront.net.
1	onetag-geo.s-onetag.com	www.westernjournal.com
1	www.google.de	www.westernjournal.com
1	static.adsafeprotected.com	www.westernjournal.com
1	2100889e6b6950c421d63f4eb128c352.safeframe.googlesyndication.com	d3l320urli0p1u.cloudfront.net.
1	rules.quantcount.com	d3l320urli0p1u.cloudfront.net.
1	geo.privacymanager.io	www.westernjournal.com
1	stats.g.doubleclick.net	www.westernjournal.com
1	get.s-onetag.com	d3l320urli0p1u.cloudfront.net.
1	b2c.insticator.com	d3l320urli0p1u.cloudfront.net.
1	geoip.insticator.com	www.westernjournal.com
1	s3-us-west-2.amazonaws.com	d3l320urli0p1u.cloudfront.net.
1	geoip.instiengage.com	www.westernjournal.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.westernjournal.com
1	certify.alexametrics.com	www.westernjournal.com
1	secure.quantserve.com	d3l320urli0p1u.cloudfront.net.
1	prebid.media.net	www.westernjournal.com
1	hbopenbid.pubmatic.com	www.westernjournal.com
1	ap.lijit.com	www.westernjournal.com
1	pa.rxthdr.com	www.westernjournal.com
1	bh.contextweb.com	www.westernjournal.com
1	static.westernjournal.com	www.westernjournal.com
1	d31qbv1cthcecs.cloudfront.net	d3l320urli0p1u.cloudfront.net.
1	go.automatad.com	1 redirects
1	run.crtx.info	www.westernjournal.com
1	product.instiengage.com	www.westernjournal.com
1	www.googletagmanager.com	d3l320urli0p1u.cloudfront.net.
1	d3l320urli0p1u.cloudfront.net.	www.westernjournal.com
246	100

This site contains links to these domains. Also see Links.

Domain
trends.revcontent.com
www.facebook.com
twitter.com
www.justice.gov
nypost.com
justthenews.com
www.dailymail.co.uk
time.com
www.nbcnewyork.com
help.revcontent.com
www.revcontent.com
thewesternjournal.breezy.hr
www.instagram.com
www.linkedin.com
parler.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-14` - `2022-07-13`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
i.clean.gg GTS CA 1D4	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.instiengage.com Sectigo RSA Organization Validation Secure Server CA	`2021-05-28` - `2022-05-28`	a year	crt.sh
*.crtx.info Amazon	`2021-03-17` - `2022-04-15`	a year	crt.sh
jeeng.com Cloudflare Inc ECC CA-3	`2021-09-13` - `2022-09-12`	a year	crt.sh
*.soapps.net Sectigo RSA Organization Validation Secure Server CA	`2020-01-21` - `2022-01-20`	2 years	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
pa.rxthdr.com Amazon	`2021-11-20` - `2022-12-18`	a year	crt.sh
partplanes.com R3	`2021-11-12` - `2022-02-10`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
assets.revcontent.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-12` - `2022-11-10`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2021-03-26` - `2022-03-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-15` - `2021-12-14`	3 months	crt.sh
*.insticator.com Sectigo RSA Organization Validation Secure Server CA	`2021-08-11` - `2022-08-25`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2021-03-11` - `2022-03-15`	a year	crt.sh
cdn.id5-sync.com R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
cdn.revcontent.com R3	`2021-11-12` - `2022-02-10`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
img.revcontent.com R3	`2021-11-11` - `2022-02-09`	3 months	crt.sh
images.revcontent.com R3	`2021-11-10` - `2022-02-08`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
b2cdn.automatad.com R3	`2021-12-06` - `2022-03-06`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
breadbalance.com R3	`2021-11-12` - `2022-02-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.appspot.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Frame ID: 82919F2990BC797A1D9EE08FE8666A3C
Requests: 150 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: 2AECCB562F831FF4AC1839546581045F
Requests: 3 HTTP requests in this frame

Frame: https://b2c.insticator.com/v3/pages/usertracking
Frame ID: 6287EBCACC7EEA792DA4782DF5ACE1B6
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 42E93E26EB9AE4E996348E67A6EFD654
Requests: 10 HTTP requests in this frame

Frame: https://2100889e6b6950c421d63f4eb128c352.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BC5464154C2FA86CCF36340D975598C9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 53DDEB425FBEB2ACCA6B5F8AB3FAF609
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: E236310B9B8112126ABA959639E6056F
Requests: 14 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3E37F5CDEF7B49AA6951857991D80BE0
Requests: 1 HTTP requests in this frame

Frame: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=2834038&contentId=b56a8996-6bd8-48d2-88b2-7a6c838099fa&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=3a2e10eb-3053-4229-b20a-6ad0686cf9ea
Frame ID: C76B1C48DE2857C1EDADEA8D53C4A075
Requests: 4 HTTP requests in this frame

Frame: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Frame ID: ECA5F5A610885AFF3818C67DA4306D61
Requests: 20 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CUYW0S8R&cs=1&cv=37&hb=1&prvid=3020%2C251%2C3011%2C80%2C178%2C2025%2C182%2C203%2C2009%2C3018%2C214%2C237%2C222%2C301%2C225%2C2033%2C2027%2C175%2C2028%2C117%2C3007%2C201%2C2011%2C2030%2C255%2C261%2C2034%2C3022%2C3017%2C3010%2C246%2C108%2C273%2C3014%2C97%2C38%2C3012%2C141&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Frame ID: 42E9F185E49A490713A19919FDD6B110
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 228BDBB33D2FEC7E18B8B641C0F3BE2A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2BB2E9B1437CD31F9C04FCDB903432D1
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 191FDE6DE4835CE32C9D2AA2411C8694
Requests: 14 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=65675554-F1CC-4DBB-BFBA-4D9495955AF6
Frame ID: 610FA8AD0D1216379BB425D616A43314
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5725784548338525498
Frame ID: C23F8F94345A6E50DE11C558B0A15152
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: CBB6A75C42798F16599E113668A97F0D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

JP Morgan Official Says Esptein Kept Maxwell Flush with a Vast Fortune Others Could Only Dream OfmenuFacebookTwitterShareFacebookTwitterShareFacebookTwitterSharecloseFacebookInstagramLinkedinParlerTwitterYoutubecloseFacebookInstagramLinkedinParlerTwitterYoutube

Page Statistics

246
Requests

93 %
HTTPS

40 %
IPv6

59
Domains

100
Subdomains

81
IPs

11
Countries

4460 kB
Transfer

11798 kB
Size

66
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://trends.revcontent.com/click.php?d=g60wDzhYSB3bnHYK5wnWg1H5bF6907%2FL2tFcbhkIMEbKyjMBKDAm4Vd6eDJDiYRVmPMo2jtq55E15hmoBQaLnF80a%2F5m%2BZf0SK8u%2Bhg4n3XWYT0BuuZF2YMpQZYFS9vrsxXGB%2FPn%2FyNHlvKASw538oi6Na9oLXPbK5gZOV4Z9SaYMy93gX8xSwOu06sO2DDklKIcM4zDY4RTNQ6FC9aqeTLwrHJc7QZnAxKSWwTuQjovnh3J8cY68M12BcgTiJVmAJKvGVDu%2BmVPAcSJ5BK0vGCRWU5HEVndV%2FbQHYFnPYM%2FL75KFwpYnssiIBqmLXKKC%2BvNN8w%2BD3Omq2WW3rq4VBwF6QQoa2Gc786YPIc8pQpGqB1fl1sEPODnJra41SZiLjXYWGDgql9%2FnXFB81XDs24N0tatGsDRKUnTjs5dOJo9oXla%2BCH4CtUezbFfAtUNnvV5Uz2vmUlr892Dx0vmOamRpC4YgpBU9Ccmtqt9yGvZQosTrZkqCHnuoT6olnaZFUd4W6wxo3YhVuq%2Bsk8WdzQTrFVbXe5wExflabcNtkef6aeh9GjEkMhmJW4zB78ouFriqrjgumSY0nySNY7EPQtyBJzRc3uAzPD0zUrXsKentg942YCqGQeIgLaU9zC7NHxG%2BTBVHNF%2FCTRLpCwRtrxkC%2BHBG7GoyI0N9zH0ucm%2BY%2B3Dug0WgmxVTcRnCUK%2B9eALXK8WMAED6uCrxUu4dDbWWMFpftFS7UH10mnEhZmC4NMAt%2FW4dhbOO9dp9O66PGst7gsCSZx8zcdPfa9Klxn9gxyF62jEyuQMx0StqmuSqKoGUfNZtrWxZj2CXuyEwQhP4tEvOBCEbubQhJ%2FXPEg3CVZE30o0ztqDoe%2FGSNc%2FLZgqSzE9C7FI0hxlmrIFcgb7tZqA8rzcTuTYq9icgqex76fdlWrl9YeMaypC%2BZxHogHbz62Fn%2F1tYAx40%2Fq%2F%2B2GwVx0TNeulT3y3%2Byhy3eb3SCGCT%2FTAPqg1LQCWnxtLbdSJLeDMgUBCcFXCpOXzS6Qe8fDRLL2Y3Re0I380q85mmFjCT%2FdgcSLom7JKvf343hDAdSjL8pbijDG6UPgNGrZm7mxk5Mz6WHOKnY5wPfXuyBGFCATOJMKydwNhm4NjlRw9ob7BW11nSoQFEDUCG0G9wzhyIRmn7k8lHQX%2F%2BVhh26NE5BQZKON%2F8WKtwgvh194Sc9mwChq2ROeoLAPB1f2791xUOPb2rVPxhSLYW2ZBt85tcYBnHzcluspxf1T8c7rLPQpoF5OZMVOYJhSGfEBa2%2BLwOF3cD0HA6WRHV7mznxg%2Fe2OqYo8ctHxidAzPUEByFScihJ5XT3dtA%2FleTN7omzWXsyH8VlVhXn4qWih1867DRBHDe42DPQFKhOfYckjAZ0a0%2FyIkgSOpHYyCfoaTzXWl%2BtNdGOsgeJ7hHWMR34I9t0k0KDlbLVnly4r7MfikJ3vI7iBqdSOC%2BQowXh1LeLNKQfu4DvRp9ay1ucLN2d%2F8gXLSZ%2Fcc7jqDYTEorY1DLayfrVwrWovzgZMw8%2BIuJLUHGYkHRAhFqHLYxnuRHtETyqR5UVo5MTMnw%2BaX3%2BNt99iiEx9RejoK1r1kc1uUIve8oN%2FPFzFIj9KR1KlTVxbh%2Fll8eOpebHWP7YKo%2FhQqTdhXKK6lTbDrGj39Vpumy3mguxudj89FAGIoidtZZBaZu5WmGbPf1%2BOCI1uUUq9SB19QwbAWbvDNIov%2Bg6kp4H5Zgrnjb%2FGrvjUtPprquz3%2Brp8edCfoxZb5OcLXOZGemUP9%2FfjoNQGUTjfr%2BjyuIVkyWsRchH8vH47v%2FTeIzTOcJGyE97ixvZZqlICOeL3hvFZkKa3nfvdFB0A0gzGRxx5%2Bc80eoFbQF8W1nNEXR1pE3OLvDtvdCnkL0%2FhtW3SJRmLeAcEuegSkxm%2BcwbVhWGLTsR%2BVn42N7V2xJWFB%2B%2FjC9%2BUlQDxMv9hSAXbW76IiqqzIK3OBbviz1H703yLAC7I%2B4ngQUPxl%2BdQrXnzjXn7DJxfyVM13UmQ%2FSPp1FcyJgplsJ2VE1TwI%2BaCpd6YWFlpiwA7HrsaAaD8yJdvJm4OI7EFjrE9s1WMSOMRHYEk3vaCwVq0eBfsCJQR7KrprbTNhtQZCAULL3F0qQdz%2FaqYTIIH%2FD5PXzBtR0U%2FyscEMnoJyPna4bbBVaqqiY8AUiNzEd125RTnlUhPf6VKQe8ARcTogGr5q5qwOI3Lr0I52EqSCYih3oVUY5bRwAL41Mx8tCd5rTeKQgXe%2FXZBoeaM3UlWJHHYbGVFJ9XvYnYhX4iJeULOCSKCH5tVZVuHwHWNrQjJV%2FxJOPmAYpQ%3D%3D&s2s=1
Title: Schockierende Neuigkeiten: Sein Geheimnis Wird Endlich Gelüftet

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=VlULHnY2BK6p7dCyhbjDkKWb8c%2B%2By%2FukcDzsk8kPdDWDudrBhinD6ZHZGjdd724gjgeMkQpPhL8xC187B4eVEvKoo4nNBIHE5Q0Zr7hgWEe6BOEHcY8GoHAG5anfXzJvaVpASkHG5JxO9fLOHm5yZ4QAUmtJGdr2jKaqE%2Fn1OpZ8DDzg1AgO0S0h%2B2QfsUKbnVZyocvOYfvxoT3s1IDSdquADE3PBRm%2B%2BUoE1jkDs5jbTvJwQhzJsvBsjmjx8Zq0DPr6mA6adPp8%2BvH%2BT6jsw0DAjrNquQtvkGqXKkU6bWY2%2F2m50DAoKdy1s2fhhGPwoQ5hFZuC5BOtBRLnkjdnwJdlI2PrVS8WsWikBZ47C3DudtVPtIpvvRKC9UFMlGyeFVFJVNpferSpgroYUTmHVE8Oud2OoKmR%2Fxzb3OJh%2B9SBufLjZnxVSz2VUhprCP6K4AQ20vOLTCzNCCJEocv5nzSzKYldEdQM2OOicARxfr12Z3gQq0eu5gbuttaFTNQdDsWS%2FTy9MCdmWjqhvxYDBO%2BRU9grJ7OlIumb%2BleXjQpPbeDClxBAQ7Kgy%2Fjr8UpFAc7682NGfbbgQAN8BwALrZ6RmNxZOw5OdUSUV6zEttNJIUg%2BTvMJQ6GXHMj%2F2rLvMxlZLr3WOnas0THapCZ8Fp1QBkfSbF44NCDX4WdgURkGuE6raSjPSGF65NnyzeWuNjGfYushCkhvqsyLLanXUoLpJlNV5as%2FutOX4%2Frm6htDEJcA1MohvIpGyj5LTJQ%2B55OfkWrVIK6xr%2F9haIV%2F7uOWVMAVhPXWyr2PJXMj0Q%2FilSPZNTn85Jmt3qiFfzup%2BcnqxfhEb2rPmDiCTX0DHSxN7Jjm7N%2BhIUCpsg9vs7eBdqF0zl1cu3bAwZFExnxppBUJxJ7VAkkuWC%2Bszejx776%2BV5CIQMs0R5BE0sYHeHpMgipJcTfTwKQXRkZLRGMXgY4Zab59TTcI%2BKseF9nTI7K5rgNxYkf5%2FYdty8lEd5a0r5Pt2%2FUFjW68W%2F1QtIvft1RpH3v2gH24PqNYCEUhNprELhGev%2BnT6KjWfd8YcpgVNaTKryr2ufg0ZvuI5MHDxwcuAaMzZ%2FLq9FCUcKxe%2B6EJETo6rFq%2B8g83aFGSQyqGZIWjw%2FYmrk2xsI9yXOoyU%2BnZ3KogVa0Ys%2FAX8cXSLB5pHLV0aqAhn%2BLwv4zIpDsm0tiDKa6d%2FydmiilDzwRMw7XsKr3yyklDUVwpO7uKJ8bHaMqbY3rzTQacAWn88I0isiFrLvB1iUOMHQ6gSq2%2FmEWeXuuw6rDw9j5GgUxVttnri9AUTRtnSPGnEMAFb1teomETEgvMB%2FG%2BXKpWKAKAf7dqlpWCjCuqGfmTfdw%2FEHlL4V6FcQ1Ew%2BxPOuQHQP5Q4Ea8zlTDZl%2FPBVzV8aWzP0MOiaEiEoj8VZiMrTRSERKu1yBOz%2B%2BRZEz8NgOqq7OesBlOVRMICYO3P3EOmlGigW2rJikoxAtSMZR6%2FbtN0%2BExr1z%2BG84UKCqQKn6dSFD3wB3ytpSuj7UuduWXHFsw4UbXPYgpDW%2B%2BMybwUSSu4QEBYn61y5eRZUH5sFPWafmVVEfUNPRS%2Besq5ss%2BWtE%2FUFT7H0wUpCFD0J%2BGlOA1YA%3D%3D&s2s=1
Title: This Video Will Soon Be Banned. Watch Before It's Deleted

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=ZVxx5Rl7rYfQIXnnFUetLmsVSl22bNXl7mEdWkwKzVtASJag4SeQxOrkcw9%2B9z0DBsXpn%2FUQrihEQDiUhPImX2nI1QHaPR0tKPaejG4H4H6B1Ue%2FqCUG%2BJ2BnMHCaHQB2AAxBKn%2BY%2FPuddLxLfddD7yBQlsiCMIZ1n57WgijYqc7sygUrou24lc2Uwc%2FPLqAodqbXVi2dsAC2NNsOwc0D4SYdpomSCxO8ZxoYsLGoVi6RrVug00%2FOH2yUZF8JPZ50fX4n4Gt64jTmnE51drTcEtIRQ%2FJETYJm6t32pJeKWWFCAhp4gOTXZS4RH2an7t9eEtnTdBqyhwDXSw1teP1y3e3stq7QXyeWCfV8qtGlNHqY0eIKi6P3RI3V48TNC3c3I%2Bi5znlzpwA1HqAB5hIxRP9H4DiJJ8q5e3HlT92Y4aKTUp9ECLhf%2FqSr1P4UETczVdO9mWNuJ0cOny3jQy8VK0f6%2FcJt3KecxBVlRYkAC3NXzJYArCv5kvaYmTNUqCArTL6EgM4IeP4rEJrT%2FiKvev%2B5dNoZMBavoc8mzC3AYMVvCnS7a8q%2BynjnGSEPbGQMfFJUc46kc%2BVbrYu2XLS8O%2BeX%2BddWuO1uv8l0iRREgFsbcnLIWnMgD8aoTPBuNoL4864CGedjkeT5CjcKlSeHvx8ovvG5swpN2jHzoDtOaZ%2BanJwIdAbV6JaPgmRYfs3eIPpl5n4lGoLlf4zvc8ye8DG5%2B0FYy8daDmE3ipdf9GxXlp3yd2DJQCFkaqqum4Rj2fYqGmpuD6vj8bJB5mvm6JGJXI4MW1szp8aAPf1%2FzMoW8AnIyvov3v%2F16f1IVIdL3bkhqGU6I8DkGFHVri4%2FCm2NgTh8g26EX3fC61Klm4eUaR%2B%2B3kiurZSFOlTXSL8%2BcbKclLxSoJheSOUQYxFhR6YpaCZMIFgaLYF4k5r6fBltCJxMsPo78%2FRzyvhyj%2FcZtqzrkGiOWZz4B%2FSJhj1YeSNMcrJ94mAlgirq6BoVM4ExmPS8MYZ2Pv5CXhMu6VKQAsHtkdJarMBzaECCHQLQrbbBPaSFAn56D2KaFmFL0OP%2FaOY6%2FIoyQXDTajl4QPlmMFtGQ3Ka8HGAHIu69p3tDFUmW54SaCKBIhq%2FWmSN23X3Gg7E770vwyWn%2FvcDS94DhzGSuBUTC2KcSNBXjt%2Fs7alXTfkeTrjo2vDua2Ksb6PEbdvPQ9PZxo7hz1%2FiK%2F4LUhCVMRS7n9zV4FAB%2BYShIneg8AG8RFhVuFbQNV%2BPoWTlfEKDWG5yDCvnisOtTq7w%2BBlCD9o4MGb4iGe7ts1%2B9hhAWeWlnrkTBvjknBl7mGusdGI0kiu%2Bld%2FmpJ9nAXG0O5nTEZZzbsCpAlz%2FzB83q4tTHr9cuUMiwaqmXZDLCyPPZ8Pc6iHP5%2FY9cHfmdGn%2BRmrVabncJ5DkscdkbaSL8AFFnjGenQmYTJWZro9%2BwJp2qkNFvA%2Fpss1Kmz2ogIiCNLbroKECEL8ovacgqHiaSr7%2BjR0t4v0vUll9IsyiWg%3D&s2s=1
Title: Dies Ist Die Gefährlichste Touristenattraktion Aller Zeiten

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F%3Futm_source%3DFacebook%26utm_medium%3DPostSideSharingButtons%26utm_campaign%3Dwebsitesharingbuttons&display=popup&ref=plugin&src=share_button
Title: Facebook FacebookShare on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F%3Futm_source%3DTwitter%26utm_medium%3DPostSideSharingButtons%26utm_campaign%3Dwebsitesharingbuttons&utm_medium%3DCTWebsite%26utm_source%3DTwitter%26utm_campaign%3Dsocial&text=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of%20via%20%40WestJournalism
Title: Twitter TwitterTweet

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F%3Futm_source%3DFacebook%26utm_medium%3DPostTopSharingButtons%26utm_campaign%3Dwebsitesharingbuttons&display=popup&ref=plugin&src=share_button
Title: Facebook FacebookShare on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F%3Futm_source%3DTwitter%26utm_medium%3DPostTopSharingButtons%26utm_campaign%3Dwebsitesharingbuttons&utm_medium%3DCTWebsite%26utm_source%3DTwitter%26utm_campaign%3Dsocial&text=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of%20via%20%40WestJournalism
Title: Twitter TwitterTweet

Search URL Search Domain Scan URL

URL: https://www.justice.gov/usao-sdny/united-states-v-ghislaine-maxwell
Title: slew of charges

Search URL Search Domain Scan URL

URL: https://nypost.com/2021/11/29/ghislaine-maxwells-lawyer-says-shes-a-scapegoat-for-jeffrey-epstein/
Title: New York Post

Search URL Search Domain Scan URL

URL: https://justthenews.com/nation/crime/epstein-transferred-tens-millions-maxwell-jp-morgan-executive-testifies
Title: Just the News

Search URL Search Domain Scan URL

URL: https://www.dailymail.co.uk/news/article-10281627/Jeffrey-Epstein-wired-30-7M-alleged-madam-Ghislaine-Maxwell.html
Title: Daily Mail

Search URL Search Domain Scan URL

URL: https://time.com/5868402/ghislaine-maxwell-net-worth-mystery-epstein-trial/
Title: Bloomberg

Search URL Search Domain Scan URL

URL: https://www.nbcnewyork.com/news/local/crime-and-courts/who-is-the-real-ghislaine-maxwell-epstein-enabler-or-pawn/3422251/
Title: NBC reported

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F%3Futm_source%3DFacebook%26utm_campaign%3Dwebsitesharingbuttons&display=popup&ref=plugin&src=share_button
Title: Facebook FacebookShare on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F%3Futm_source%3DTwitter%26utm_campaign%3Dwebsitesharingbuttons&utm_medium%3DCTWebsite%26utm_source%3DTwitter%26utm_campaign%3Dsocial&text=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of%20via%20%40WestJournalism
Title: Twitter TwitterTweet

Search URL Search Domain Scan URL

URL: https://twitter.com/CillianZeal
Title: @CillianZeal

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cdouglasgolden
Title: Facebook

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=p8Eam3oWie1gwGPI9BCkDLuMBrXqhxiPh2v5ucnSr9loZ703PLdND3OPIlxrGeKijYpoEVA9owXlvRzLsYEe80YSKjmJV86E9b30L%2Fx1uoHegDeQiJTsnu7N1jx1knWaeA0KRhzsRGT511E1QFbf%2FSk6WZAkPfNddMWxZY6o%2BH4%2Bb96KxT4cdUoXdQl%2BBC4vThXqczH4qHEMsvqyAKYHZHXdW4kDm%2FLR2%2B5zurpaOiu6GO%2Fcc%2Bayd8TpTDREno8vfxq2BPUiZoq2rQXfZVzpBoxZoZ0531ffr2MioeQ3jIWjDZT%2FfxJxyS9pwvvf0dLY5%2FlRyyGAmFjLJd%2F0pWhredNoyGPWowMJCPfXuETwiYBvLb6Tt6ll04p5AUkYUEKe0SsARz%2F3V1wB6EHMCmLbISv8e%2FpxCWMWFXi%2BJeDC9%2B44PEKLEM5Xt7z1HfiKJ4ff0ZGr0sd41pHPtoJ%2FQ1KrG%2FHeXTn19KXNsJhYk6F0PxgkjOr%2FiDp1ydVLG%2B5e7zq0CY3fUP463lzq7FN7fnNv7JBtOUJuQfgobTgIdubzD%2FjvwPQFjTOKYJ6VqeA7vHYKUrZRQscju%2Bbl08egQirVLN97dyEDxLPqH3nbzSeSSd6ObUBR%2FR1wMmzO8yICAdFD9xhxIdLyhGQNgsFvUMdjDsElxrpawxeKKHQtQ14bhW7B3i2e2UTxSQZIypN6JMNm3jhL0DSyEaLMWEaXMrsCXA822jz429gag%2BFG9U9Ki69HhTHP31SeQXoks%2Bp%2FPKBQILPs4e8rEimlZi9gN3n28rCxs4am5hNiJ5GOFT6nv2KOGtxW2qL1itX5djOomWB6J8GFLUXmNFbK5HLfwl%2B2t3GLkpxFbfkNvzl3%2BRbFZMLsxAsKRqd47NuK2ne88w%2FojcwwHgXLrULtj1fa%2FQV1AgzI4qVMGSX03duBkkSLRz0WXKEpCctPRH2EfqJRB5vMsDscsexRBJq4goEzocOYbdYBYo7UqqbZ3qnZRBIoWJaONTyHXJ3C1LGFwRPQ4%2FiRNMqVyecTPGp2ASg8qZObAHR3K4bTwentRVgSNYqb65tg%2FD%2FZ0WhshCBFSrLrBb4zFRlFT%2BTDeDRFJGRmDg9Z3pUqakxt8MKA%2FDr2dulLH7zO%2BhUjG4Uh8YE2EUAG%2FC5cCDcQAbEY4HYxJFoz7yMQI2OZYBOLhnPeCZo7vTMRPiQIZ9ZM8wntvGTKzCejwCYPw3NkXOm7ry%2ByKF7FJbtnqpUwDrl2BDBXllUH5oRL2kq4ZW5KjJEZ8hq%2FXb216tyKOjJZyNJLE7vxsBRjGqeLIprkCS460uhC2qZyTQicS5wiuKvEMqJkR5f657l7WY38i4AjDP2yYacnDHxRCR7RNjINBUygPYE1Lqdnp3hkYBUQx5Qhn4bqYFFOnArwrVzgMOccNzW1sZrGr5X9R19LlroZ7Elfrk9%2BDrjSpNyrl13QTkPKWPhqRcsIT%2FvpboZzm%2F8o2v1O18bl1m36%2BNhYZdPPmPc%2FXM44KVvawMEw7GIxius7XgXZqk%2FI1D9xCLscHgfaEUiSmV1zBN7JtxV15I9CjouFd98Jxn2Ri17FdQCCrBP5Tfo%2F39jJSFK%2F%2BOyHm7J33IlJHN1%2BI6wnLIq%2FPH3liA0Fa2ByaiHrHsWRKMv0f%2Biabgjob9Zc2UEfBwVI83CUEpdwDJDsCzL3EhbNKEBLjtGDmrgnsH4%2BPQdTPX0smszVanL2kIRFN%2FxdHv1t0QDXyvJK%2BjrRSQpAQhu2h1YH422PXJ9Bd10lRXdZT68gXO2w%2BE5nYBEKfO12Edq5l%2BbTX8%2B4V38%2FBsJ%2FSqtVZLp%2BRBSrsNkq3K6ZTWtLg4%2BwlVsq0E8pdjVYCc3%2BWAD%2B72isUnftMn%2BvJiPreRcZ2wScBr9mox%2FXPDkx06vmt5Wq2NR6W3FRlqnII%2B7gzb3Ta6WTd%2BIv%2FdsxTw1yK5LkQLRb4JBddJP9YK9Q9ys%2Fzkpvx2kjnQ0amDAnMxyaq6hIs6wH5xymJq7ZmE4ZC5koldH%2FunVGR9d6MtG2bTP6MoWm76CWo9fZA2%2Fz4%2BOCPDhEVPBmHlhEBTigsKoM7CwlsscaNuIpUnQx4Qphia5cwEik8v%2BfE5kq6H9D%2FYfPuEII2Bi6C1XzkHl9eqEtqjmbhgY1yW8xc76hD0rYnIKfhljjEYLFKoDLYxdEdVnvOiMM1DQtaD7JIsfdztnsEiyT%2F4tvoTWqb48J1BUNSi5TCwizu6YcC6BtBuftm6%2B8FUZSnwhxwb2A2egiY5%2FaTgBVtmsbaMWCzvzqmqa%2FzsLd7oxNxC%2FB%2FslNtSAVQxwbqnxy&s2s=1
Title: Schockierende Neuigkeiten: Sein Geheimnis Wird Endlich GelüftetAmz Tutoring

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=dd6YwCc%2BdvBLDHFsYevLiOiu%2FNNheH8TM7SX71U3InfPrr1tSg6IaJQac7e0ssGcEaKlELsP76VaJBAQMoA1Fi52bjQvHJAM83gwkIMPBw%2FGpWC1msxRJsEq9d8meZ5N6R5k28PHHLewGGChi0DcB6N0FLRqhiUu%2Ba%2Fxnn6GtAR56%2FKsN%2Bt6pEWRG6M4EGU4HNN82YCUfBPn9uKSukbizMes20SbVKYGhgexHIvoC7fjE6vq2iv%2Fv0UKz%2F8nLacSDM8r%2FcDGkXKEQa70vgrZw6AaQiVFFj3VzqkxIz7uSEKq6LSrzLqecXhjpIlBQz4TFKcn9kgIxfxekk%2BmOoeMe4hF3qvGtqQqC9FecJPWFHRLjtUQcXInlWJhKGK5qDFUB%2B2cqz1Xc9qg60l8RVFSaaYVx0FSZ%2BUuPF1J19WjRa%2BW1irMtnyWdOFtyzlhx6RV%2F5N67J7Wj9sRt2dqqZmP7NBHRaSVAdkIY3w8jvwhlP8kKPtdQscgHRwdEba%2B%2Fl%2B9QxwQheA9wiCEzbaDCU9lsDrsN4webDow5NXGxWAK8tGwwjsfYv6G8e2sZFQxFxwu51UfXmbMyz4wGju5SBoWOSMHa4RTMrkY%2Bz%2FI7mQRwgSCdt%2BOlz4AhG0FZXEkE22606DBFBdkQbJa2tNj3JnXlNN8q281wSLzXRG5NTO6vJ57PzZqKW%2Fh9IYVo2Sx7hnRA5kvK8VdXOiimiKegARUwW6oTEhQhl1dzn0%2Bjm1XKJNYOAbtLBBq8bQUp9nBtROEwU7xcEXJ%2BInGepLS0Ui6TaOR8xQz54icHf6hY9EWRY8BXhIXqwU%2BP41JHk1pT2GarDBwtbYzU9p%2F2eelPxGpmz%2BwtrIwLMxbIe3w3VTmKqy0cDmyeN0b4WWX%2FIL81pq06UY%2Fz4r7DNQDlYm9%2FdtAJpmSRSaCy4gGbGnra%2F8AMLEKy4RbPK%2BuRS4Y6kwWz8ideMWpTHiVrLYpLSwZGufbAO6a4eNE%2FpK8B26D3KQE8kEpZel7TmHOmem5p%2FHrIFpF9%2BN5o%2BwQ3tcCd%2F%2FYkirKcc1OudqC%2BnhAXAGZyYYBCdcav04UpbK5sa1vtW3e%2FHn3FCj2EZcShyKDrjIWRwGucjVznwvlanVM1mK1hG9mIYMrZLKKG%2Fo%2B9CMz3lc8rEHKcL4IHqe58oV9NGXCc8BnbCuuoiuqt3gOO%2FWOv66e5ChPirv7uf573QoLiWj9t3nVPXrjmkPYBuX435dbA2bwJKBUjTethQ1J43NB6I17uuP2otQWxHUtN7f7czjD%2Bi1vxMukoou8FBQoSABimqefqbclSFnd7mx9LXEaFz1VQwSqxJy6Aam97pICQI7hxKrliIMceX3aTKlWvpOu7w%2F4IIb%2FdSNUVV5g2w7ieZZHzBt%2FKI7U0PZbsm60N8zYT3VqTysa7xA8NGcy6FyutBM4kEgBY2grs3w%2BAJhpdvSU0UVVfEnqoN9WxexMdjBGTVam%2BXsVrVDIgGGxcG4rcC5tlVpm4ZXQaun5w0%2B1CmYPNEDcIMn5mRuQ8vDtJvNyjATq7TIyj%2FdBoAPb8dO4TBRAdg%3D%3D&s2s=1
Title: Here Are 23 of the Coolest Gifts for This 2021Trendige Geschenke

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=r1WpeqMLVkFwKY3Ma1Py7k9nBMTAVuq8VJuBUh6T5w5T8XQgoIxTPuUGQ%2BuqFceEGzN16HVSfGm4GkDmfuDB%2FrmPRMRVd78asID0ghPs5K2FgvBBzU3M9kV4USO1w0PSmwUnxgtWbdOha8xwc9TXBtM1r7%2BCwoJgbdQYAKJaBfwtxLCoGlaQb5SfGpXMrOIGRDo2PL1HJ09jQqKL9L2%2BDezAKBSA266KIYFpenqA0NTX4eQcKiaJ28ERgnp1kGDXOqCrlgZ2k8fhwzyCvDV3jbk%2F1Kq%2FxNjmsg7M%2FLugQddxYJOhzpp0Sq3XxP6NUjiUgHnEi3Fn25x%2BMPGWDeZoynLLeHEmu31rM0BXbgUtaYSKPz3aV9%2FNOc8YUXOLz8amgElfYpNPCpIe%2BpBYBTu36plfnjYEZX%2FAYlTgACp1EMAdxH5YJVNvvtNXXJ6uVtlUftY5vXXvEB%2BnM9kUJMLO%2BB4dS9Wp5umskHkaWftuvhspdzYfsYVddWaFO4rUJLeOcRpSC4HPQrg1yyNQe4CSf7mQh66zzLRJDErVgnYNob3ZMfQ1YTIWGweIxARbik218kChb8JpR1Ium%2BMUs%2FfmheFTt7WLifdb5pRxCKPUvHS7p5h7887dPjZvNb6JuftoCZjuXSTgfXPpSXvkuQLyqo5NkFYXB1jv55DHI0wVK9ORFkPl9ByalU819QVpNAv6g4cdy3dnPitC2tnurFV%2B7xZ06CcRamNfNgrx4HGn3MyHgYu2tVyVIEYb0Pp4oS0gxjIejCbt6ziEywe2l%2BFTaTqiOrep5El8Q1UzwlDINuEjPYLNy9bOkDEEOAyfERC4gJWJwmr9gRrwANUbB8ZhjBXU%2FNPU2m7ZjgQZlACUL%2F1nqbzJAIfpUbYgKcIPOOVPI9BdXecC0eGPZTvaap2%2FB0rfFywFw2mYjGB5rRAmGyRzYVkwI7So4F87abI%2FSqKN7160b5gqsMc3nB9EUNKid6AowLLJaY4d6Dj8QZNzHJ2yOQlu6aaJswFGD0hWjP%2BjQPcHZLwR3eRn6NIMXi3hSMQLfvJeL7W8Ef85mQZY3Hf1POqmqa%2B1cM65lUt6hvIOrpRE9RkdmFqiPsq7n0A2hVVOEitmlovqGGcHAmVrCJcr3KC6%2FkhXKDTGWRdGUXwTU%2BX1R%2FPuO%2FQ3f6%2BypOQcOlF5X%2F5QsLkEOB%2BrU%2B7J1her4eyy1b05vqtNi4d43m7OUMPlqTWeo%2F6YwXwp9b2%2FcfaEgUlSzvlwSV3lTdWo0QJR%2FgxrYQiApQ7VehGJAzev4hNi5EWi6X64rpX2%2FGEbRxIs8gMYX0%2BDASOg7%2F9mcpNwmkWR26W71EwQ%2BMjEP4sQxClfcpqbUQJ7CPPcCXFA5%2FIMZK2IYBdarnF41f2nAFvEMfRQyAP335mjqWX9k%2BuQkD3rRQMayCGjenaY3ZqbMgqwY%2FDfNtrQ9yJjFr0kEDQCEvymoclJHPUPxVSBAeyc&s2s=1
Title: Ein Tropfen Wird Bauchfett Verrückt Verbrennen!(ergebnisse über Nacht Gesehen)höhle löwen produkte abnehmen

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=5MpXcKCxTS3qqjaZWVvI0agj9nrwULqzqSl2QXhhbk6M19Of8qV4L%2B0Ya1Kf3Kp5%2FvCb8wJR6B3rzV3IAX%2Bi4eyC5GqLlw81zA%2BwGAUowWwyRGf5FyKSGNTZB%2FnBP9miBQR%2FGxE4pSDZ%2B0uC4Mkz5xCn90bUQ1BDC0P3wQiIPA99KQBJd61zy2JgV4AfYwH9qW1xt6g6FJX381vvgOumcX4xMxST0rxSxA877GUW7V4UGRCXrasuCNVD6RoOjP1ypgADpT0kcZANI6ISh4qoLF8k3CUE8v%2FEFzt1jkf0Vaf35mhx54XYLoEIk7qqZsjQXqIHx8TjzduzeEX%2FyMt5wygbc6ny61RTMxNuvq0g6rsU2g%2Fc%2FDxSKWIc3SA9YTW1T6jYPhtYZN04nfdUizAtLTHbgBvG2Jxsr0blsO76mCCZBNzMcC732wsJlOYHPRbMDWG794wy39eRmmjnk7Ypw9GqHJg9rEIUMl9dqK5pswKC%2Bj%2FlimQyYcplCg508FDPz3fyFNKgwPV8si5OmbrRKrJ%2Bou2TJS2PvNyd0dhcM9J%2FT70f%2Fi%2BAoapSm%2BqN2lZK%2BBQWOcgXfJ4ZIGyeP7sJNLMTDiqDoDGvNgJHwblouEkkAOOjJUdURBGFJH%2F8OkaOd1gyj12fnYwA3D65bVnXKcD5npsuxRPvf%2B4Ux74%2FGqAZmIh0%2B7zgnJmfZoRySGqpSF4W7psM6lQ2LUNcEU89mpYxwVS9dVQqf4H1xEzNoMiCe40%2BhQimwaMGi2ugZ4XB0%2BSbLd2oajnK9QkHvmpyfMuZCJirMND0fDSGFvJo34vz%2FQucE%2BEln6QUvYeFiH5Q7Aia52J9Lh4tG%2BF1WJ9HwSk7dsZ%2B%2Bg8BVCLKv9gyr88YB9pbFnAg8o7baEd524fm0pcXPalve3as1hq51oTEVLYGuKpf6xWItCtighvw9vX8xaCwfwaPMMJxUevBjUYYbGLeaTnL23MaXFYC2qYj3Gux9iw5n%2FZlZ29K71UrYhrRIlGDbdOKipHLC6uDxyAJeUpczjw2EzEBbEDIHSwA4cGAnUnDJU%2FuFucIZxXFpwknj1HhugIcAOsH0UElhnRSAa2y8zKP0QKxAYFuxFa8sz8%2Fchd5Lz%2B7JlgeAK02yBlW%2F%2B7CKMBf9TRToS%2BxcvwWjs8SOXh0BAqK%2BsQefBxJIQxvAz4cw7f1YOgFBYCx7M%2BaymdHTavdwxDt%2BJvK36S%2BIXlj53nn%2ByDS%2BHfzxgDcRxTD48wzcbVOcW2AdW1ODi1vAUm1KGnWO7u3nh44Xde3t1OcQqi4l6DLgLyRpxdMVg%2FPyYCmeK%2FISR1rx%2FiU9DAJqHpXdtstOipDhFHh2%2FPpRiwGBIcVGhKxp%2F7Saabh3zHL1DVmNY7N1xzRmHh5AgHk%2BDwEOeyQvcL3e5IJ1Rzi&s2s=1
Title: Read the Touching Story of Elephant Salvationviralsharks.net

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=pwUS60GMelBcxTmib4Iy%2FlaeAdQ1QYFv%2BZAAP8ZcuvCAEUGkHHHSfp%2BcqMNpx5CFGI9E74AgspP04mpF8rNjKy2vtq%2FaE%2FINNvsY%2BV9nYJoZnG%2FonkIwB%2Ff7cejUtg0Q7AnOkGFb1Wn8JlTp4DVUsQc%2BlrLQ7xuZ%2FyTtMXL26onaDUdJaXvo04j6CVQgyDU3Qq4CPPTjL8awKK39mstyjp6DPLLopHKRg%2BUTz%2Ff1fgkiMXfYVPtKrAbleR4TrvWPpXIKMWWuP%2B19vDU78X9vsCuwbrwhwKwJE3Q43OggbFXZW6oy8iZOKkvnYvnqmLplIu%2BOa14IlfLDEoBc6qZnzYqm31i3LVqHzFE5ujCY1w1G46AkhCC%2B%2FzFs3sq5PcaNSnGxPpylvvWntpJ1s7i9GFmTMhLM8j8wNBpBkrqcjG23FhCz%2F%2Boi9FL9FDurivJiEWd7Csq%2FIbpq8pQIGfa%2B2bkj%2F1%2Bgv9bhbhJOcBXK7HQG%2FmkFiSBenPZs5zywyqeUNbFNvHk%2BsfxyO3gJYCjEPJzWdqgRi0kD7X7fKJNHeDLB9oDRBS5Qt3Y%2Bt6LKiEU%2BVq0IyRPFZzB%2Fw1xz8d0fCBMG04LkYJVuvy7kjtPmiOwDgAsgT%2FE9%2BJnzpbC2QcvpleL8BGhHxJDGk3B9OAeSMBjKqMFAQMnAxjUlhNsXyoWXb3RmGbX5Sq5oxWm%2Bzl8jjdZVo0jg03tt3wHfdUBLhHef1YmbHU9HxbMJ45NFWHbLk0jsNkYaBBVB0K0hFMZDn4nAL74k0e3YqYO3d8k%2BCXgPkBTRPC%2BG9Y1WfyTwwTVewwNuq%2FjMLPZXiy8mtBpvX0eX3yQnT0eai0m3rJC3RuG5Nd7%2BEZUypl%2F2fRZ6LSL4IdsFYhsxTwtfWC%2BFfFM%2FFREuiZljtVEmEu%2BqB041VBpme09EZ0A1sE3gDud5z3IZDyzeparloVMxuJhInsDJ2TdZris7snCI%2FJcrwlPR%2FWpXEDg4NjX%2FUt3zUBLdMqsrnCivL6r2TGchZi%2Fq4yogXrM8c0wgYXkBo1KX4Ap6N4Wu%2FRJNl%2Fe9sE4T0luWItXoUww63Tasm4oVQK9X3EdMj9NJ0bdgzu8brOP8DEm%2Fjsc4iMW7iFcZBUBs1GYuyr00T2wr%2FpUNzdyXSKisQ%2BCAd57lKTtcg04lodXxKfyP1lnCuaBzg0UifRZIxJgD9qIcf%2BnCnGL5Y57EPzMdLlGeYWtTRsp2goCvaIQylHXFOLNqx1OuSw%2Bcy9YHKNHHirjLDoU394gsZsVhuARZz5PowEhZlKoQYm5EWou%2FKK0B6wwbAqG8RPzG4VDJIvWJbwu9X5ypFxu1PEcJVoUarwz%2Bj531SCZOsNkrKzl3amXqUvoEzXiyEuhiLgZAVtsTB7SJ1%2FCs8dKFMFXdGoBce9ylXUohjgujoSxwI0gWg505J5fLXOyKuR4YwuBEbbtgUF8%3D&s2s=1
Title: Mama Bear Grabs Man After He Saves Her Cubsviralsharks.net

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/popup?utm_source=ads&utm_medium=organic&utm_term=signup
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://thewesternjournal.breezy.hr/
Title: Careers at WJ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WesternJournal/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thewesternjournal/?hl=en
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/thewesternjournal
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://parler.com/profile/TheWesternJournal/posts
Title: Parler

Search URL Search Domain Scan URL

URL: https://twitter.com/WestJournalism?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCa2gbBXGeGh-Pdtugdg_qcQ
Title: Youtube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://go.automatad.com/geo/OaEAJP/afihbs.js HTTP 301
https://b2cdn.automatad.com/geo/OaEAJP/all-geo-W/afihbs.js

Request Chain 47

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=4A4boXxRSkZCMmxZa1hybU1vYWNEMDNYTUxJampRdFJxemF1QmNSU01pMUFpamNBRlcwT0d3UFFna3FTQlNSdlp2WmpZaHAvd2VOenBQa3htZ2RpL2MrMkRIODZPU1pCVGRxSStVMXFkQlV4S2VRcjE5UEV1RkpqVHNyOGJzNE1yUVZmeVVQRWVHYWZCQnI2dkpYdDM3d0JUeWJtdXNIM09MSkFHQjUwZ0wwR1FLMTJVOGRLVUdVbk5BMzR0VVA4b054c1VjNXQrMU5QTUpSUU1ka3FOMjh5VE1LS2RhTVV5RFErMk1qZ2djRmdWMHVNcFpzMmk5V2lWR0gwRExSMjI2bXR4fA&cppv=2

Request Chain 93

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&bundle=FqfroF8lMkJLMEhHMHBlJTJCbDVubk9BYiUyRmhnbGZ6ZndwUTBmdmxodUJlJTJCeXlhczZaZ0c5TU1kbENnbUZsRDRycVVKb1FxeFdnMTBmaDZybldlM1Q0NzRxUHlQTDI3UEgzcjNxbnhXVWc1SnZONDNVSGZNWUFSNyUyRmFwN3hDV01uQ09YRjlhd2Q&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Za43FnwzNnlpSnlYS21QdGJEc2psSW1tQXhmczFpMytNUWI5endHYjN2TnFFMmp6dzZZcmljVnRaM1NJblVkOXViem80b1BVNk1rKzNKUkdIaXBrU0VYNmN2N3RGNXVYVmRpb0ttYXBPR21oYzIydnJHaThJNk1rU0E4R0VSNHJXOUNMM1gyOVlqaWp6cjVaMGlzNFUzdHlTNVZFM0lzd212V0xzTGZtY1RHTi8remowbzJwaUtDSVdveWRiTFdxcW14clhHR1JDemsvbWNkZmJzRGxSS2xYakdCLzVOL3g4emlUU1RlOEgzdzZsWTRacFF4RGMxT0JBRHI3TUtsY3Q0WnE0fA&cppv=2

Request Chain 103

https://sb.scorecardresearch.com/b?c1=2&c2=20480112&ns__t=1638891740690&ns_c=UTF-8&cv=3.5&c8=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&c7=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1638891740690&ns_c=UTF-8&cv=3.5&c8=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&c7=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&c9=

Request Chain 163

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 166

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 229

https://c1.adform.net/serving/cookie/match?party=14&cid=65675554-F1CC-4DBB-BFBA-4D9495955AF6 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=65675554-F1CC-4DBB-BFBA-4D9495955AF6

Request Chain 230

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5725784548338525498

Request Chain 232

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZWdVVPHMTbu_uk2UlZVa9g%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 233

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=51ba61af-80de-4600-baa5-cb12bb2c8ab9

Request Chain 234

https://pixel.onaudience.com/?partner=214&mapped=65675554-F1CC-4DBB-BFBA-4D9495955AF6 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=29c033e6dcec71bfcffa7939c1d2b0a1 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=1f94a85b42b0dd12 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a0a2af38-bf2c-43f4-61f0-4e5f481cc78e&reqId=b547de55-8c39-4b4e-5412-8d582ffe30ce&zcluid=1f94a85b42b0dd12&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEMCP23kuTuKnstRm_tBfwlA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a0a2af38-bf2c-43f4-61f0-4e5f481cc78e&reqId=b547de55-8c39-4b4e-5412-8d582ffe30ce&zcluid=1f94a85b42b0dd12&zdid=1332

Request Chain 235

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjU2NzU1NTQtRjFDQy00REJCLUJGQkEtNEQ5NDk1OTU1QUY2&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDnitX5EnKK4S56yFl5hVVk&google_cver=1

Request Chain 238

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1c7a61af-80de-4b00-8988-b110c601e04c&gdpr=0&gdpr_consent=

Request Chain 239

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e206d271-5a82-4760-9a63-9ef27485071a

Request Chain 240

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=355728561869301299

Request Chain 241

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8524837318172741685&gdpr=0&gdpr_consent=

Request Chain 242

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=o5FTM62QVja4wVRg8JkfZqDBUWO4lwM28cGqcHUu

246 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/ 264 KB
47 KB 1577ms
1514ms Document
text/html 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

078df1ec1b9a36ec364047b85868d7a389e5c8b14cad4a9a71024a727313f946

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
content-type: text/html; charset=UTF-8
link: <https://www.westernjournal.com/wp-json/>; rel="https://api.w.org/" <https://www.westernjournal.com/wp-json/wp/v2/posts/2834038>; rel="alternate"; type="application/json" <https://www.westernjournal.com/?p=2834038>; rel=shortlink
cache-control: max-age=1800
cf-cache-status: MISS
last-modified: Tue, 07 Dec 2021 15:42:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 6b9edcf39f653749-MXP
content-encoding: br

GET
H2 200 script.js Show response
d3l320urli0p1u.cloudfront.net./ 110 KB
38 KB 69ms
13ms Script
application/javascript 2600:9000:225e:c000:d:99dd:3480:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3l320urli0p1u.cloudfront.net./script.js
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c000:d:99dd:3480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e70881cdf7d08c9cefa0e4008a2ab1c5f61ba9a7400e93f13bea6c95ac91c03b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:37:49 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 15:16:20 GMT
server: AmazonS3
age: 271
etag: W/"1aa84e83104d1c0ed04315191fa1770c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 5z4-X5YM479-29Xqtc01B62vxMYAYZ4BznFwqHoy2JMiNndUecQ4mA==

GET
H2 200 classic-main.css
www.westernjournal.com/wp-content/themes/firefly/assets/css/ 60 KB
11 KB 42ms
42ms Stylesheet
text/css 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernjournal.com/wp-content/themes/firefly/assets/css/classic-main.css?ver=2.0-1636572364

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4acbb0e8dcccf0908723ce9e5e7390f621c150bbf568f523e2e95336f081a4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 19:26:04 GMT
server: cloudflare
age: 1160
etag: W/"618c1ccc-edea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=1800
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 6b9edcfd2f413749-MXP
cf-bgj: minify

GET
H2 200 prebid.js Show response
www.westernjournal.com/wp-content/themes/firefly/assets/js/ 296 KB
93 KB 47ms
47ms Script
application/javascript 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernjournal.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1633541239

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d312f39cbae5dd049cf3358304ea3ddf4fa6bb7cc1714041e406f0968e5e42e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Oct 2021 17:27:19 GMT
server: cloudflare
age: 316
etag: W/"615ddc77-49ec4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 6b9edcfd6fe63749-MXP

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 119ms
96ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.westernjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Tue, 07 Dec 2021 15:42:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 102ms
100ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 164 KB
47 KB 41ms
18ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3K9VP

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92627a43304f987a16af999049bd9859ff6f7e165d7d764811958c9c4aa97a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47749
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 15:42:19 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158410/3599/ 167 KB
54 KB 74ms
33ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: dea36661bcd2e84495bb6ab5c2b679cde1267f5fd6e9e4f44908b3acb8816ec6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
content-encoding: gzip
last-modified: Thu, 30 Sep 2021 19:39:57 GMT
server: Apache/2.2.15 (CentOS)
etag: "1421c11-29a3b-5cd3b9c953a17"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=96756
accept-ranges: bytes
content-type: text/javascript
content-length: 54751
expires: Wed, 08 Dec 2021 18:34:55 GMT

GET
H2 200 9af198ff-22cf-4d4b-80d5-b58d0f23e539.js Show response
product.instiengage.com/product-loader-code/ 12 KB
4 KB 59ms
7ms Script
application/javascript 2600:9000:223d:200:9:78a:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://product.instiengage.com/product-loader-code/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:200:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdc17e75b80da3e1a643e987fc283402a3f86d3e34314ba8fae65a8ff0c1ad64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: gcTLZ_3GxRIumtHUTDDsW2.09Fe8RGrd
content-encoding: gzip
last-modified: Sat, 04 Dec 2021 23:10:56 GMT
server: AmazonS3
age: 3342
etag: W/"3e178191a86d02cb48d2376422824cdd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
cache-control: max-age=3600,public
date: Tue, 07 Dec 2021 14:46:38 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: M1esocDN2uiSTCl6ujc3dkw_Jn6_-YKXcXUNyZN4p4GjMCWsWt0tHg==

GET
H2 200 track.min.js Show response
run.crtx.info/ 103 KB
104 KB 49ms
8ms Script
application/javascript 2600:9000:223e:a200:14:248f:8500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://run.crtx.info/track.min.js
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:a200:14:248f:8500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ad498922283d143b7abade92e57ea7f0aea2bd35655220dc50a675f463a3c04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 21:32:41 GMT
via: 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
last-modified: Mon, 15 Feb 2021 22:14:47 GMT
server: AmazonS3
age: 65379
etag: "f88a765c6ea3dacc55ca6ed581e54f1f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 105945
x-amz-cf-id: 65CgJhD-Wv3-Fm5Pds6i_DDdOBTa-J9JKIcrZl8Rq_X-LiuhUbKERg==

GET
H2 200 / Show response
users.api.jeeng.com/users/domains/VAM4nzne41/sdk/ 355 KB
118 KB 119ms
55ms Script
text/javascript 2606:4700:10::6816:38ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://users.api.jeeng.com/users/domains/VAM4nzne41/sdk/
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 287bd74d1bcf640aedc9296c12cf4b98225078b772e551326c108ff54ee8f4c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 2402
x-powered-by: Express
x-cache: Hit from cloudfront
access-control-allow-origin: *
server: cloudflare
etag: W/"58ba0-83dg8pSHFZ2VZRCZ+XhYmrokONY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 0b3aabf27b5332d4cc604adbe2f7f804.cloudfront.net (CloudFront)
x-cloud-trace-context: 6715e342c55b268d756093c74b878034
cache-control: max-age=3600
x-amz-cf-pop: MXP64-C1
cf-ray: 6b9edcfee8bc83b4-MXP
x-amz-cf-id: DoIiJHsvjn94P1MgZXGBFGAjtfeP5gjNP7qqnZRPwtlGXr4z0H4ewg==

GET
H2

200

afihbs.js Show response
b2cdn.automatad.com/geo/OaEAJP/all-geo-W/
Redirect Chain

https://go.automatad.com/geo/OaEAJP/afihbs.js
https://b2cdn.automatad.com/geo/OaEAJP/all-geo-W/afihbs.js

43 KB
15 KB

218ms
169ms

Script
application/javascript

89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b2cdn.automatad.com/geo/OaEAJP/all-geo-W/afihbs.js
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: ff034de1c43fe6d55add5744b3b48832ad0c54ea78b3a41e12215acde3b190f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: br
x-openstack-request-id: txc03b585704834834b4fe7-0061a89ce0
cdn-edgestorageid: 756
access-control-allow-origin: *
x-iplb-instance: 28795
cdn-cachedat: 12/02/2021 11:17:38
cdn-pullzone: 87832
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id: txc03b585704834834b4fe7-0061a89ce0
server: BunnyCDN-DE1-756
x-timestamp: 1638440089.79251
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Thu, 02 Dec 2021 10:14:50 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-iplb-request-id: B95D01F1:F589_8E2CE366:01BB_61A89CE0_309C224:1251C
vary: Accept-Encoding
x-object-meta-mtime: 1638440079.63707966
cdn-cache: REVALIDATED
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control: public, max-age=120
cdn-requestid: fdce4ef131f42bc913c81cbfb28c5fd2
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

Redirect headers

date: Tue, 07 Dec 2021 15:42:20 GMT
server: nginx/1.17.8
content-type: text/html; charset=utf-8
location: https://b2cdn.automatad.com/geo/OaEAJP/all-geo-W/afihbs.js
cache-control: no-cache
x-automatad-country: DE
content-length: 93
expires: Tue, 07 Dec 2021 15:42:19 GMT

GET
H2 200 9af198ff-22cf-4d4b-80d5-b58d0f23e539.js Show response
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 13 KB
5 KB 55ms
12ms Script
application/javascript 2600:9000:223f:1600:1c:386f:ec80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lcz8vpax4lo2.cloudfront.net/ads-code/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1600:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a9d7699befc2fb1c4d4a9ebd5d5628c51993abe8d7b8ee7ddefed7fd59167eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 8HyvrFNlSEmsDZ_bZ.A6Auf1pfx7BbBs
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 13:16:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: W/"7383d58f63d4423835e8845e71572a15"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
cache-control: max-age=60
date: Tue, 07 Dec 2021 15:42:19 GMT
x-amz-cf-id: 5iy51O2D23t2kCD6Jsr9BYRLT3QyF63E3ogjq3dZG01x5KMt2IZ-Rw==

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 50ms
7ms Script
application/javascript 52.222.236.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 19344893
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ab23076896ec73a1a830c9cdc49fcac5.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P4
X-Amz-Cf-Id: MnxdFJoLA3umRVb9WLOzhEIHqg6nkZjEVWU_3PBvdGwl_6v-Nlt5ig==

GET
H2 200 white-wj2.png
www.westernjournal.com/wp-content/uploads/2021/05/ 2 KB
2 KB 48ms
46ms Image
image/webp 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/05/white-wj2.png

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b172a835742a6505e994ff7794d27687181186ae8e2cda21d07236a96886abce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
vary: Accept
cf-cache-status: HIT
age: 408983
cf-polished: origFmt=png, origSize=3318
content-disposition: inline; filename="white-wj2.webp"
content-length: 1786
last-modified: Thu, 06 May 2021 21:31:52 GMT
server: cloudflare
etag: "60946048-cf6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9edcfe8a2f3749-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 blue-wj.png
www.westernjournal.com/wp-content/uploads/2021/05/ 5 KB
5 KB 39ms
37ms Image
image/webp 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/05/blue-wj.png

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d426ab958f0e338cf2136cc2b2b653e040eea8004e0c946302417e7c0cba8c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
vary: Accept
cf-cache-status: HIT
age: 580799
cf-polished: origFmt=png, origSize=12454
content-disposition: inline; filename="blue-wj.webp"
content-length: 5118
last-modified: Thu, 06 May 2021 21:13:06 GMT
server: cloudflare
etag: "60945be2-30a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9edcfe8a313749-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 profile-150x150.jpg
static.westernjournal.com/wp-content/uploads/2020/04/ 4 KB
4 KB 50ms
36ms Image
image/jpeg 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.westernjournal.com/wp-content/uploads/2020/04/profile-150x150.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6908daa90a04447250334d6fed11840cc883fa169d81f516d7c0aa154abb688e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1251683
cf-polished: status=not_needed
content-length: 4198
last-modified: Thu, 02 Apr 2020 17:02:41 GMT
server: cloudflare
etag: "5e861ab1-1066"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9edcfe9a5e3749-MXP
cf-bgj: imgq:100,h2pri

GET
H/1.1 200
OK bundle.js Show response
soapps.net/live/loader/ 17 KB
7 KB 328ms
101ms Script
application/javascript 3.82.254.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soapps.net/live/loader/bundle.js

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.82.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-82-254-41.compute-1.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

017100a1d28f9dd94f54e7d812803134c0a36f6b05c8ff71e02cfd2d1ce1d5a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 17 Nov 2021 08:30:52 GMT
Server: nginx/1.17.10
ETag: W/"6194bdbc-445b"
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: application/javascript
Cache-Control: public, max-age=300
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK counter.js Show response
soapps.net/live/loader/ 26 KB
10 KB 337ms
104ms Script
application/javascript 3.82.254.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soapps.net/live/loader/counter.js

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.82.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-82-254-41.compute-1.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

f8931fb54a893eb8399cb625262171e4dee6a7c74f8fb7e7db94fffb015872e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 17 Nov 2021 08:30:52 GMT
Server: nginx/1.17.10
ETag: W/"6194bdbc-667b"
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: application/javascript
Cache-Control: public, max-age=300
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 set.aspx
bh.contextweb.com/bh/ 49 B
406 B 476ms
152ms Image
image/gif 74.214.196.131
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/set.aspx?action=add&pid=1&advid=5248&token=LCMHRD&do=add

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.214.196.131 Sunnyvale, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: de-DE
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-77c9b9b46f-gcc5l
expires: -1

GET
H2 200 global-min.js Show response
www.westernjournal.com/wp-content/themes/firefly/assets/js/ 97 KB
34 KB 73ms
72ms Script
application/javascript 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernjournal.com/wp-content/themes/firefly/assets/js/global-min.js?ver=1.1-1634667668

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

631e81faab0833f9d7f2a29efd36dbf8d105f78490c4a16c8b350d3f1003a1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 18:21:08 GMT
server: cloudflare
age: 316
etag: W/"616f0c94-1843a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 6b9edcfe8a323749-MXP

GET
H2 200 wp-embed.min.js Show response
www.westernjournal.com/wp-includes/js/ 1 KB
804 B 28ms
28ms Script
application/javascript 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.westernjournal.com/wp-includes/js/wp-embed.min.js?ver=5.8.2

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Feb 2021 22:40:03 GMT
server: cloudflare
age: 316
etag: W/"601b2643-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1800
strict-transport-security: max-age=2592000; includeSubDomains
cf-ray: 6b9edcfe19573749-MXP

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2472
date: Tue, 07 Dec 2021 15:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 17:01:07 GMT

OPTIONS
H2 204 c
pa.rxthdr.com/v3/ Frame 0
0 650ms
446ms Preflight 23.20.58.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.rxthdr.com/v3/c?publisherId=556182c7-ac68-4d56-8c66-4b4336e28e5e&host=www.westernjournal.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.20.58.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-20-58-18.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.westernjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
server: nginx
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-methods: POST, GET
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
cache-control: no-cache, private

GET
H2 200 v2fnsXllGjmYYZDkgwKOyVaoXJwgkvcNWxl2LluCH7xXOUPsl-k9MOjWVvyBLU2vM Show response
partplanes.com/ 103 KB
30 KB 263ms
216ms Script
text/javascript 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partplanes.com/v2fnsXllGjmYYZDkgwKOyVaoXJwgkvcNWxl2LluCH7xXOUPsl-k9MOjWVvyBLU2vM

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

66e77025c7c0fc22a058b437787f94da35c8f4aa7088fdca18278adda16c4fc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "e1a3b35cfab0ecfe4a7419380f802aa487489c7f4803991715fa4de6a5319cb5"
vary: Accept-Encoding, Accept-Language
x-hostname: 37b68176
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 07 Dec 2021 15:42:20 GMT
timing-allow-origin: *

GET
H2 200 bidexchange.js Show response
hbx.media.net/ 383 KB
98 KB 170ms
110ms Script
text/javascript 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/bidexchange.js?cid=8CUYW0S8R&version=5.1&dn=www.westernjournal.com

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

086f1f7808a35cf3a030064e6d02f34e9ee55ebabdbe7823acddea0e7b23cd71

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
server: Apache
date: Tue, 07 Dec 2021 15:42:20 GMT
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
timing-allow-origin: *
expires: Tue, 07 Dec 2021 16:12:20 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
944 B 84ms
28ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 103178
x-amz-request-id: tx002dec70dafe483ba85bc-0061adedd1
x-amz-id-2: tx002dec70dafe483ba85bc-0061adedd1
last-modified: Mon, 06 Dec 2021 11:00:36 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJa6xdUm60xNdZz3o%2Fvb9g9ckJ3%2BFVe%2Btqp76UYD3L8sQFYeSR3xW3UPmlxLuydfEDOzFEGDLUtJMoEYXRU0drYLHjYF4mDPfwzv9R1ryWf3%2B0ZdRUj1Z8amH0Hd%2FJZNrN793p422M0HGVQZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1638788436623244
cf-ray: 6b9edcff380a5a25-MXP

GET c
pa.rxthdr.com/v3/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 248 B
936 B 39ms
7ms XHR
application/json 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d50c7fc5d3c47199829b52e3ce509b94ae3adac033b83a7dc1973a50f985b33b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 15:42:19 GMT
X-Proxy-Origin: 185.232.23.183; 185.232.23.183; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8f603ec5-fe4f-4886-bd4a-61fadefdcd27
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.westernjournal.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 248
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
527 B 109ms
52ms XHR
application/json 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.12.0
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 4657ae700944a09d6efa2a1afb9aef7c6413fccad0c4eab3285654a46e8fd786

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 07 Dec 2021 15:42:19 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.westernjournal.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
121 B 108ms
61ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.westernjournal.com
date: Tue, 07 Dec 2021 15:42:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 330 B
457 B 54ms
16ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU8Y0E88
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8a7c47a8583e0d6644626c1d8f4006fbeaf934262c5ac382f0fae06ece095e7c

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:19 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

578da29b095aa5645641c310fa3263a6f540af8a7629e5a82747a89677c98d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 85 of 1000 / last-modified: 1638878732"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27030
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 15:42:20 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 46ms
10ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 24
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1GXYM2TWMCGNNKD5RHT1
date: Tue, 07 Dec 2021 15:41:56 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 98652de9f742fc1df9de714d921e14c3.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: YD7ABYhGAkbkpg8YaPiRlNlvgFb6h1uVK-O0V5JPoG2Fet_jfpvQSQ==

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 555ms
181ms Script
application/javascript 54.230.69.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.69.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-69-41.blr50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:56:02 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 2943
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 66f5b63f0d6bfa07c6e6afd2b0f672b2.cloudfront.net (CloudFront)
x-amz-cf-pop: BLR50-C1
x-amz-cf-id: sD4NUhfKlBbNdAJ8Md5bRRDo4rT4Au4670heUxCIRbiAhHVDZRyItQ==

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 4 KB
1 KB 96ms
31ms Script
text/html 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=110583&t=rc_161&c=1638891739930&width=1600&referer=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e409cb8e21d6e19f300b77b13808478b9378ac52c52f69a71ec12fca0c6d4579

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 1251

GET
H2 200 Jeffrey-Epstein-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/12/ 16 KB
16 KB 33ms
31ms Image
image/jpeg 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/12/Jeffrey-Epstein-559x327.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e162db4a534b9105fce517625fa11cc1d9e77e55a0d587087fc6c5ec036776

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 55216
cf-polished: origSize=20696, status=webp_bigger
content-length: 16578
last-modified: Tue, 07 Dec 2021 00:00:41 GMT
server: cloudflare
etag: "61aea429-50d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9edcfeba983749-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Iowa-School-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/12/ 25 KB
25 KB 50ms
48ms Image
image/jpeg 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/12/Iowa-School-559x327.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d4c2486d1b1e476ca4f27c7736c35254fafc7ee3a586856766f07fa54bb1a4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10944
cf-polished: origSize=29064, status=webp_bigger
content-length: 25152
last-modified: Tue, 07 Dec 2021 01:25:02 GMT
server: cloudflare
etag: "61aeb7ee-7188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9edcfeba9d3749-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Untitled-design-2021-12-06T142614.966-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/12/ 30 KB
30 KB 52ms
50ms Image
image/jpeg 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/12/Untitled-design-2021-12-06T142614.966-559x327.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad650055e6733a52fb920ccc7574e6d4268a69b58bd46d15969b2e3965384d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 71157
cf-polished: origSize=35365, status=webp_bigger
content-length: 30701
last-modified: Mon, 06 Dec 2021 19:26:55 GMT
server: cloudflare
etag: "61ae63ff-8a25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9edcfebaa43749-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 alec-badlwin-for-dec.-7-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/12/ 15 KB
15 KB 33ms
31ms Image
image/jpeg 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/12/alec-badlwin-for-dec.-7-559x327.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8859814de7eb893b5db149ca8bd553637aaa5cb234c7278dfd35002b128c6c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 7450
cf-polished: origSize=15562, status=webp_bigger
content-length: 15463
last-modified: Tue, 07 Dec 2021 13:24:27 GMT
server: cloudflare
etag: "61af608b-3cca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9edcfebaa63749-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Kamala-Harris-1-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/12/ 26 KB
27 KB 48ms
46ms Image
image/jpeg 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/12/Kamala-Harris-1-559x327.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff5c029058813b1678698d6ff6f9c46b3f1cd0ddec9a5c8ddf7530108fa3878a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 56940
cf-polished: origSize=31231, status=webp_bigger
content-length: 26871
last-modified: Mon, 06 Dec 2021 23:43:29 GMT
server: cloudflare
etag: "61aea021-79ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9edcfebaa73749-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Devin-Nunes-Donald-Trump-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/12/ 25 KB
25 KB 33ms
31ms Image
image/jpeg 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/12/Devin-Nunes-Donald-Trump-559x327.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c27683cf096fc5b4c7d33a26a3724dbf1ab465be4bb7eedded81665a4c05f633

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:19 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 12265
cf-polished: origSize=30106, status=webp_bigger
content-length: 25656
last-modified: Tue, 07 Dec 2021 01:43:12 GMT
server: cloudflare
etag: "61aebc30-759a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b9edcfebaad3749-MXP
cf-bgj: imgq:100,h2pri

GET
H2 200 Joe-Biden-6-559x327.jpg
www.westernjournal.com/wp-content/uploads/2021/12/ 25 KB
25 KB 578ms
577ms Image
image/jpeg 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/12/Joe-Biden-6-559x327.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a614e0013ea591290a0829fe5058240ec64326d833bb34366a83ab5c395cd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Dec 2021 15:04:38 GMT
server: cloudflare
etag: "61af7806-64e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 6b9edcfebab33749-MXP
content-length: 25828

GET
H2 200 Untitled-design-2021-12-07T093535.447-817x429.jpg
www.westernjournal.com/wp-content/uploads/2021/12/ 50 KB
50 KB 664ms
662ms Image
image/jpeg 2606:4700:10::6816:274b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.westernjournal.com/wp-content/uploads/2021/12/Untitled-design-2021-12-07T093535.447-817x429.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:274b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46dd7fae8b743a91a7b4577ad39c460f0b5397ce93075409f7b61303787c846d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
cf-cache-status: MISS
last-modified: Tue, 07 Dec 2021 14:41:22 GMT
server: cloudflare
etag: "61af7292-c8a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=2592000; includeSubDomains
accept-ranges: bytes
cf-ray: 6b9edcfebab43749-MXP
content-length: 51368

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 192 KB
62 KB 32ms
16ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fcf47517c3b2b996f0a78e5d794c30770fc45d1240a17f428177512cdab58376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:44 GMT
server: AmazonS3
x-amz-request-id: AETB6H99Z1K58K03
etag: "1b7539202658ec387521e3f67c07c9e2"
x-hw: 1638891740.cds155.fr8.hn,1638891740.cds055.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 63414
x-amz-id-2: mozNanGm0Q6FhlsucIwR36mJX4o64cX5fVwwjALoUwVG+Kw0Ai2T327sejfhGPbYasnfpcdlmLA=

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 185 KB
57 KB 53ms
9ms Script
application/x-javascript 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:32:55 GMT
content-encoding: br
age: 50966
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:73702bf1-4472-485c-9bda-886a8f21cacd
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 67c429bc2e760b9ca91a98648469be411bfcccf8bfb6ea245b28e6585b1861aa
x-amz-meta-codebuild-content-md5: 6bc77264d69b4716594d8b5229cafdb9
last-modified: Wed, 17 Nov 2021 08:31:53 GMT
server: AmazonS3
etag: W/"a8f24de78b4dc3ecbbff83b08aa9e411"
vary: Accept-Encoding
x-amz-version-id: TIXEr4j9ZaZJgKeoVZ8ehYwv1bF6gSxj
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA60-P3
content-type: application/x-javascript
x-amz-cf-id: Xef3nBzhTdiy-elMDsCZUuvGTcNyyGktrpX1mW2gbk1L6_F22qQyvQ==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 40ms
10ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 14 Dec 2021 15:42:20 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 52ms
18ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.westernjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1567
date: Tue, 07 Dec 2021 15:42:19 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=4A4boXxRSkZCMmxZa1hybU1vYWNEMDNYTUxJampRdFJxemF1QmNSU01pMUFpamNBRlcwT0d3UFFna3FTQlNSdlp2WmpZaHAvd2VOenBQa3htZ2RpL2MrMkRIODZPU1pCVGRxSStVMXFkQlV4S2VRcjE5UEV1RkpqVHNyOG...

355 B
610 B

59ms
19ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=4A4boXxRSkZCMmxZa1hybU1vYWNEMDNYTUxJampRdFJxemF1QmNSU01pMUFpamNBRlcwT0d3UFFna3FTQlNSdlp2WmpZaHAvd2VOenBQa3htZ2RpL2MrMkRIODZPU1pCVGRxSStVMXFkQlV4S2VRcjE5UEV1RkpqVHNyOGJzNE1yUVZmeVVQRWVHYWZCQnI2dkpYdDM3d0JUeWJtdXNIM09MSkFHQjUwZ0wwR1FLMTJVOGRLVUdVbk5BMzR0VVA4b054c1VjNXQrMU5QTUpSUU1ka3FOMjh5VE1LS2RhTVV5RFErMk1qZ2djRmdWMHVNcFpzMmk5V2lWR0gwRExSMjI2bXR4fA&cppv=2

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9b46f3f18993f8f6b281c13fc1ecdaff22c1e429ebccb35a0133dde6aef9b316

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 07 Dec 2021 15:42:20 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2299
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 07 Dec 2021 15:42:19 GMT
location: https://mug.criteo.com/sid?cpp=4A4boXxRSkZCMmxZa1hybU1vYWNEMDNYTUxJampRdFJxemF1QmNSU01pMUFpamNBRlcwT0d3UFFna3FTQlNSdlp2WmpZaHAvd2VOenBQa3htZ2RpL2MrMkRIODZPU1pCVGRxSStVMXFkQlV4S2VRcjE5UEV1RkpqVHNyOGJzNE1yUVZmeVVQRWVHYWZCQnI2dkpYdDM3d0JUeWJtdXNIM09MSkFHQjUwZ0wwR1FLMTJVOGRLVUdVbk5BMzR0VVA4b054c1VjNXQrMU5QTUpSUU1ka3FOMjh5VE1LS2RhTVV5RFErMk1qZ2djRmdWMHVNcFpzMmk5V2lWR0gwRExSMjI2bXR4fA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1902
content-length: 509
expires: 0

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 34ms
7ms Image
image/gif 18.66.112.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&time=1638891740020&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&random_number=17687061745&sess_cookie=2bbd110f17d958f5b6f3f0485a2&sess_cookie_flag=1&user_cookie=2bbd110f17d958f5b6f3f0485a2&user_cookie_flag=1&dynamic=true&domain=westernjournal.com&account=C1z2k1acFH002c&jsv=20130128&user_lang=en-US
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-71.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 04:15:28 GMT
Via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 41212
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA56-P5
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: 2pgGNzAtcJ-RR1JIJSMcu_ndleO2dcDWXvS-0ioNyjQlMwtVbVoW1Q==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 346ms
110ms Image
text/plain 3.136.15.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.136.15.54 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-136-15-54.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
server: Server

GET
H2 200 f7060245-2280-4168-a5a7-87f79f9d0e3e.js Show response
d3lcz8vpax4lo2.cloudfront.net/header-tags/9af198ff-22cf-4d4b-80d5-b58d0f23e539/ 114 KB
23 KB 18ms
18ms Script
application/javascript 2600:9000:223f:1600:1c:386f:ec80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lcz8vpax4lo2.cloudfront.net/header-tags/9af198ff-22cf-4d4b-80d5-b58d0f23e539/f7060245-2280-4168-a5a7-87f79f9d0e3e.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1600:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c34a53d15bea53107b468badad51aca131cd46dbff0b6edb0c1ce93a8e6755b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: Ok3F0TwFULMr7uzo7VTrKPoVLn5KXKYH
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 17:37:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: W/"644820232e754e1a38eb067cae25a013"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3a21078459f955a33f79dacf082781c5.cloudfront.net (CloudFront)
cache-control: max-age=60
date: Tue, 07 Dec 2021 15:42:20 GMT
x-amz-cf-id: 3kopBFG0zBt3GWhaK-0OGaGAn2CNjB3yb0Gtfbi0oogO_gOVrfpUgA==

GET
H2 200 / Show response
geoip.instiengage.com/json/ 242 B
433 B 320ms
99ms XHR
application/json 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.instiengage.com/json/
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash: 34f26494f7d320a8462578286b02199c509d3134f8ccee05f13f979675160daa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.westernjournal.com
date: Tue, 07 Dec 2021 15:42:20 GMT
access-control-allow-credentials: true
x-database-date: Mon, 06 Dec 2021 16:47:07 GMT
content-length: 242
vary: Origin
content-type: application/json

GET
H2 200 index.html Show response
auth.instiengage.com/auth/ Frame 2AEC 73 B
426 B 25ms
9ms Document
text/html 2600:9000:223d:200:9:78a:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.instiengage.com/auth/index.html
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:200:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

content-type: text/html
content-length: 73
last-modified: Thu, 28 Oct 2021 14:58:38 GMT
x-amz-version-id: Z_9pWwT0klc7emOur8LDxIaKOSvjAB6l
accept-ranges: bytes
server: AmazonS3
date: Tue, 07 Dec 2021 15:38:02 GMT
etag: "d143b1e94cfb2dcb20bcad0f44fd1f0a"
x-cache: Hit from cloudfront
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: TSmOCpqctDQEdV3dH2J0s3ao1pJIuWRXqb2rJmcddt5wo_a6f53P7w==
age: 280

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 23ms
8ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 07 Dec 2021 15:54:27 GMT

GET
H/1.1 403
Forbidden getemails.js
s3-us-west-2.amazonaws.com/files.getemails.com/account/K97HRE0/source/ 0
0 685ms
179ms Script
application/xml 52.218.192.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/files.getemails.com/account/K97HRE0/source/getemails.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.192.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: h9ZLNezH5IfIl9PAAmmHMiHLHzFRZAIFv6cV4ey8wppaLcjCm4w+T/zjEw8WOznCxSUFBGxZ3oahqCwN4CFZIA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 07 Dec 2021 15:42:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ 347 KB
117 KB 42ms
21ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 15:42:20 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 148 B
745 B 40ms
16ms XHR
application/json 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.westernjournal.com

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1f3a24ac0528ed6516588e779fb900c2400e73a5caa82a81b2a0e2dd237e09f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109
x-xss-protection: 0
expires: Tue, 07 Dec 2021 15:42:20 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
316 B 7ms
7ms XHR
text/plain 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.westernjournal.com&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 11:22:08 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c3.cloudfront.net (CloudFront)
server: Server
age: 15612
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.westernjournal.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 6N7H35k87go1dwWD-iCRyLAyksBveP3nQhtJxRNakUZhVIvAOIPlsw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
496 B 45ms
45ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pid=OLctgv44uibKn&cb=0&ws=1600x1200&v=7.71.1&t=1100&slots=%5B%7B%22sd%22%3A%22BB1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F101957818%2C22550773714%2FWesternJournal%2FWesternJournal_Commentary%2FWesternJournal_Commentary_Direct%2FWesternJournal_Commentary_Direct_BB1%22%7D%2C%7B%22sd%22%3A%22WP1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F101957818%2C22550773714%2FWesternJournal%2FWesternJournal_Commentary%2FWesternJournal_Commentary_Direct%2FWesternJournal_Commentary_Direct_WP1%22%7D%2C%7B%22sd%22%3A%22SB2%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F101957818%2C22550773714%2FWesternJournal%2FWesternJournal_Commentary%2FWesternJournal_Commentary_Direct%2FWesternJournal_Commentary_Direct_SB2%22%7D%5D&schain=1.0%2C1!fireflyengagement.com%2C2018001%2C1%2C%2C%2C&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-109-174.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c3.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: E0VF2K4DS6NR77P2CFYN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: XlvgH1fPK-wayR24sb-IuenPM1__lNtHAX5Qo_JCrts7uWdb_BTE_A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 23ms
7ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 58261
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Mon, 06 Dec 2021 23:31:20 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: wvweKYzyoMdC2dhO7t8U9eJomtBjQe2GbNueCtS71U8Tt0XhF_UnjA==

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 51ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1043
date: Tue, 07 Dec 2021 15:42:19 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 entities Show response
users.api.jeeng.com/ 145 B
621 B 102ms
64ms XHR
application/json 2606:4700:10::6816:38ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://users.api.jeeng.com/entities?description_md5=5e07ad3e264ccd6af55a9b782810e55a&domain_id=VAM4nzne41&image_url_encoded_md5=5d783e465dc56d740694612b9997698e&image_url_md5=5d783e465dc56d740694612b9997698e&published_at_md5=7684b20d2ea94e9fb0605cbb9b4d5e51&read_only=false&sdk_version=5.6&title_md5=27d1efef5a43cc562d75b85ece2169e3&url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:38ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 3912fff770f1dc1a44bbe0a9ac2ec1acc98c75e6b996058fa6b991a6d5915307

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
via: 1.1 1a3a682cf8d843fe52f3224f60584fad.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
age: 619
x-powered-by: Express
x-cache: Hit from cloudfront
content-encoding: gzip
server: cloudflare
etag: W/"91-WiyGKRgwipXEoGuuNgzNzvNC9Io"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 31fabed953549cbde1e8378f6eda24e4
cache-control: max-age=3600
x-amz-cf-pop: MXP64-C1
cf-ray: 6b9edd004e22374e-MXP
x-amz-cf-id: coWv8YpaEE7wiNq0pD_CnZzgcYAbBd4nRjybJQ_NFtHCS33byv5a4w==

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
23 KB 73ms
32ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102797
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx3522b93c1ef741a6a6320-0061adedfd
x-amz-id-2: tx3522b93c1ef741a6a6320-0061adedfd
last-modified: Mon, 06 Dec 2021 11:00:35 GMT
server: cloudflare
etag: W/"d56fadf5a52703aee9982c415a17065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fe8c1Kuj8HfI33OTu6Hb%2FPvUQhip10JAZCJo9Rfc38fgyRgKh%2Fh5LfAk7g5nz1e0WC1kEtTIzSAaWBJasf9hAhMshrB%2BghGP6AT%2BKutfSyBiyIkkXdFQ4gk1WPwYjkjOfm5UkFWxO8nX3dp1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1638788435319991
cf-ray: 6b9edd005ece3758-MXP
access-control-allow-headers: Authorization

GET
H2 200 / Show response
geoip.insticator.com/json/ 242 B
433 B 330ms
101ms XHR
application/json 52.202.233.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.insticator.com/json/
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-233-191.compute-1.amazonaws.com
Software: /
Resource Hash: 34f26494f7d320a8462578286b02199c509d3134f8ccee05f13f979675160daa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.westernjournal.com
date: Tue, 07 Dec 2021 15:42:20 GMT
access-control-allow-credentials: true
x-database-date: Mon, 06 Dec 2021 16:47:07 GMT
content-length: 242
vary: Origin
content-type: application/json

GET
H2 200 usertracking Show response
b2c.insticator.com/v3/pages/ Frame 6287 8 KB
3 KB 326ms
102ms Document
text/html 52.202.233.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://b2c.insticator.com/v3/pages/usertracking
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-233-191.compute-1.amazonaws.com
Software: /
Resource Hash: 984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-type: text/html; charset=UTF-8
content-length: 2821
etag: 90afc733-5c39-4aff-9587-ddc7bd1d8164
vary: Accept-Encoding,Origin
pragma: max-age=3600
cache-control: max-age=3600
content-encoding: gzip

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 194 KB
62 KB 24ms
23ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4393b17628fe022ce8c6d21b408b064f8a33388a7450914c0e6e3bdaa682ffe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 20:20:19 GMT
server: Apache/2.2.15 (CentOS)
etag: "1121321-309a2-5d060d6975ec4"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=102311
accept-ranges: bytes
content-type: text/javascript
content-length: 62542
expires: Wed, 08 Dec 2021 20:07:31 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/ 573 KB
82 KB 58ms
16ms Script
text/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/Fseez_-nDyWQXIJsbnoKkKTHXC4/gpt_and_prebid/config.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9795fa71b6b77a5d54371820d8c6bb9af3eb4a771f6c3226d542914478d95b2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:20 GMT
Content-Encoding: gzip
Age: 2582
X-Cache: HIT
Connection: keep-alive
Content-Length: 83126
x-amz-id-2: dqxGgjBrKf/WucF+Kk0lUh5FmQfZ5383S0xRhDmvBEeuA2DxHRgjR5QQ9FPTLVQJrj8DVWVFtZU=
X-Served-By: cache-cdg20770-CDG
Last-Modified: Tue, 07 Dec 2021 13:57:45 GMT
Server: AmazonS3
X-Timer: S1638891740.251763,VS0,VE0
ETag: "a136ed62a4168531445b3682cf0fbe66"
x-amz-request-id: 2E585T05AKBP1Y88
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 92

GET
H2 200 tag.min.js Show response
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 18 KB
6 KB 38ms
7ms Script
text/javascript 52.222.214.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-95.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: aT8uF5QDZCsxz_FuCjV0EGzNRrUyg9DX
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 18:02:42 GMT
server: AmazonS3
age: 35884
etag: W/"51ed6db266476896c6fe9a06992898e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d9.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 07 Dec 2021 05:44:17 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: u8_gz5zwn8IlU7uDP-crghEzPkIpzAddO70WKp1k9a-pKpG_V0zHWg==

GET
H2 200 bundle.js Show response
auth.instiengage.com/auth/ Frame 2AEC 76 KB
25 KB 13ms
12ms Script
application/javascript 2600:9000:223d:200:9:78a:e540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.instiengage.com/auth/bundle.js
Requested by: Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:200:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.instiengage.com/auth/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: jkvVs5l1bdD4_CiNx2O8LCKAIlX14uq9
content-encoding: br
last-modified: Thu, 28 Oct 2021 14:58:37 GMT
server: AmazonS3
age: 3
etag: W/"3f019eeba204464fe4c8dad30cf9150b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront)
date: Tue, 07 Dec 2021 15:42:18 GMT
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: bJpc0M3ItUxu_tI3ck3wMkQ_ndCaYkji2mgn6O-gXDAgwjRjt3PoPA==

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 165 KB
53 KB 19ms
19ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 21:19:34 GMT
server: Apache/2.2.15 (CentOS)
etag: "16a1416-29219-5c85dc6abdd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=141560
accept-ranges: bytes
content-type: text/javascript
content-length: 54050
expires: Thu, 09 Dec 2021 07:01:40 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
447 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54260989-7&cid=1120668282.1638891740&jid=1688039414&gjid=434608998&_gid=1099544537.1638891740&_u=aGBAiUAjBAAAAE~&z=227482594

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 07 Dec 2021 15:42:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1631046340&t=pageview&_s=1&dl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&ul=en-us&de=UTF-8&dt=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAiUAjB~&jid=1688039414&gjid=434608998&cid=1120668282.1638891740&tid=UA-54260989-7&_gid=1099544537.1638891740&gtm=2wgc10K3K9VP&cd1=http%3A%2F%2Fwww.westernjournal.com&cd2=crime&cd3=900&cd4=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&cd5=Wilmot&cd6=Commentary&cd7=2021-12-07&cd10=cghena&cd11=cghena&cd12=jsaunders&cd14=crime%2C%20Jeffrey%20Epstein%2C%20law%2C%20sexual%20abuse&cd15=Commentary&cd16=web&cd17=cghena&cd23=29&cd24=97&cd25=92&cd33=2021-12-07T15%3A42%3A19.859%2B00%3A00&cd34=1638891739859.ohs1uso&cd37=false&cd38=&cd39=&cd40=Dirty%20Money%3A%20JP%20Morgan%20Official%20Rats%20Esptein%20Out%2C%20Says%20He%20Wired%20Ghislaine%20Maxwell%20Over%20%2430%20Million&cd41=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&cd42=2834038&cd43=standard&cd44=98&cd45=97&cd46=true&cd47=above_article&z=692338073

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 06 Dec 2021 23:29:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58398
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
593 B 35ms
7ms Fetch
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:32:56 GMT
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront), 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
age: 4164
x-amzn-requestid: 1a3e86fb-0102-4ba2-9f56-e827337fbddf
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61af7098-0409c8136fcfb7521327fab8;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA60-P3
x-amz-apigw-id: J-6H1Fw8joEFlQw=
content-length: 30
x-amz-cf-id: bvf-UonLq5kqOavM4wXuNHSYPga17Z_Fz8HeWYhmXonFWKF3A1_QJQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 rules-p-kZpd2WPpvPttS.js Show response
rules.quantcount.com/ 2 B
344 B 33ms
7ms Script
application/javascript 2600:9000:223e:b400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-kZpd2WPpvPttS.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:06:27 GMT
via: 1.1 e59bea79ab5f15feda92136bc7b74159.cloudfront.net (CloudFront)
server: AmazonS3
age: 2152
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P4
content-length: 2
x-amz-cf-id: oWNd7Y2rJ__68N4Fbsw_r2jM8O7oc6xWqGMRGhbWJtszMSt5WVfj1g==

GET
H3 200 1897937520432117 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 17ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1897937520432117?v=2.9.48&r=stable

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

efd37808662afd01c4de0bd00e301a63a4d132a0a80dc775149ef18682548cb0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89008
x-xss-protection: 0
pragma: public
x-fb-debug: 3ydeLVxvAVIFO1g5WZ2DC7whj3Mx1NKdx+U9MKEpLr2tpaQ9mEcf9eG0V4TiUblKBl7/1bhOsMxQrgj4pDMEjw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 07 Dec 2021 15:42:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 42E9 134 KB
36 KB 16ms
15ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 24
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1GXYM2TWMCGNNKD5RHT1
date: Tue, 07 Dec 2021 15:41:56 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 98652de9f742fc1df9de714d921e14c3.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: oOtIa7wxOSPlOlMaA7tuEw3rV-xtnJAQ76kEpZNnwfyW-jkKbSVYPQ==

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 65 KB
5 KB 168ms
109ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=29039910015905201638891740360&gdpr=1&gdprconsent=0&cid=8CUYW0S8R&itype=HB&ptrid=8PRW23HG5&sd=1&requestString=120310561*175%7C336x280%7C8CUYW0S8R%7C120310561_8CUYW0S8R%7C%7C%7C1%40120310561*201%7C336x280%7C8CUYW0S8R%7C120310561_8CUYW0S8R%7C%7C%7C1%40120310561*203%7C336x280%7C8CUYW0S8R%7C120310561_8CUYW0S8R%7C%7C%7C1%40120310561*214%7C336x280%7C8CUYW0S8R%7C120310561_8CUYW0S8R%7C%7C%7C1%40120310561*222%7C336x280%7C8CUYW0S8R%7C120310561_8CUYW0S8R%7C%7C%7C1%40120310561*251%7C336x280%7C8CUYW0S8R%7C120310561_8CUYW0S8R%7C%7C%7C1%40120310561*255%7C336x280%7C8CUYW0S8R%7C120310561_8CUYW0S8R%7C%7C%7C1%40218013867*175%7C728x90%7C8CUYW0S8R%7C218013867_8CUYW0S8R%7C%7C%7C1%40218013867*201%7C728x90%7C8CUYW0S8R%7C218013867_8CUYW0S8R%7C%7C%7C1%40218013867*203%7C728x90%7C8CUYW0S8R%7C218013867_8CUYW0S8R%7C%7C%7C1%40218013867*214%7C728x90%7C8CUYW0S8R%7C218013867_8CUYW0S8R%7C%7C%7C1%40218013867*222%7C728x90%7C8CUYW0S8R%7C218013867_8CUYW0S8R%7C%7C%7C1%40218013867*251%7C728x90%7C8CUYW0S8R%7C218013867_8CUYW0S8R%7C%7C%7C1%40218013867*255%7C728x90%7C8CUYW0S8R%7C218013867_8CUYW0S8R%7C%7C%7C1%40233397428*175%7C300x250%7C8CUYW0S8R%7C233397428_8CUYW0S8R%7C%7C%7C1%40233397428*201%7C300x250%7C8CUYW0S8R%7C233397428_8CUYW0S8R%7C%7C%7C1%40233397428*203%7C300x250%7C8CUYW0S8R%7C233397428_8CUYW0S8R%7C%7C%7C1%40233397428*214%7C300x250%7C8CUYW0S8R%7C233397428_8CUYW0S8R%7C%7C%7C1%40233397428*222%7C300x250%7C8CUYW0S8R%7C233397428_8CUYW0S8R%7C%7C%7C1%40233397428*251%7C300x250%7C8CUYW0S8R%7C233397428_8CUYW0S8R%7C%7C%7C1%40233397428*255%7C300x250%7C8CUYW0S8R%7C233397428_8CUYW0S8R%7C%7C%7C1%40233397428*4%7C300x250%7C8CU6P9DG4%7C541447225%7C%7C%7C1%40246251048*175%7C336x280%7C8CUYW0S8R%7C246251048_8CUYW0S8R%7C%7C%7C1%40246251048*201%7C336x280%7C8CUYW0S8R%7C246251048_8CUYW0S8R%7C%7C%7C1%40246251048*203%7C336x280%7C8CUYW0S8R%7C246251048_8CUYW0S8R%7C%7C%7C1%40246251048*214%7C336x280%7C8CUYW0S8R%7C246251048_8CUYW0S8R%7C%7C%7C1%40246251048*222%7C336x280%7C8CUYW0S8R%7C246251048_8CUYW0S8R%7C%7C%7C1%40246251048*251%7C336x280%7C8CUYW0S8R%7C246251048_8CUYW0S8R%7C%7C%7C1%40246251048*255%7C336x280%7C8CUYW0S8R%7C246251048_8CUYW0S8R%7C%7C%7C1%40246251048*4%7C336x280%7C8CU6P9DG4%7C362841386%7C%7C%7C1%40248639262*175%7C320x100%7C8CUYW0S8R%7C248639262_8CUYW0S8R%7C%7C%7C1%40248639262*201%7C320x100%7C8CUYW0S8R%7C248639262_8CUYW0S8R%7C%7C%7C1%40248639262*203%7C320x100%7C8CUYW0S8R%7C248639262_8CUYW0S8R%7C%7C%7C1%40248639262*214%7C320x100%7C8CUYW0S8R%7C248639262_8CUYW0S8R%7C%7C%7C1%40248639262*222%7C320x100%7C8CUYW0S8R%7C248639262_8CUYW0S8R%7C%7C%7C1%40248639262*251%7C320x100%7C8CUYW0S8R%7C248639262_8CUYW0S8R%7C%7C%7C1%40248639262*255%7C320x100%7C8CUYW0S8R%7C248639262_8CUYW0S8R%7C%7C%7C1%40248639262*4%7C320x100%7C8CU6P9DG4%7C572718257%7C%7C%7C1%40304435427*175%7C336x280%7C8CUYW0S8R%7C304435427_8CUYW0S8R%7C%7C%7C1%40304435427*201%7C336x280%7C8CUYW0S8R%7C304435427_8CUYW0S8R%7C%7C%7C1%40304435427*203%7C336x280%7C8CUYW0S8R%7C304435427_8CUYW0S8R%7C%7C%7C1%40304435427*214%7C336x280%7C8CUYW0S8R%7C304435427_8CUYW0S8R%7C%7C%7C1%40304435427*222%7C336x280%7C8CUYW0S8R%7C304435427_8CUYW0S8R%7C%7C%7C1%40304435427*251%7C336x280%7C8CUYW0S8R%7C304435427_8CUYW0S8R%7C%7C%7C1%40304435427*255%7C336x280%7C8CUYW0S8R%7C304435427_8CUYW0S8R%7C%7C%7C1%40333741187*175%7C468x60%7C8CUYW0S8R%7C333741187_8CUYW0S8R%7C%7C%7C1%40333741187*201%7C468x60%7C8CUYW0S8R%7C333741187_8CUYW0S8R%7C%7C%7C1%40333741187*203%7C468x60%7C8CUYW0S8R%7C333741187_8CUYW0S8R%7C%7C%7C1%40333741187*214%7C468x60%7C8CUYW0S8R%7C333741187_8CUYW0S8R%7C%7C%7C1%40333741187*222%7C468x60%7C8CUYW0S8R%7C333741187_8CUYW0S8R%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.3945152287880829&tscode=1&crid=120310561%2C218013867%2C233397428%2C246251048%2C248639262%2C304435427%2C333741187&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.westernjournal.com&https=1&requrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0&switch=1
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cf59528efd9510b6fec909d14775ce981dd277be163eb1c2ec7784235ff57b7d

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 07 Dec 2021 15:42:20 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 73 KB
6 KB 152ms
94ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=79562946927279911638891740362&gdpr=1&gdprconsent=0&cid=8CUYW0S8R&itype=HB&ptrid=8PRW23HG5&sd=1&requestString=333741187*251%7C468x60%7C8CUYW0S8R%7C333741187_8CUYW0S8R%7C%7C%7C1%40333741187*255%7C468x60%7C8CUYW0S8R%7C333741187_8CUYW0S8R%7C%7C%7C1%40333741187*4%7C468x60%7C8CU6P9DG4%7C271976645%7C%7C%7C1%40379653597*175%7C320x50%7C8CUYW0S8R%7C379653597_8CUYW0S8R%7C%7C%7C1%40379653597*201%7C320x50%7C8CUYW0S8R%7C379653597_8CUYW0S8R%7C%7C%7C1%40379653597*203%7C320x50%7C8CUYW0S8R%7C379653597_8CUYW0S8R%7C%7C%7C1%40379653597*214%7C320x50%7C8CUYW0S8R%7C379653597_8CUYW0S8R%7C%7C%7C1%40379653597*222%7C320x50%7C8CUYW0S8R%7C379653597_8CUYW0S8R%7C%7C%7C1%40379653597*251%7C320x50%7C8CUYW0S8R%7C379653597_8CUYW0S8R%7C%7C%7C1%40379653597*255%7C320x50%7C8CUYW0S8R%7C379653597_8CUYW0S8R%7C%7C%7C1%40379653597*4%7C320x50%7C8CU6P9DG4%7C845903607%7C%7C%7C1%40456537236*175%7C320x100%7C8CUYW0S8R%7C456537236_8CUYW0S8R%7C%7C%7C1%40456537236*201%7C320x100%7C8CUYW0S8R%7C456537236_8CUYW0S8R%7C%7C%7C1%40456537236*203%7C320x100%7C8CUYW0S8R%7C456537236_8CUYW0S8R%7C%7C%7C1%40456537236*214%7C320x100%7C8CUYW0S8R%7C456537236_8CUYW0S8R%7C%7C%7C1%40456537236*222%7C320x100%7C8CUYW0S8R%7C456537236_8CUYW0S8R%7C%7C%7C1%40456537236*251%7C320x100%7C8CUYW0S8R%7C456537236_8CUYW0S8R%7C%7C%7C1%40456537236*255%7C320x100%7C8CUYW0S8R%7C456537236_8CUYW0S8R%7C%7C%7C1%40456537236*4%7C320x100%7C8CU6P9DG4%7C623242860%7C%7C%7C1%40457974301*175%7C970x90%7C8CUYW0S8R%7C457974301_8CUYW0S8R%7C%7C%7C1%40457974301*201%7C970x90%7C8CUYW0S8R%7C457974301_8CUYW0S8R%7C%7C%7C1%40457974301*203%7C970x90%7C8CUYW0S8R%7C457974301_8CUYW0S8R%7C%7C%7C1%40457974301*214%7C970x90%7C8CUYW0S8R%7C457974301_8CUYW0S8R%7C%7C%7C1%40457974301*222%7C970x90%7C8CUYW0S8R%7C457974301_8CUYW0S8R%7C%7C%7C1%40457974301*251%7C970x90%7C8CUYW0S8R%7C457974301_8CUYW0S8R%7C%7C%7C1%40457974301*255%7C970x90%7C8CUYW0S8R%7C457974301_8CUYW0S8R%7C%7C%7C1%40457974301*4%7C970x90%7C8CU6P9DG4%7C811531821%7C%7C%7C1%40570633136*175%7C300x250%7C8CUYW0S8R%7C570633136_8CUYW0S8R%7C%7C%7C1%40570633136*201%7C300x250%7C8CUYW0S8R%7C570633136_8CUYW0S8R%7C%7C%7C1%40570633136*203%7C300x250%7C8CUYW0S8R%7C570633136_8CUYW0S8R%7C%7C%7C1%40570633136*214%7C300x250%7C8CUYW0S8R%7C570633136_8CUYW0S8R%7C%7C%7C1%40570633136*222%7C300x250%7C8CUYW0S8R%7C570633136_8CUYW0S8R%7C%7C%7C1%40570633136*251%7C300x250%7C8CUYW0S8R%7C570633136_8CUYW0S8R%7C%7C%7C1%40570633136*255%7C300x250%7C8CUYW0S8R%7C570633136_8CUYW0S8R%7C%7C%7C1%40570633136*4%7C300x250%7C8CU6P9DG4%7C559025668%7C%7C%7C1%40583314227*175%7C300x250%7C8CUYW0S8R%7C583314227_8CUYW0S8R%7C%7C%7C1%40583314227*201%7C300x250%7C8CUYW0S8R%7C583314227_8CUYW0S8R%7C%7C%7C1%40583314227*203%7C300x250%7C8CUYW0S8R%7C583314227_8CUYW0S8R%7C%7C%7C1%40583314227*214%7C300x250%7C8CUYW0S8R%7C583314227_8CUYW0S8R%7C%7C%7C1%40583314227*222%7C300x250%7C8CUYW0S8R%7C583314227_8CUYW0S8R%7C%7C%7C1%40583314227*251%7C300x250%7C8CUYW0S8R%7C583314227_8CUYW0S8R%7C%7C%7C1%40583314227*255%7C300x250%7C8CUYW0S8R%7C583314227_8CUYW0S8R%7C%7C%7C1%40614928513*175%7C300x250%7C8CUYW0S8R%7C614928513_8CUYW0S8R%7C%7C%7C1%40614928513*201%7C300x250%7C8CUYW0S8R%7C614928513_8CUYW0S8R%7C%7C%7C1%40614928513*203%7C300x250%7C8CUYW0S8R%7C614928513_8CUYW0S8R%7C%7C%7C1%40614928513*214%7C300x250%7C8CUYW0S8R%7C614928513_8CUYW0S8R%7C%7C%7C1%40614928513*222%7C300x250%7C8CUYW0S8R%7C614928513_8CUYW0S8R%7C%7C%7C1%40614928513*251%7C300x250%7C8CUYW0S8R%7C614928513_8CUYW0S8R%7C%7C%7C1%40614928513*255%7C300x250%7C8CUYW0S8R%7C614928513_8CUYW0S8R%7C%7C%7C1%40614928513*4%7C300x250%7C8CU6P9DG4%7C585140066%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.12166187075065515&tscode=1&crid=333741187%2C379653597%2C456537236%2C457974301%2C570633136%2C583314227%2C614928513&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.westernjournal.com&https=1&requrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0&switch=1
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ad63010f509043490052b2c949f6425fd5d27ab3178903d47555dad8f14ddce5

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 07 Dec 2021 15:42:20 GMT

GET
H2 200 rtbsspub
cdneast2-xch.media.net/AdExchange/ 57 KB
5 KB 162ms
104ms EventSource
text/event-stream 23.62.140.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdneast2-xch.media.net/AdExchange/rtbsspub?&prvReqId=66134260221585691638891740363&gdpr=1&gdprconsent=0&cid=8CUYW0S8R&itype=HB&ptrid=8PRW23HG5&sd=1&requestString=633022055*175%7C728x90%7C8CUYW0S8R%7C633022055_8CUYW0S8R%7C%7C%7C1%40633022055*201%7C728x90%7C8CUYW0S8R%7C633022055_8CUYW0S8R%7C%7C%7C1%40633022055*203%7C728x90%7C8CUYW0S8R%7C633022055_8CUYW0S8R%7C%7C%7C1%40633022055*214%7C728x90%7C8CUYW0S8R%7C633022055_8CUYW0S8R%7C%7C%7C1%40633022055*222%7C728x90%7C8CUYW0S8R%7C633022055_8CUYW0S8R%7C%7C%7C1%40633022055*251%7C728x90%7C8CUYW0S8R%7C633022055_8CUYW0S8R%7C%7C%7C1%40633022055*255%7C728x90%7C8CUYW0S8R%7C633022055_8CUYW0S8R%7C%7C%7C1%40633022055*4%7C728x90%7C8CU6P9DG4%7C745538127%7C%7C%7C1%40724377040*175%7C336x280%7C8CUYW0S8R%7C724377040_8CUYW0S8R%7C%7C%7C1%40724377040*201%7C336x280%7C8CUYW0S8R%7C724377040_8CUYW0S8R%7C%7C%7C1%40724377040*203%7C336x280%7C8CUYW0S8R%7C724377040_8CUYW0S8R%7C%7C%7C1%40724377040*214%7C336x280%7C8CUYW0S8R%7C724377040_8CUYW0S8R%7C%7C%7C1%40724377040*222%7C336x280%7C8CUYW0S8R%7C724377040_8CUYW0S8R%7C%7C%7C1%40724377040*251%7C336x280%7C8CUYW0S8R%7C724377040_8CUYW0S8R%7C%7C%7C1%40724377040*255%7C336x280%7C8CUYW0S8R%7C724377040_8CUYW0S8R%7C%7C%7C1%40769733058*175%7C300x250%7C8CUYW0S8R%7C769733058_8CUYW0S8R%7C%7C%7C1%40769733058*201%7C300x250%7C8CUYW0S8R%7C769733058_8CUYW0S8R%7C%7C%7C1%40769733058*203%7C300x250%7C8CUYW0S8R%7C769733058_8CUYW0S8R%7C%7C%7C1%40769733058*214%7C300x250%7C8CUYW0S8R%7C769733058_8CUYW0S8R%7C%7C%7C1%40769733058*222%7C300x250%7C8CUYW0S8R%7C769733058_8CUYW0S8R%7C%7C%7C1%40769733058*251%7C300x250%7C8CUYW0S8R%7C769733058_8CUYW0S8R%7C%7C%7C1%40769733058*255%7C300x250%7C8CUYW0S8R%7C769733058_8CUYW0S8R%7C%7C%7C1%40769733058*4%7C300x250%7C8CU6P9DG4%7C232017281%7C%7C%7C1%40818751455*175%7C300x250%7C8CUYW0S8R%7C818751455_8CUYW0S8R%7C%7C%7C1%40818751455*201%7C300x250%7C8CUYW0S8R%7C818751455_8CUYW0S8R%7C%7C%7C1%40818751455*203%7C300x250%7C8CUYW0S8R%7C818751455_8CUYW0S8R%7C%7C%7C1%40818751455*214%7C300x250%7C8CUYW0S8R%7C818751455_8CUYW0S8R%7C%7C%7C1%40818751455*222%7C300x250%7C8CUYW0S8R%7C818751455_8CUYW0S8R%7C%7C%7C1%40818751455*251%7C300x250%7C8CUYW0S8R%7C818751455_8CUYW0S8R%7C%7C%7C1%40818751455*255%7C300x250%7C8CUYW0S8R%7C818751455_8CUYW0S8R%7C%7C%7C1%40844592263*175%7C970x250%7C8CUYW0S8R%7C844592263_8CUYW0S8R%7C%7C%7C1%40844592263*201%7C970x250%7C8CUYW0S8R%7C844592263_8CUYW0S8R%7C%7C%7C1%40844592263*203%7C970x250%7C8CUYW0S8R%7C844592263_8CUYW0S8R%7C%7C%7C1%40844592263*214%7C970x250%7C8CUYW0S8R%7C844592263_8CUYW0S8R%7C%7C%7C1%40844592263*222%7C970x250%7C8CUYW0S8R%7C844592263_8CUYW0S8R%7C%7C%7C1%40844592263*251%7C970x250%7C8CUYW0S8R%7C844592263_8CUYW0S8R%7C%7C%7C1%40844592263*255%7C970x250%7C8CUYW0S8R%7C844592263_8CUYW0S8R%7C%7C%7C1%40844592263*4%7C970x250%7C8CU6P9DG4%7C114420021%7C%7C%7C1%40864159775*175%7C336x280%7C8CUYW0S8R%7C864159775_8CUYW0S8R%7C%7C%7C1%40864159775*201%7C336x280%7C8CUYW0S8R%7C864159775_8CUYW0S8R%7C%7C%7C1%40864159775*203%7C336x280%7C8CUYW0S8R%7C864159775_8CUYW0S8R%7C%7C%7C1%40864159775*214%7C336x280%7C8CUYW0S8R%7C864159775_8CUYW0S8R%7C%7C%7C1%40864159775*222%7C336x280%7C8CUYW0S8R%7C864159775_8CUYW0S8R%7C%7C%7C1%40864159775*251%7C336x280%7C8CUYW0S8R%7C864159775_8CUYW0S8R%7C%7C%7C1%40864159775*255%7C336x280%7C8CUYW0S8R%7C864159775_8CUYW0S8R%7C%7C%7C1&bl=1&hlt=1&ndec=1&region=nv&rt=5&tr=0.2081665647067792&tscode=1&crid=633022055%2C724377040%2C769733058%2C818751455%2C844592263%2C864159775&adt=desktop&scrsize=1600x1200&ugd=4&dn=https%3A%2F%2Fwww.westernjournal.com&https=1&requrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageinfo=%7B%22ph%22%3A1200%2C%22vh%22%3A1200%2C%22vw%22%3A1600%7D&act=headerBid&cc=DE&ct=FRANKFURT&rc=HE&usp_enf=1&usp_status=0&rtusuid=%7B%7D&prid=8PRVCXX19&coppa=0&isRefresh=0&encryptionVersion=0.0&switch=1
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.140.165 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-140-165.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f969e4dbf49402d7d3bcf499495287df7708679505e65a3101350d86c8c9d5b9

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
vary: accept-encoding
content-type: text/event-stream;charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *, *
expires: Tue, 07 Dec 2021 15:42:20 GMT

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 75 KB
75 KB 271ms
270ms XHR
text/javascript 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=110583&t=rc_161&c=1638891739930&width=1600&site_url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&referer=&skip_iab=true

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

3826f3a535b9885dd088ad7e1885b4e117cb18ccb05ac2f94aef6cb61a71c8bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.westernjournal.com
date: Tue, 07 Dec 2021 15:42:20 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/javascript; charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 56ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.westernjournal.com

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
19ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.westernjournal.com

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 85 KB
13 KB 485ms
469ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=747278088615860&correlator=2028436227988463&output=ldjh&impl=fifs&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=101957818%3A22550773714%2CWesternJournal%2CWesternJournal_Commentary%2CWesternJournal_Commentary_Direct%2CWesternJournal_Commentary_Direct_BB1%2CWesternJournal_Commentary_Direct_WP1%2CWesternJournal_Commentary_Direct_SB2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6&prev_iu_szs=728x90%7C970x250%7C970x90%2C1x1%2C300x600%7C300x250%7C1x1&prev_scp=ad_h%3D15%26amznbid%3D2%26amznp%3D2%7Cad_h%3D15%26amznbid%3D2%26amznp%3D2%7Cad_h%3D15%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=ADRIZER_DEST%3De07086d35e8acfc711789f5bbccdf7a1%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dcrime%252CJeffrey%2520Epstein%252Claw%252Csexual%2520abuse%26Category%3DCommentary%26URL%3D%252Fjp-morgan-official-says-esptein-kept-ma%26GoogleCompliant%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1638891739&dt=1638891740470&dlt=1638891739678&idt=764&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C-12245933%2C1066&adys=310%2C-12245933%2C1316&adks=3610299459%2C636827648%2C109305028&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1168x268%7C64x19%7C336x18&msz=970x-1%7C0x-1%7C336x0&ga_vid=1120668282.1638891740&ga_sid=1638891740&ga_hid=1631046340&ga_fc=true&fws=0%2C128%2C0&ohw=0%2C0%2C0&btvi=0%7C-1%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

8836c1892f7d9d09fb46bb0386139a8aea4083ca412abadc6491916f5ced7079

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13656
x-xss-protection: 0
google-lineitem-id: -1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2100889e6b6950c421d63f4eb128c352.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BC54 6 KB
4 KB 67ms
17ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2100889e6b6950c421d63f4eb128c352.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 07 Dec 2021 15:42:20 GMT
expires: Wed, 07 Dec 2022 15:42:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 46ms
7ms Image
image/gif 2600:9000:223f:1200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
age: 10625266
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: tzfcYnF4bDQ0ghBMiTK6qkvfH0-kX1hW8hwj0qdh8Dp1J0bnPtW0tg==

GET
H/1.1 200
OK loader.js Show response
soapps.net/live/loader/ 124 KB
38 KB 520ms
519ms Script
application/javascript 3.82.254.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soapps.net/live/loader/loader.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.82.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-82-254-41.compute-1.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

16d6d7ba4006096fb536c7321f156e466e93bad8397ead0a325368974436037f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 17 Nov 2021 08:30:52 GMT
Server: nginx/1.17.10
ETag: W/"6194bdbc-1ef37"
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: application/javascript
Cache-Control: public, max-age=300
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/ 189 KB
61 KB 18ms
18ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:20 GMT
Content-Encoding: gzip
Age: 222
X-Cache: HIT
Connection: keep-alive
Content-Length: 61460
x-amz-id-2: pWZObLJBrQbqNMKywGrAfa5FYRqkILIizhKIiReb17qcrh+0rt/ERQHYFDzpn3sB288tAa8NBDs=
X-Served-By: cache-cdg20770-CDG
Last-Modified: Thu, 02 Dec 2021 17:00:39 GMT
Server: AmazonS3
X-Timer: S1638891741.557673,VS0,VE0
ETag: "0bad6e8b774e2623401e436c2a44f48e"
x-amz-request-id: 1C8G5H81NTSJVZ74
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 287

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 58ms
30ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54260989-7&cid=1120668282.1638891740&jid=1688039414&_u=aGBAiUAjBAAAAE~&z=752247921

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 57ms
30ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54260989-7&cid=1120668282.1638891740&jid=1688039414&_u=aGBAiUAjBAAAAE~&z=752247921

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
969 B 39ms
11ms Fetch
application/json 18.66.112.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-89.fra56.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 19:57:59 GMT
via: 1.1 29f7132906866b79866659848b3a3b69.cloudfront.net (CloudFront), 1.1 0afa2d721972ae312ad1dd54e47c43cb.cloudfront.net (CloudFront)
age: 71061
x-amzn-requestid: fc64ad6a-ce1e-4a23-b9a4-9ca4213a3d72
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P3, FRA56-P5
x-amz-apigw-id: J8WzIENTCYcFmrQ=
content-length: 555
x-amz-cf-id: QbZ5yOiRASmLFMjRsb2rV_V6Xzdf-Fqn9RUoDs7An-cNjFEQHbEuqg==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 29 KB
10 KB 49ms
9ms Script
application/javascript 18.66.112.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-53.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: FFoz53cfgEbfQogHib76iTyL1K5X37BJ
content-encoding: gzip
etag: W/"ea838863b2b3bf40d1353c99808a5464"
last-modified: Tue, 09 Nov 2021 13:26:48 GMT
server: AmazonS3
age: 79081
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 98652de9f742fc1df9de714d921e14c3.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Mon, 06 Dec 2021 17:44:20 GMT
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: C6etKo24IG_prAlAl9GkdJEgv0x1dIvB9cr33XP0_cCmzsxgJg4IEQ==

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 20ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&bundle=FqfroF8lMkJLMEhHMHBlJTJCbDVubk9BYiUyRmhnbGZ6ZndwUTBmdmxodUJlJTJCeXlhczZaZ0c5TU1kbENnbUZsRDRycVVKb1FxeFdnMTBmaDZybldlM1Q0NzRxUHlQTDI3UEgzcjNxbnhXVWc1SnZONDNVSGZNWUFSNyUyRmFwN3hDV01uQ09YRjlhd2Q&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.westernjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1648
date: Tue, 07 Dec 2021 15:42:19 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&bundle=FqfroF8lMkJLMEhHMHBlJTJCbDVubk9BYiUyRmhnbGZ6ZndwUTBmdmxodUJlJTJCeXl...
https://mug.criteo.com/sid?cpp=Za43FnwzNnlpSnlYS21QdGJEc2psSW1tQXhmczFpMytNUWI5endHYjN2TnFFMmp6dzZZcmljVnRaM1NJblVkOXViem80b1BVNk1rKzNKUkdIaXBrU0VYNmN2N3RGNXVYVmRpb0ttYXBPR21oYzIydnJHaThJNk1rU0E4R0...

364 B
617 B

24ms
20ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Za43FnwzNnlpSnlYS21QdGJEc2psSW1tQXhmczFpMytNUWI5endHYjN2TnFFMmp6dzZZcmljVnRaM1NJblVkOXViem80b1BVNk1rKzNKUkdIaXBrU0VYNmN2N3RGNXVYVmRpb0ttYXBPR21oYzIydnJHaThJNk1rU0E4R0VSNHJXOUNMM1gyOVlqaWp6cjVaMGlzNFUzdHlTNVZFM0lzd212V0xzTGZtY1RHTi8remowbzJwaUtDSVdveWRiTFdxcW14clhHR1JDemsvbWNkZmJzRGxSS2xYakdCLzVOL3g4emlUU1RlOEgzdzZsWTRacFF4RGMxT0JBRHI3TUtsY3Q0WnE0fA&cppv=2

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

64f535fd8ce4cd1140cd9dce248a102f3f948d8d3d1c11574bd24c09f667efd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 07 Dec 2021 15:42:20 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2167
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 07 Dec 2021 15:42:20 GMT
location: https://mug.criteo.com/sid?cpp=Za43FnwzNnlpSnlYS21QdGJEc2psSW1tQXhmczFpMytNUWI5endHYjN2TnFFMmp6dzZZcmljVnRaM1NJblVkOXViem80b1BVNk1rKzNKUkdIaXBrU0VYNmN2N3RGNXVYVmRpb0ttYXBPR21oYzIydnJHaThJNk1rU0E4R0VSNHJXOUNMM1gyOVlqaWp6cjVaMGlzNFUzdHlTNVZFM0lzd212V0xzTGZtY1RHTi8remowbzJwaUtDSVdveWRiTFdxcW14clhHR1JDemsvbWNkZmJzRGxSS2xYakdCLzVOL3g4emlUU1RlOEgzdzZsWTRacFF4RGMxT0JBRHI3TUtsY3Q0WnE0fA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1966
content-length: 509
expires: 0

GET
H2 200 9af198ff-22cf-4d4b-80d5-b58d0f23e539.js Show response
df80k0z3fi8zg.cloudfront.net/files/instibid/ 305 KB
95 KB 46ms
9ms Script
application/javascript 2600:9000:2251:6000:10:3422:3f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:6000:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4c4b897eabbcf94cc5f85124ad0f1715051c0a0746490dd4af4d5531238ec213

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: .YZ_Ta6M3f_tC3nBnCV.pVgrfXyFEPUi
content-encoding: gzip
last-modified: Wed, 01 Dec 2021 16:19:03 GMT
server: AmazonS3
age: 132910
etag: W/"eb089426d0613686a5f24befff6b6ddb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 372875ad1ec20daf24f3f29f14a73cd0.cloudfront.net (CloudFront)
date: Mon, 06 Dec 2021 18:18:48 GMT
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: _yKxGuxtFmz5WdwYUyS5ZlxWQVF2tWsNNfJTf0dz8r6EAiRJ9MxNRw==

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
271 B 34ms
33ms Fetch
text/html 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=144909

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.westernjournal.com
date: Tue, 07 Dec 2021 15:42:20 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 29ms
29ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-9-63.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: https://www.westernjournal.com
date: Tue, 07 Dec 2021 15:42:20 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 token
eua.instiengage.com/v1/auth/ Frame 0
0 108ms
97ms Preflight 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eua.instiengage.com/v1/auth/token
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://auth.instiengage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://auth.instiengage.com
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-credentials: true

POST
H2 200 token Show response
eua.instiengage.com/v1/auth/ Frame 2AEC 864 B
1016 B 110ms
109ms Fetch
application/json 34.239.232.96
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://eua.instiengage.com/v1/auth/token
Requested by: Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.239.232.96 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-232-96.compute-1.amazonaws.com
Software: /
Resource Hash: 46681005eabfde44baa00c4220a935bf7c1b1b04a7e2a9f228c1dccf51868891

Request headers

Referer: https://auth.instiengage.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://auth.instiengage.com
date: Tue, 07 Dec 2021 15:42:20 GMT
access-control-allow-credentials: true
content-length: 864
vary: Origin
content-type: application/json

GET
H2 200 pixel;r=448552640;rf=0;a=p-kZpd2WPpvPttS;url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F;uh=2b2e810c2650318ae57ec03ce144a4...
pixel.quantserve.com/ 35 B
371 B 43ms
10ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=448552640;rf=0;a=p-kZpd2WPpvPttS;url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F;uh=2b2e810c2650318ae57ec03ce144a48b3c391eec5f4ba97535f7b2f3fafd1234;uht=0;fpan=1;fpa=P0-2140436091-1638891740677;pbc=a3ca3045-ae9b-46eb-b9f9-5da8f7ec06ee;ns=0;ce=1;qjs=1;qv=92a3679b-20211110211611;cm=;gdpr=0;ref=;d=westernjournal.com;je=0;sr=1600x1200x24;dst=0;et=1638891740677;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Dirty%20Money%3A%20JP%20Morgan%20Official%20Rats%20Esptein%20Out%252C%20Says%20He%20Wired%20Ghislaine%20Maxwel%2Cdescription.Maxwell%20claimed%20to%20be%20worth%20under%20%241%20million%20when%20she%20was%20arrested%252C%20but%20Jeffrey%20%2Curl.https%3A%2F%2Fwww%252Ewesternjournal%252Ecom%2Fjp-morgan-official-says-esptein-kept-maxwell-flus%2Csite_name.The%20Western%20Journal%2Cupdated_time.2021-12-07T15%3A30%3A53-07%3A00%2Cimage.https%3A%2F%2Fwww%252Ewesternjournal%252Ecom%2Fwp-content%2Fuploads%2F2021%2F12%2FUntitled-design-2021-1%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Ewesternjournal%252Ecom%2Fwp-content%2Fuploads%2F2021%2F12%2FUntitled-design-2021-1%2Cimage%3Awidth.1200%2Cimage%3Aheight.630

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 42E9 2 KB
2 KB 8ms
7ms XHR
application/json 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.westernjournal.com&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 0b0b0b673e9dd54874d4a47f1348fdcc93a172fddf681e78dd44bfd86e4f8d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 14:08:13 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c3.cloudfront.net (CloudFront)
server: Server
age: 5647
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-length: 1553
x-amz-cf-id: wgfgGF7CHDFwAzhH6AlLmYZN51TFbCYmLH5-9Ra3wLsN5wRgs-RCiA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 42E9 6 KB
3 KB 7ms
7ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 58261
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Mon, 06 Dec 2021 23:31:20 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: O68e0d7nn-Uw0cL4IS64040kkHRrO20iZWJLVbRdyvRzTNKaoPfVWQ==

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 17ms
17ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1359
date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20480112&ns__t=1638891740690&ns_c=UTF-8&cv=3.5&c8=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20...
https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1638891740690&ns_c=UTF-8&cv=3.5&c8=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%2...

0
224 B

323ms
323ms

Image
text/plain

54.230.69.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1638891740690&ns_c=UTF-8&cv=3.5&c8=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&c7=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&c9=
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Server: 54.230.69.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-69-41.blr50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
via: 1.1 66f5b63f0d6bfa07c6e6afd2b0f672b2.cloudfront.net (CloudFront)
x-amz-cf-pop: BLR50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: xDh7slyP7fFEjSR7Olx-LpzBay-1Wx0h1pYfzzIwi_DLOC1r8Og-UA==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 07 Dec 2021 15:42:20 GMT
via: 1.1 66f5b63f0d6bfa07c6e6afd2b0f672b2.cloudfront.net (CloudFront)
x-amz-cf-pop: BLR50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=20480112&ns__t=1638891740690&ns_c=UTF-8&cv=3.5&c8=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&c7=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&c9=
content-length: 371
x-amz-cf-id: mcwtLDwSYZLCKfBqMLoXItR-8s66RfHwhHuNPCsRDAvb-8kWGauu5Q==

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 26ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1897937520432117&ev=PageView&dl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&rl=&if=false&ts=1638891740717&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638891740716.781651181&it=1638891740381&coo=false&rqm=GET

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 07 Dec 2021 15:42:20 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 26ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1897937520432117&ev=ViewContent&dl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&rl=&if=false&ts=1638891740719&cd[content_name]=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&cd[content_tag]=%5B%22crime%2C%20Jeffrey%20Epstein%2C%20law%2C%20sexual%20abuse%22%5D&cd[content_category]=%5B%22Commentary%22%5D&cd[articleReactions]=%5B%22undefined%22%5D&cd[articleVirtues]=%5B%22undefined%22%5D&cd[siteName]=http%3A%2F%2Fwww.westernjournal.com&cd[wordCount]=900&cd[articleTitle]=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&cd[articleSocialTitle]=Dirty%20Money%3A%20JP%20Morgan%20Official%20Rats%20Esptein%20Out%2C%20Says%20He%20Wired%20Ghislaine%20Maxwell%20Over%20%2430%20Million&cd[articleSEOTitle]=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&cd[articleChooser]=cghena&cd[articleTitler]=cghena&cd[articleTitleLength]=97&cd[articleSocialTitleLength]=98&cd[articleSEOTitleLength]=97&cd[articleAuthor]=Wilmot&cd[articleEditor]=jsaunders&cd[articleShareTextAuthor]=cghena&cd[articleShareTextLength]=92&cd[articlePublishDate]=2021-12-07&cd[paragraphCount]=29&cd[articleID]=2834038&cd[articleFormat]=standard&cd[platform]=web&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638891740716.781651181&it=1638891740381&coo=false&rqm=GET

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 07 Dec 2021 15:42:20 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ Frame 42E9 185 KB
57 KB 10ms
8ms Script
application/x-javascript 13.32.99.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-34.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 01:32:55 GMT
content-encoding: br
age: 50966
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:73702bf1-4472-485c-9bda-886a8f21cacd
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 67c429bc2e760b9ca91a98648469be411bfcccf8bfb6ea245b28e6585b1861aa
x-amz-meta-codebuild-content-md5: 6bc77264d69b4716594d8b5229cafdb9
last-modified: Wed, 17 Nov 2021 08:31:53 GMT
server: AmazonS3
etag: W/"a8f24de78b4dc3ecbbff83b08aa9e411"
vary: Accept-Encoding
x-amz-version-id: TIXEr4j9ZaZJgKeoVZ8ehYwv1bF6gSxj
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA60-P3
content-type: application/x-javascript
x-amz-cf-id: vZlPYOIJkqzyeYLrnA4zy7hOdM-Nqn5y3LyKDbBL0oY19jn5w8hcUw==

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 42E9 53 KB
17 KB 97ms
26ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 07 Dec 2021 15:57:20 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/ Frame 42E9 66 KB
16 KB 24ms
23ms Script
text/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/pOIAx-8QWovHK9PBpEctv-fzgXs/gpt_and_prebid/config.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9dd82459816e9c47e9b0d51f7725d245fd679c73739a91a951b38c1660289177

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:20 GMT
Content-Encoding: gzip
Age: 3161
X-Cache: HIT
Connection: keep-alive
Content-Length: 15855
x-amz-id-2: kZY17u2SrI/OR8jfKttgBLFrvObU9ynIZovr5Mg9TeFu9zdFA239+ntT34w+5/0luIWnm6+mg9Q=
X-Served-By: cache-cdg20770-CDG
Last-Modified: Tue, 07 Dec 2021 13:53:27 GMT
Server: AmazonS3
X-Timer: S1638891741.742782,VS0,VE0
ETag: "e36eb964722fe4e88a09b79815f10aa4"
x-amz-request-id: Z6VWVYBH8ENG4N6E
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 96

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 42E9 35 KB
10 KB 61ms
17ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Tue, 07 Dec 2021 15:32:09 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10053
x-request-id: 32998294

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 25 KB
11 KB 328ms
327ms Fetch
text/html 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=144909&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&icr_url=&va=0&time=1638891740728&up=pc&bn=chrome&bv=96&widget_width=817&style_id=0&idhub[criteoId]=gm-vn19heUt5RVE2bHIzQWtRenJXOHdWM3ZkTXdvdkxseldDR241SUJQVEZETEp6JTJCd2FsZWxDQVhFJTJGZWpuYkFQbW8lMkZZcWpDQyUyQjR1dWM3NXQ2TzlvanRUT1F3JTNEJTNE&idhub[pubcid]=a3ca3045-ae9b-46eb-b9f9-5da8f7ec06ee

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

2e100922fa8baefc0494288d14f370efc3e4af795723bcd146dce4c36001122c

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 10521

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 42E9 64 B
538 B 49ms
49ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pid=NMkHlgZHDoDHR&cb=0&ws=0x0&v=7.71.1&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-cmt-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwesternjournal.com_Web_300x250_cmt_1%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwesternjournal.com_Web_300x250_cmt_2%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwesternjournal.com_Web_300x250_cmt_3%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F2507246%2Fwesternjournal.com_Web_300x250_cmt_4%22%7D%5D&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-109-174.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
via: 1.1 98652de9f742fc1df9de714d921e14c3.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: EHYVJ1B5AH190NVJBGKS
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: SlK_xvkmK9Hz0jPAiq_zLSpzUNT5F1Zic_Fc2vsHGtw2oL9FMNoSmw==

GET
H2 200 pixel.gif
dh014lg6uwepv.cloudfront.net/ 35 B
351 B 128ms
80ms Image
image/gif 2600:9000:2240:4c00:1a:5302:20c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1638891740761&site_uuid=9af198ff-22cf-4d4b-80d5-b58d0f23e539&hostname=www.westernjournal.com&ad_unit=westernjournal.com_Web_300x250_cmt_1&impression_type=undefined&device=desktop&country_code=DE
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4c00:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f9.cloudfront.net (CloudFront)
last-modified: Tue, 10 Sep 2019 16:08:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: 3_D5qI7qOg8QxBoNutF8GVLl5yxcDg3DPkK3zpwicsCy9xXfrqbJiA==

GET
H2 200 pixel.gif
dh014lg6uwepv.cloudfront.net/ 35 B
353 B 127ms
79ms Image
image/gif 2600:9000:2240:4c00:1a:5302:20c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1638891740762&site_uuid=9af198ff-22cf-4d4b-80d5-b58d0f23e539&hostname=www.westernjournal.com&ad_unit=westernjournal.com_Web_300x250_cmt_2&impression_type=undefined&device=desktop&country_code=DE
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4c00:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f9.cloudfront.net (CloudFront)
last-modified: Tue, 10 Sep 2019 16:08:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: k9vv9UxRMnXCHydKGUtXLVDK6LPyPcohzNPjOPsA-Y2V3xCGf83Nmw==

GET
H2 200 pixel.gif
dh014lg6uwepv.cloudfront.net/ 35 B
351 B 127ms
79ms Image
image/gif 2600:9000:2240:4c00:1a:5302:20c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1638891740764&site_uuid=9af198ff-22cf-4d4b-80d5-b58d0f23e539&hostname=www.westernjournal.com&ad_unit=westernjournal.com_Web_300x250_cmt_3&impression_type=undefined&device=desktop&country_code=DE
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4c00:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f9.cloudfront.net (CloudFront)
last-modified: Tue, 10 Sep 2019 16:08:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: Kn5jX2v95yjxBuOm2idgZkMd-dc-GdJCfdsq7NUTjYWE36bDeIB57Q==

GET
H2 200 pixel.gif
dh014lg6uwepv.cloudfront.net/ 35 B
352 B 126ms
78ms Image
image/gif 2600:9000:2240:4c00:1a:5302:20c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dh014lg6uwepv.cloudfront.net/pixel.gif?timestamp=1638891740765&site_uuid=9af198ff-22cf-4d4b-80d5-b58d0f23e539&hostname=www.westernjournal.com&ad_unit=westernjournal.com_Web_300x250_cmt_4&impression_type=undefined&device=desktop&country_code=DE
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4c00:1a:5302:20c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
via: 1.1 ec85113c6ed859938b3fcfa19bc035f9.cloudfront.net (CloudFront)
last-modified: Tue, 10 Sep 2019 16:08:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: "28d6814f309ea289f847c69cf91194c6"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: rMXzY96vOgDxDJ_hfjlfKbVpC9zPF7aip-ElZEHzNOY5QDT55t6zaQ==

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.westernjournal.com

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 40ms
20ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.westernjournal.com

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 453 B
273 B 157ms
157ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=747278088615860&correlator=1282764465482564&output=ldjh&impl=fifs&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=2507246%3A22550773714%2Cwesternjournal.com_Web_300x250_cmt_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x100%7C336x280%7C250x250%7C320x50&prev_scp=h%3D15%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.westernjournal.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ADRIZER_DEST%3De07086d35e8acfc711789f5bbccdf7a1%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dcrime%252CJeffrey%2520Epstein%252Claw%252Csexual%2520abuse%26Category%3DCommentary%26URL%3D%252Fjp-morgan-official-says-esptein-kept-ma%26GoogleCompliant%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1638891739&dt=1638891740781&dlt=1638891739678&idt=764&frm=20&biw=1600&bih=1200&oid=2&adxs=244&adys=9026&adks=3910353312&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=797x560&msz=336x-1&ga_vid=1120668282.1638891740&ga_sid=1638891740&ga_hid=1631046340&ga_fc=true&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

9ab5e23e0bb7ad0cbeeb3f16953fb6390030a1fd143262be840ffbc2b5063dc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 453 B
273 B 232ms
231ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=747278088615860&correlator=602282466195511&output=ldjh&impl=fifs&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=2507246%3A22550773714%2Cwesternjournal.com_Web_300x250_cmt_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x100%7C336x280%7C250x250%7C320x50&prev_scp=h%3D15%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.westernjournal.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ADRIZER_DEST%3De07086d35e8acfc711789f5bbccdf7a1%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dcrime%252CJeffrey%2520Epstein%252Claw%252Csexual%2520abuse%26Category%3DCommentary%26URL%3D%252Fjp-morgan-official-says-esptein-kept-ma%26GoogleCompliant%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1638891739&dt=1638891740783&dlt=1638891739678&idt=764&frm=20&biw=1600&bih=1200&oid=2&adxs=244&adys=9306&adks=2002561565&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=797x560&msz=336x-1&ga_vid=1120668282.1638891740&ga_sid=1638891740&ga_hid=1631046340&ga_fc=true&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

5a3e87cfa469cfa12a0208d51b5160faa3682b478018a129ae7e08df3dcb0917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 459 B
272 B 154ms
153ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=747278088615860&correlator=1331598308733188&output=ldjh&impl=fifs&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=2507246%3A22550773714%2Cwesternjournal.com_Web_300x250_cmt_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x100%7C336x280%7C250x250%7C320x50&prev_scp=h%3D15%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.westernjournal.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ADRIZER_DEST%3De07086d35e8acfc711789f5bbccdf7a1%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dcrime%252CJeffrey%2520Epstein%252Claw%252Csexual%2520abuse%26Category%3DCommentary%26URL%3D%252Fjp-morgan-official-says-esptein-kept-ma%26GoogleCompliant%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1638891739&dt=1638891740785&dlt=1638891739678&idt=764&frm=20&biw=1600&bih=1200&oid=2&adxs=244&adys=9586&adks=2952428877&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=797x560&msz=336x-1&ga_vid=1120668282.1638891740&ga_sid=1638891740&ga_hid=1631046340&ga_fc=true&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

3febc142f194fc5b883375e40c4da2ffb22e5880622057210f1f82334aab0b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 453 B
272 B 177ms
177ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=747278088615860&correlator=3287566517119110&output=ldjh&impl=fifs&vrg=2021120201&ptt=17&sc=1&sfv=1-0-38&ecs=20211207&iu_parts=2507246%3A22550773714%2Cwesternjournal.com_Web_300x250_cmt_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C320x100%7C336x280%7C250x250%7C320x50&prev_scp=h%3D15%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.westernjournal.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ADRIZER_DEST%3De07086d35e8acfc711789f5bbccdf7a1%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dcrime%252CJeffrey%2520Epstein%252Claw%252Csexual%2520abuse%26Category%3DCommentary%26URL%3D%252Fjp-morgan-official-says-esptein-kept-ma%26GoogleCompliant%3Dtrue&cookie_enabled=1&bc=31&abxe=1&lmt=1638891739&dt=1638891740790&dlt=1638891739678&idt=764&frm=20&biw=1600&bih=1200&oid=2&adxs=244&adys=9866&adks=2553185781&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=797x560&msz=336x-1&ga_vid=1120668282.1638891740&ga_sid=1638891740&ga_hid=1631046340&ga_fc=true&fws=0&ohw=0&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1e91c52adb82442b6457885a1c91e31db0bbed3d80e475c764657f4670546b01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rev2.min.css
cdn.revcontent.com/build/css/ 83 KB
23 KB 35ms
11ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/css/rev2.min.css?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 15:29:40 GMT
etag: "1638804580"
x-hw: 1638891740.cds155.fr8.hn,1638891740.cds227.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=302
accept-ranges: bytes
content-length: 23124

GET
H2 200 rev2.min.js Show response
cdn.revcontent.com/build/js/ 280 KB
84 KB 41ms
17ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 15:29:40 GMT
etag: "1638804580"
x-hw: 1638891740.cds155.fr8.hn,1638891740.cds267.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=67834
accept-ranges: bytes
content-length: 85555

GET
H/1.1 200
OK A-60B151DA8288234CC8284E80-3.js Show response
s3.amazonaws.com/js.revcontent.com/p0/js/ 694 B
1 KB 438ms
121ms Script
text/javascript 54.231.133.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/js.revcontent.com/p0/js/A-60B151DA8288234CC8284E80-3.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.133.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e1c0230c24ee764b096fcb91b2590197cde77d791d7319af83be20e16502c9af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:22 GMT
Last-Modified: Tue, 07 Dec 2021 12:04:34 GMT
Server: AmazonS3
x-amz-request-id: KJHX60QYKWJE7JW6
ETag: "238de53e3e2028e34898d57448bfdf3b"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 694
x-amz-id-2: a9rztZwJk3+bYGZxYNuM3PQXEgbtDZnhnmDTgrD8akQwd2LsrPvhLjo9UYXAlcnXJpWqyo5UNy8=

GET
H2 200 /
img.revcontent.com/ 20 KB
20 KB 29ms
10ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
last-modified: Wed, 01 Jul 2020 17:13:25 GMT
etag: "1593623605"
x-hw: 1638891740.cds155.fr8.hn,1638891740.cds260.fr8.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20438

GET
H2 200 https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F9da50cd8-a164-467e-ad90-b9b8adf693be%2F640x480.jpg
images.revcontent.com/revcontent/image/fetch/h_315,w_420,c_fill,g_face/pg_1/ 18 KB
18 KB 43ms
11ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/h_315,w_420,c_fill,g_face/pg_1/https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F9da50cd8-a164-467e-ad90-b9b8adf693be%2F640x480.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1bfb186a3db0ab5d21167fb3afa96f81b3de41385499c0dd3fa6b1aa6a056047

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 20:34:55 GMT
server: Cloudinary
etag: "dc05c8cd69623cbb37b0e0281970d8c0"
strict-transport-security: max-age=604800
x-hw: 1638891740.cds135.fr8.hn,1638891740.cds217.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=407;cpu=0;start=2021-12-03T08:29:36.643Z;desc=miss,rtt;dur=0,cloudinary;dur=55;start=2021-11-22T11:36:26.203Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 18079

GET
H2 200 15263283421593005855.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 11 KB
11 KB 47ms
17ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/15263283421593005855.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1e3124c9fc374a00db94528aabad5b2c5d5e79ec7ff909b9d50734faade2dd4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
cache-tag: 444713765488154648866122040666240464337,474477736686426290265385448712956758235,578c3b63e33b327d463a78e9f3c3e28a
content-disposition: inline; filename="15263283421593005855.webp"
server-timing: fastly;dur=2;cpu=1;start=2021-12-07T15:30:30.083Z;desc=hit,rtt;dur=0
content-length: 11266
last-modified: Wed, 25 Aug 2021 21:45:24 GMT
server: Cloudinary
etag: "ad1b964701d1c22e424658d86e632653"
vary: Accept
x-hw: 1638891740.cds135.fr8.hn,1638891740.cds142.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 3857d1fbcc78fe2d9281b134de36fc09.jpeg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 26 KB
27 KB 20ms
17ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/3857d1fbcc78fe2d9281b134de36fc09.jpeg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

44b02c22ab6e48cd23929e7b5eba3a06be6b9bc11bbdb308716a9a1088889e72

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="3857d1fbcc78fe2d9281b134de36fc09.webp"
server-timing: fastly;dur=2;cpu=1;start=2021-12-05T20:53:12.600Z;desc=hit,rtt;dur=0
content-length: 26962
last-modified: Mon, 20 Sep 2021 18:45:06 GMT
server: Cloudinary
etag: "32b938971efeea3f158130d4435e002c"
vary: Accept
x-hw: 1638891740.cds135.fr8.hn,1638891740.cds257.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200 369.json Show response
id5-sync.com/g/v2/ Frame 42E9 213 B
540 B 50ms
13ms XHR
application/json 51.195.5.40
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/369.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.40 , France, ASN16276 (OVH, FR),

Reverse DNS

p17.id5-sync.com

Software

Resource Hash

176f781da7f07eb7de63817a8bd5e63f1cbe3abacb597e5565e502f93ba8cf68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.westernjournal.com
Date: Tue, 07 Dec 2021 15:42:07 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
26 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

578da29b095aa5645641c310fa3263a6f540af8a7629e5a82747a89677c98d18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1065 / 551 of 1000 / last-modified: 1638878732"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27030
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Dec 2021 15:42:20 GMT

GET
H2 200 prebid_OaEAJP.js Show response
b2cdn.automatad.com/js/ 241 KB
79 KB 18ms
18ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b2cdn.automatad.com/js/prebid_OaEAJP.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 9c10f8fc0dfdd02668d6451e01612721436444d1983df9bd60c57be171220d39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: br
x-openstack-request-id: tx4847f388771b471f8fa39-0061a89d10
cdn-edgestorageid: 756
access-control-allow-origin: *
x-iplb-instance: 28796
cdn-cachedat: 12/02/2021 11:17:39
cdn-pullzone: 87832
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id: tx4847f388771b471f8fa39-0061a89d10
server: BunnyCDN-DE1-756
x-timestamp: 1638440118.31770
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Thu, 02 Dec 2021 10:15:19 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
x-iplb-request-id: B95D01F1:C3AB_8E2CE366:01BB_61A89D0F_3149FCC:19140
vary: Accept-Encoding
x-object-meta-mtime: 1638440058.085673095
cdn-cache: HIT
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control: public, max-age=120
cdn-requestid: 1bd493f0d6fc8637df090226dfd5925f
content-type: application/javascript
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency.json Show response
b2cdn.automatad.com/json/ 2 KB
2 KB 31ms
11ms XHR
application/json 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://b2cdn.automatad.com/json/currency.json
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: afd009d29b0cbcdd0a27f48454ea1e972b2e3d93dc2e260146e882521bf58071

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: br
x-openstack-request-id: txbba942937e154ad2bd333-0061ae3d6d
cdn-edgestorageid: 756
access-control-allow-origin: *
x-iplb-instance: 28796
cdn-cachedat: 12/06/2021 20:24:35
cdn-pullzone: 87832
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id: txbba942937e154ad2bd333-0061ae3d6d
server: BunnyCDN-DE1-756
x-timestamp: 1638808831.66585
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified: Mon, 06 Dec 2021 16:40:32 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-iplb-request-id: B95D01F3:4A7F_8E2CE366:01BB_61AE3D6D_4CA5CCF:19145
vary: Accept-Encoding
x-object-meta-mtime: 1638808801.522502705
cdn-cache: HIT
cdn-uid: 02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control: public, max-age=10800
cdn-requestid: 5ea541302573efb36067506904ff7ede
content-type: application/json
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/ Frame 42E9 189 KB
61 KB 16ms
16ms Script
application/javascript 151.101.65.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202112021159/wrap.js
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:20 GMT
Content-Encoding: gzip
Age: 222
X-Cache: HIT
Connection: keep-alive
Content-Length: 61460
x-amz-id-2: pWZObLJBrQbqNMKywGrAfa5FYRqkILIizhKIiReb17qcrh+0rt/ERQHYFDzpn3sB288tAa8NBDs=
X-Served-By: cache-cdg20770-CDG
Last-Modified: Thu, 02 Dec 2021 17:00:39 GMT
Server: AmazonS3
X-Timer: S1638891741.881811,VS0,VE0
ETag: "0bad6e8b774e2623401e436c2a44f48e"
x-amz-request-id: 1C8G5H81NTSJVZ74
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 288

GET
H2 200 sizzle.min.js Show response
cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/ 19 KB
7 KB 74ms
34ms XHR
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/sizzle.min.js

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 390734
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6679
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd4-4dc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHQaGvujYri52Y3fYeKuk0iz9OA3Zmn9sjbUnVUmDk3G7A4IY2wi4L%2FKUtFw%2Fvy96RCQaQ5srrMUwg7tC4tcLWHRvopbwkaF%2Fi0362j2XbFME64HmTzB7FpRLQVLGITgBepEYdkCBqmMjdSfeQn%2F8oNU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b9edd04fddc83ac-MXP
expires: Sun, 27 Nov 2022 15:42:20 GMT

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
201 B 142ms
83ms XHR
text/html 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.westernjournal.com
date: Tue, 07 Dec 2021 15:42:21 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 53DD 189 KB
55 KB 69ms
6ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 345394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Fri, 03 Dec 2021 15:45:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Dec 2022 15:45:47 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 53DD 13 KB
5 KB 79ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 345394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Fri, 03 Dec 2021 15:45:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Dec 2022 15:45:47 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 53DD 89 KB
28 KB 81ms
18ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 345394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Fri, 03 Dec 2021 15:45:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Dec 2022 15:45:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 53DD 5 KB
2 KB 89ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 345394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Fri, 03 Dec 2021 15:45:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Dec 2022 15:45:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 53DD 40 KB
13 KB 89ms
27ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 345394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Fri, 03 Dec 2021 15:45:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Dec 2022 15:45:47 GMT

GET
DATA 200
OK truncated
/ Frame 53DD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8108452f8ad6ff53517b76d9974037423825272aaea25a2c76b02d418638924e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 12114303242256021848
tpc.googlesyndication.com/simgad/ Frame 53DD 129 KB
129 KB 36ms
10ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12114303242256021848

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e03b850c4b722c8ceb2e8ba48de53427de7b7ea3ff638ba7e42c11eba7a4cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 13:59:11 GMT
x-content-type-options: nosniff
age: 6190
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131781
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 10:22:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Dec 2022 13:59:11 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 53DD 2 KB
3 KB 34ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 70025
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 07 Dec 2021 20:15:16 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 53DD 295 B
757 B 33ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 35927
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 08 Dec 2021 05:43:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 53DD 0
0 43ms
20ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQJJo1Vdi3SYEs7j8zpMJUQpc6g7C73ZY_O-J39wnuNhtHejzlcG9ibC7a17Z5I9637ALZPoYKUvegY0D3hfPjTFuqdXg
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 53DD 0
0 54ms
54ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKfbl3ICvYZPqINWs3gOQ44y4ApPusPxmt7PAuIAP3tkeEAEgsu-mImCV4pCCoAegAYbvq5UCyAED4AIAqAMByAMIqgTzAk_QSBDCC-hva8OyjIqZ4yOWYiSh2gLrLsI7V8ZJjZqiihviEl1W0lnMLBlqhL8wbPaX6hNH1jQWzXMWJYk3WxWity5eRGT9E1gu4h8bd0yxsKixnv4bP_ASFwh_-AZM56fHOZoXqj9Td246WdN_lNPkIIpHgbQx6vS9W6AzVVlp6J6GaY9S4JVFDpxfynqPt3wlSni6bAy9J2BonqihCQH2ZvmplJq7K9yyD5r8i-rW4S6eBpdvK33F17cx1UJbzDPELaBVLwS9LF5hOvidM172guK29iB0raVfKsaIOPLO0t1PoYnuwmLSWqstFV1UhbH4egLJr9TkL96zBLfsQSb0iu9p6fYO8cZUXCBS0J6Yuc5-KFwxunzwkTlu3jR6ceCi9o3a1a_JIkOBSeN59mzMiRRZ0hrNyJDsYw4cvOOyaJKblooBu0j95sZSwxAR5ulvGz3R9j1kVqPoJW8uBPSMKJdrX9meK_pj--qbTNaj5o2uwASM4PjI_QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGA4AH4pDU6gGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDa6RbSCAkIiOGAEBABGB2ACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzQ3NzUzOTEyNzA4MDMwMxj64x8&sigh=3bj-nXDF0lY&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame E236 189 KB
54 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 345394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Fri, 03 Dec 2021 15:45:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Dec 2022 15:45:47 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame E236 13 KB
5 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 345394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Fri, 03 Dec 2021 15:45:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Dec 2022 15:45:47 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame E236 89 KB
28 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 345394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Fri, 03 Dec 2021 15:45:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Dec 2022 15:45:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame E236 5 KB
2 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 345394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Fri, 03 Dec 2021 15:45:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Dec 2022 15:45:47 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame E236 40 KB
13 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 345394
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Fri, 03 Dec 2021 15:45:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 03 Dec 2022 15:45:47 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E236 2 KB
2 KB 33ms
11ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 70025
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 07 Dec 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E236 295 B
319 B 33ms
12ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 35927
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 08 Dec 2021 05:43:34 GMT

GET
DATA 200
OK truncated
/ Frame E236 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2f7de40cc10c694d2555d8d75b5007f2d9396336983016172594d23aad7855e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 741842941772786459
tpc.googlesyndication.com/daca_images/simgad/ Frame E236 80 KB
80 KB 31ms
13ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/741842941772786459

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb56cd205a7785685c3b899966ad998ebe86c3946e0ee44e5245011289b2192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:40:18 GMT
x-content-type-options: nosniff
age: 536523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81722
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 02:35:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 10:40:18 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E236 0
0 53ms
53ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cghm33ICvYZXqINWs3gOQ44y4ApPusPxm7-ikoMwP3tkeEAEgsu-mImCV4pCCoAegAYbvq5UCyAEC4AIAqAMByAMIqgT2Ak_Q87Tsy9tcH_1JoftL-k2Axwd5yRE2DxHairPsZJrhd39X9ih6hUdhZq0ixK6ZHffzocBQ-SF7Ff1J7dI23-yvvk1u-dvcQFUO2sPO07gqDaYwfPHi4v9eaHZ-zzn5Uovr_CTGHl1ZZW6oaj8dI4uckgFVhMvsIQwEJt_g1TVnIBLHRD02ahnfpDITfGZY7txumQJ3jrvRgmnAjiWwNois14wjxvb2AnxvoXEJXz36ku6VAZoGHRat7z4RwxHwUkYvPVUAhykDAGAqVoxegVPU8WbPId5ZeRYCmR2vbolDjErTrsy1Yk0iP2KPcm187Iq2DjdtZsO0UoLn1hu2PIdtv6GVhuRbH4fJv0pF2zLOU1y6bawuGTZMsdk4AzHY0ZmDHYN5QTYn0CxuAkVMFpGSwGWTR3xFXUKsKH1J6ZYPDaRvHGp619geDh1JGVFmSECcWt84P6QrzA8ScAX4m77fCdfp0KhMtYQjropKaXsbY6YUwLIzwASM4PjI_QPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH4pDU6gGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD9sRrSCAkIiOGAEBABGB2ACgPICwHYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItMzQ3NzUzOTEyNzA4MDMwMxj64x8&sigh=iFd7mEyBi6U&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 37ms
31ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/impression

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.westernjournal.com
date: Tue, 07 Dec 2021 15:42:21 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H2 200 brandWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 65 KB
17 KB 18ms
18ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d22e679dae25289d250f190cdc9a720f46f09ca9181040e56e3359f0a7d1cb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:48 GMT
server: AmazonS3
x-amz-request-id: AETBDZ1ZBGEC7Z3W
etag: "bbe7815a6c1f99a913c40d9ff71fcfdc"
x-hw: 1638891741.cds155.fr8.hn,1638891741.cds254.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 16996
x-amz-id-2: 5JV2Xg3Jqb9IA3NGFBbvvNIVvGM+w3++VpbrSnzKqXAN4xRxI0df3MeU3kp40vh947KHLNm3omI=

GET
H2 200 defaultWidget~feedWidget.delivery.js Show response
assets.revcontent.com/master/ 42 KB
12 KB 18ms
18ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53f40153ce96daae594e7a554e3f335b042f970385e7b6749aabb25e221bf69b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:48 GMT
server: AmazonS3
x-amz-request-id: AET2PAHMPY8X3E6C
etag: "c752e29512ede679e40d7b08481f87f5"
x-hw: 1638891741.cds155.fr8.hn,1638891741.cds154.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 11866
x-amz-id-2: PLTE9TdW3KG+72FqqS4LsIfAIEWPDqrtNsgeO6DWAG8CFNGTAv7eFHJuNX6vArt/vMCkbUCtmuw=

GET
H2 200 feedWidget.delivery.js Show response
assets.revcontent.com/master/ 28 KB
8 KB 19ms
19ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0105def0e6568dc77a073c18c4bcee05ea12c744d451b1ec3756b9dc2d94b2c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:46 GMT
server: AmazonS3
x-amz-request-id: AET303EMKG24M4YY
etag: "67fffea6e688deb2a9a1b6bb1f0125b9"
x-hw: 1638891741.cds155.fr8.hn,1638891741.cds266.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 8394
x-amz-id-2: 8PLhwzwU79Q19xMlOFxnJVShY0Bgm6+WVaBmOtbttK3v9gFlfwWnM2n4NHZIxWVl1DyJEKE5oD8=

GET
H2 200 commonModal.delivery.js Show response
assets.revcontent.com/master/ 3 KB
2 KB 19ms
19ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/commonModal.delivery.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce0d8180e796390eaba89c213059ee270e6bc67fdc219cf1ff67953b0723649a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 20:58:48 GMT
server: AmazonS3
x-amz-request-id: AETBQRYG4HWVASXC
etag: "77359485ce587b0f07cbe070fcc63578"
x-hw: 1638891741.cds155.fr8.hn,1638891741.cds002.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 1641
x-amz-id-2: p6vdngxHegWCFvJRGD8O/dLmgMa44OXfjStuhIUYI1IWEXMIGRt0M+eHR5KgIZ2NBFVVfKNO9qM=

GET
H/1.1 200
OK A-60B151DA8288234CC8284E80-1.js Show response
s3.amazonaws.com/js.revcontent.com/p0/js/ 694 B
1 KB 229ms
112ms Script
text/javascript 54.231.133.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/js.revcontent.com/p0/js/A-60B151DA8288234CC8284E80-1.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.133.120 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 68c29ebc999c08f7e5b4074dbecfbd499274c360d4daef894dee7a5369b45fde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:22 GMT
Last-Modified: Tue, 07 Dec 2021 12:04:47 GMT
Server: AmazonS3
x-amz-request-id: KJHS0KVK8ZF6MZ11
ETag: "90940633bc408e690ef696d5e59c5c22"
Content-Type: text/javascript
Accept-Ranges: bytes
Content-Length: 694
x-amz-id-2: 2U+t90S3/aAtoRmuOMaciC1hw6FZxQ4FhY4GO5UvP60zKMeNkdbQDkbBCg8m79bV1FcnXD1bz1E=

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 53DD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

80ms
56ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date: Tue, 07 Dec 2021 15:42:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 201 event Show response
event.insticator.com/v1/ 0
125 B 102ms
102ms XHR
text/plain 52.202.233.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_pageview
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-233-191.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin: *
Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: https://www.westernjournal.com
date: Tue, 07 Dec 2021 15:42:21 GMT
access-control-allow-credentials: true
content-length: 0
vary: Origin

OPTIONS
H2 200 event
event.insticator.com/v1/ Frame 0
0 115ms
102ms Preflight 52.202.233.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://event.insticator.com/v1/event?event_name=event_pageview
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.233.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-233-191.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type
Origin: https://www.westernjournal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-headers: access-control-allow-origin,content-type
access-control-allow-methods: POST
access-control-allow-credentials: true

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E236
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

70ms
70ms

Image
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date: Tue, 07 Dec 2021 15:42:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 12ms
12ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
last-modified: Mon, 06 Dec 2021 15:29:40 GMT
etag: "1638804580"
x-hw: 1638891741.cds155.fr8.hn,1638891741.cds130.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=28737
accept-ranges: bytes
content-length: 4298

GET
H3 200 741842941772786459
tpc.googlesyndication.com/daca_images/simgad/ Frame E236 80 KB
80 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/741842941772786459

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdb56cd205a7785685c3b899966ad998ebe86c3946e0ee44e5245011289b2192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 10:40:18 GMT
x-content-type-options: nosniff
age: 536523
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 81722
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 02:35:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 01 Dec 2022 10:40:18 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E236 2 KB
2 KB 12ms
12ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 06 Dec 2021 20:15:16 GMT
x-content-type-options: nosniff
server: cafe
age: 70025
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 07 Dec 2021 20:15:16 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E236 295 B
319 B 12ms
12ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 05:43:34 GMT
x-content-type-options: nosniff
server: cafe
age: 35927
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Wed, 08 Dec 2021 05:43:34 GMT

GET
H2 200 https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F43aa8f8e-74a4-42b2-8f43-63226346da94%2F640x480.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/ 10 KB
10 KB 17ms
16ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https%3A%2F%2Fstatic.earnify.com%2Fm%2F0968c02b-68ba-408d-b1d5-77bf51da3157%2F43aa8f8e-74a4-42b2-8f43-63226346da94%2F640x480.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

8c8baffcbc46c84d4e2207819e099ee5883706283f9c3f64cc5302929d77bfd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
x-content-type-options: nosniff
last-modified: Fri, 03 Dec 2021 08:29:21 GMT
server: Cloudinary
etag: "e8f0421a490582a00d4f9e4ddc5cd3c9"
strict-transport-security: max-age=604800
x-hw: 1638891741.cds135.fr8.hn,1638891741.cds148.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=128;cpu=1;start=2021-12-03T08:29:45.059Z;desc=miss,rtt;dur=0,cloudinary;dur=30;start=2021-12-03T08:29:45.105Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 9850

GET
H2 200 ff27af5a5930935680a4c10289ad39e5.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 12 KB
12 KB 14ms
13ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_315,w_420,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ff27af5a5930935680a4c10289ad39e5.jpeg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

640cfa03a0edf6a9ccc1794366dc2a16dcdb308bd4b2dcbb60ff5e60e795d7ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=690;cpu=0;start=2021-11-11T17:39:07.045Z;desc=miss,rtt;dur=0,cloudinary;dur=598;start=2021-11-11T17:39:07.090Z,cld-id;desc=cb4e233b9e0b5e358cdb57d5d2e27a0d
content-length: 12067
x-request-id: cb4e233b9e0b5e358cdb57d5d2e27a0d
last-modified: Wed, 27 Oct 2021 22:30:27 GMT
server: Cloudinary
etag: "313c72d28a2cf468da14109e09e946f1"
strict-transport-security: max-age=604800
x-hw: 1638891741.cds135.fr8.hn,1638891741.cds240.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 61604981cbb342-22576005.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 4 KB
5 KB 14ms
14ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/61604981cbb342-22576005.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

76ab297a1fc6a9073d19013d0b1c26b5798430fb1af2f0e13404e559b8355798

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:08 GMT
server: Cloudinary
etag: "87223c44062bd741c80a68f182d245ac"
strict-transport-security: max-age=604800
x-hw: 1638891741.cds135.fr8.hn,1638891741.cds124.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=115;cpu=0;start=2021-11-11T17:39:07.840Z;desc=miss,rtt;dur=0,cloudinary;dur=26;start=2021-11-11T17:39:07.884Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 4579

GET
H2 200 786efd98e782caeef7e0267153a41307.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 9 KB
10 KB 15ms
15ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/786efd98e782caeef7e0267153a41307.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

aaba3136d2672accfc40ee820a19c23749273ab60886eb733f918ef2935a461d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
x-content-type-options: nosniff
server-timing: fastly;dur=1;start=2021-11-11T17:43:07.120Z;desc=hit,rtt;dur=0
content-length: 9613
x-request-id: 80ecc5e1f25a2d6163e7fe8f9e645f34
last-modified: Wed, 30 Dec 2020 15:10:40 GMT
server: Cloudinary
etag: "35bb1cf657c33f7dba4c79c6df95f3a7"
strict-transport-security: max-age=604800
x-hw: 1638891741.cds135.fr8.hn,1638891741.cds156.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 a10ce685ad71cde61e7992907f95e4ae.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 9 KB
9 KB 14ms
14ms Image
image/jpeg 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/a10ce685ad71cde61e7992907f95e4ae.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f1021bdb5ffeb515a31254dbaa37a53a9eb7da7500db00f6e54c9bf7a8ad7325

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 17:39:17 GMT
server: Cloudinary
etag: "b8549c22317fb918d42e730f637256d1"
strict-transport-security: max-age=604800
x-hw: 1638891741.cds135.fr8.hn,1638891741.cds168.fr8.c
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=604800
server-timing: fastly;dur=114;cpu=0;start=2021-11-11T17:39:36.438Z;desc=miss,rtt;dur=0,cloudinary;dur=20;start=2021-11-11T17:39:36.474Z
accept-ranges: bytes
timing-allow-origin: *
content-length: 8871

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 3E37 0
18 B 16ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.westernjournal.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Tue, 07 Dec 2021 15:42:21 GMT

GET
H/1.1 200
OK getContentIdByUrl Show response
soapps.net/live/comments/api/comments/ 79 B
462 B 343ms
105ms Fetch
application/json 3.82.254.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soapps.net/live/comments/api/comments/getContentIdByUrl?integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&extPageId=2834038&imageUrl=https://www.westernjournal.com/wp-content/uploads/2021/12/Untitled-design-2021-12-07T093535.447.jpg

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.82.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-82-254-41.compute-1.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

cbad153d8efbdf5dc8f077403de84e0cfa991709716eb4ed70404d68bef404d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:21 GMT
Vary: Origin
Server: nginx/1.17.10
RequestId: efc31690-e976-44fb-aae3-6e92982d6c28
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: application/json
Access-Control-Allow-Origin: https://www.westernjournal.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 79

GET
H2 200 v2bghTD7rUqja4RcrFcRwHZFsl0UmuFjrMIIMQ3aLQPy2D895jjE97AQ Show response
breadbalance.com/ 103 KB
30 KB 368ms
333ms Script
text/javascript 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://breadbalance.com/v2bghTD7rUqja4RcrFcRwHZFsl0UmuFjrMIIMQ3aLQPy2D895jjE97AQ

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

c44a339ae013a985712663b9de8319291d02c030531c08395982fdf15190ec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "cb13b6dc7b21d8d7910209a1517d717eb0b658c1cbbe10d4f22a7d9a1dc17a00"
vary: Accept-Encoding, Accept-Language
x-hostname: 37b68176
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 07 Dec 2021 15:42:21 GMT
timing-allow-origin: *

GET
H2 200 v2svcgWLBZ2ruI6dzDUzhrYwbYtJiXHMggLSV3Aqxa-FIj0aMUvXE4hk Show response
breadbalance.com/ 103 KB
30 KB 230ms
207ms Script
text/javascript 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://breadbalance.com/v2svcgWLBZ2ruI6dzDUzhrYwbYtJiXHMggLSV3Aqxa-FIj0aMUvXE4hk

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

43a060f1c0949125cf64646f359ba7f4a09a53285b037d72b35606a47537a29b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "549f90059130219488b2632c76ea9b05328c74dab7171066fe235eabc1cea868"
vary: Accept-Encoding, Accept-Language
x-hostname: 37b68176
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Tue, 07 Dec 2021 15:42:21 GMT
timing-allow-origin: *

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 32ms
32ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.westernjournal.com
date: Tue, 07 Dec 2021 15:42:21 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 86ms
86ms Fetch 34.247.9.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/event/generic

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.9.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-9-63.eu-west-1.compute.amazonaws.com

Software

Grizzly/2.4.4 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.westernjournal.com
date: Tue, 07 Dec 2021 15:42:21 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type
strict-transport-security: max-age=931536000; includeSubDomains

GET
H/1.1 200
OK page Show response
soapps.net/live/comments/api/ Frame C76B 8 KB
3 KB 110ms
110ms Document
text/html 3.82.254.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=2834038&contentId=b56a8996-6bd8-48d2-88b2-7a6c838099fa&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=3a2e10eb-3053-4229-b20a-6ad0686cf9ea

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.82.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-82-254-41.compute-1.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

445c395809e2e00980ad2333e58366040c979c6290e1f6285e87dbb23752d4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

Server: nginx/1.17.10
Date: Tue, 07 Dec 2021 15:42:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Origin
RequestId: 151c7e28-89f5-49ec-9c01-5f7385d48014
Access-Control-Allow-Credentials: true
ETag: W/"1eff-WLWDupGQSqWideOyfoHy2I3LTAQ"
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip

GET
H2 200 css2
fonts.googleapis.com/ Frame C76B 3 KB
989 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;700&display=block

Requested by

Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=2834038&contentId=b56a8996-6bd8-48d2-88b2-7a6c838099fa&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=3a2e10eb-3053-4229-b20a-6ad0686cf9ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

029ffff4f5d1efaeb0010bccf45aca803442a1eb2cb848abca13383cb068557d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 15:42:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 15:42:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 15:42:21 GMT

GET
H2 200 insticator_products_commenting.png
static.instiengage.com/files/images/commenting/ Frame C76B 44 KB
44 KB 112ms
14ms Image
image/png 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/files/images/commenting/insticator_products_commenting.png
Requested by: Host: soapps.net
URL: https://soapps.net/live/comments/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&extPageId=2834038&contentId=b56a8996-6bd8-48d2-88b2-7a6c838099fa&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=3a2e10eb-3053-4229-b20a-6ad0686cf9ea
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3b87bc3352de2fc3b4cc0cb79b83c3d018aec1d15946b86439a8300f28dae1aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: wUnwiK7nU9qGpk74Fpq7nTs479GsOAS_
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 15:05:21 GMT
server: AmazonS3
age: 357
etag: "9ae4751c76ebb9c22f1ef0451706fbe2"
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 07 Dec 2021 15:40:36 GMT
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 44794
x-amz-cf-id: ZfnudsbtpO0_nNDmW58p4MSQRxbsR9i703GAIqGBxSMaIZpQ3r23DA==

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame C76B 47 KB
48 KB 39ms
16ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;700&display=block

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://soapps.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 05:36:22 GMT
x-content-type-options: nosniff
age: 554759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 05:36:22 GMT

GET
H/1.1 200
OK page Show response
soapps.net/live/community/api/ Frame ECA5 46 KB
10 KB 135ms
134ms Document
text/html 3.82.254.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.82.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-82-254-41.compute-1.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

a95dc6751dcc844dab1e0387b3d147961ef5c746e9e1a1d6f5bcfaf740547cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

Server: nginx/1.17.10
Date: Tue, 07 Dec 2021 15:42:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Origin
RequestId: 4779915e-50cc-4ebd-9bd8-d58a56c138da
Access-Control-Allow-Credentials: true
ETag: W/"b979-E78XpLsuzD0hhnFqGw61nuI4qfU"
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip

GET
H3 200 css2
fonts.googleapis.com/ Frame ECA5 4 KB
510 B 39ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block

Requested by

Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8eb55a5a836670be78c05907572caf0901b0f7f627f4af90e3949eec45a0cd76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://soapps.net/
Origin: https://soapps.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 15:18:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 15:42:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 15:42:22 GMT

GET
H/1.1 200
OK vendor.dll.js Show response
soapps.net/live/vendor/ Frame ECA5 636 KB
210 KB 103ms
103ms Script
application/javascript 3.82.254.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soapps.net/live/vendor/vendor.dll.js?v=^3.0.0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.82.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-82-254-41.compute-1.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

ba285a6c4b8006b2d95e1ebd8e05f1b53030179ef2ec02fdf349a4caff7d8938

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 17 Nov 2021 08:29:51 GMT
Server: nginx/1.17.10
ETag: W/"6194bd7f-9ee9c"
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: application/javascript
Cache-Control: public, max-age=300
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK app.js Show response
soapps.net/live/community/static/ Frame ECA5 1 MB
358 KB 101ms
101ms Script
application/javascript 3.82.254.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://soapps.net/live/community/static/app.js?v=0.0.42

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.82.254.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-82-254-41.compute-1.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

febbe769b4b00ffa54b0380c98438b3344bedb083848009a1b6f87873a3d7066

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, Origin
Last-Modified: Mon, 22 Nov 2021 12:53:58 GMT
Server: nginx/1.17.10
ETag: W/"14f5c9-17d47b5d270"
RequestId: ab150a6d-177d-46e2-8eda-3f76802a506d
Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=300
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked

GET
H3 200 css2
fonts.googleapis.com/ Frame ECA5 4 KB
510 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8eb55a5a836670be78c05907572caf0901b0f7f627f4af90e3949eec45a0cd76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 15:35:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 15:42:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 15:42:22 GMT

POST
H/1.1 200 938.json Show response
id5-sync.com/g/v2/ 213 B
540 B 16ms
16ms XHR
application/json 51.195.5.40
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/938.json

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.40 , France, ASN16276 (OVH, FR),

Reverse DNS

p17.id5-sync.com

Software

Resource Hash

b19532ad13b810fec9c9bcb25f4f1789db850ca1da95f851e8e5c50ea5ed313c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.westernjournal.com
Date: Tue, 07 Dec 2021 15:42:08 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
343 B 113ms
45ms XHR
application/json 52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 4479fe9eb2cf0479456568bead92142d717b2ddb72b541b8b0ddd93ecf8d7409

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache
x-server: 10.45.27.169
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
548 B 109ms
33ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 09a6f437d48bacd234ab91b951258e5ded6eca367b12983e163d0ebce46ef2d0

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 15:42:22 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 06 Jan 2022 15:42:22 GMT

GET
H2 200 04%20-%20news.svg
static.instiengage.com/avatars/ Frame ECA5 1 KB
1 KB 9ms
8ms Image
image/svg+xml 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/avatars/04%20-%20news.svg
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6386ea013071217755d9a338da272ee8412ee5f89bc901fbb84d5ce774250b67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: VzzIjvidZOWN.mD_r3KFbnRbGyjvaz8Y
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 12:34:22 GMT
server: AmazonS3
age: 94
etag: W/"57e1e230d710fe5acaf84678a0505d7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
date: Tue, 07 Dec 2021 15:41:37 GMT
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 0DbtGCKiaxN4lCrVSV6KUw_pmbbAyY-yHiXw7LmiOCsjHeHTwAfP_Q==

GET
H2 200 64463bb0-5503-11ec-98f1-e74be1de05fc.png
static.instiengage.com/auth-service/profile/aa3ceffa-c24d-47f3-b7e4-d7dea44966fb/ Frame ECA5 15 KB
15 KB 13ms
13ms Image
image/png 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/auth-service/profile/aa3ceffa-c24d-47f3-b7e4-d7dea44966fb/64463bb0-5503-11ec-98f1-e74be1de05fc.png
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99b789102b36d6e8cc86cd4a7fc5464bf80b7912ca39ab9a6faee9d2fdd8e2ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 87LMpLcdY09t1mazL0DMJlEtMCvQgPg7
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
last-modified: Sat, 04 Dec 2021 13:09:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "56a73d8ac8f2661973ddfb1a7a3e6273"
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 07 Dec 2021 15:42:22 GMT
accept-ranges: bytes
content-length: 15011
x-amz-cf-id: odnfzOEat_3qe2SuS77EKTCzrG7gaL2WsnBaaCNqscVILWIPBj_drQ==

GET
H2 200 01%20-%20news.svg
static.instiengage.com/avatars/ Frame ECA5 2 KB
1 KB 10ms
10ms Image
image/svg+xml 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/avatars/01%20-%20news.svg
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bfdf79d9dcc07585ff31f266d0725a9108122726ce789c7997d2d301a3257df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: MVdTEQpApypKPcw48ItuUvC4XxW8_yW5
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 12:35:23 GMT
server: AmazonS3
age: 240
etag: W/"020a0ac79615d42effed9641351fe30e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
date: Tue, 07 Dec 2021 15:40:23 GMT
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: KP6N0TrjXQRTmgHE3IPXKqUaM2Tf0zs66BTtjEM-csSuYyNf_uqtQw==

GET
H2 200 02%20-%20news.svg
static.instiengage.com/avatars/ Frame ECA5 1 KB
1019 B 10ms
10ms Image
image/svg+xml 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/avatars/02%20-%20news.svg
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47e41babdfcfb9ab440deece5c9fcf6ef72b37b0ab14322599b0f39bbd2aa6eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: X7j9u5lIPGWk8ov2muXKs7pWIZyR5xFR
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 12:35:02 GMT
server: AmazonS3
age: 206
etag: W/"21acbf6c70600be2c1cf37375a5af345"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
date: Tue, 07 Dec 2021 15:40:23 GMT
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 3EYfHHPO6Lb10SLfRbZWZlOjLrN6s2bAtYm-5MWXONZKfkikbk1ZGQ==

GET
H2 200 09%20-%20news.svg
static.instiengage.com/avatars/ Frame ECA5 2 KB
1 KB 10ms
10ms Image
image/svg+xml 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/avatars/09%20-%20news.svg
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 846339e8fd4f5615b523b1b65423fa2cee96e43d63398c9e2470b4160129723e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: XqkVc.q_y8tl355Mu_y_4xmZ3Y_1.6Ci
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 12:32:27 GMT
server: AmazonS3
age: 407
etag: W/"fa6a0f9148778f98b51cac15665b04d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
date: Tue, 07 Dec 2021 15:39:15 GMT
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: HT5YjYM0frKOqSaUwTdBFsXa7xInWOuHtGaNTKBa8aAi6d8nl8CkmA==

GET
H2 200 03%20-%20news.svg
static.instiengage.com/avatars/ Frame ECA5 924 B
1 KB 11ms
10ms Image
image/svg+xml 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/avatars/03%20-%20news.svg
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21f6baf6f437f5ae0d94897041095becbd1c836b75f5111bd2c2c620f8a4d6b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: NNTj86SoTtyqYsdKW5yDcXOqVWsJQQHe
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 12:34:44 GMT
server: AmazonS3
age: 165
etag: "29cec791822c1b59d513bc9a5a0c0e85"
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Tue, 07 Dec 2021 15:41:31 GMT
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 924
x-amz-cf-id: gtWaHpqvwk1QyWV_iTc6HgP180K3b-5Wdp5db0ngsDalYtANwJc82g==

GET
H2 200 14%20-%20news.svg
static.instiengage.com/avatars/ Frame ECA5 716 B
1 KB 10ms
10ms Image
image/svg+xml 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/avatars/14%20-%20news.svg
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8745f08ab7e1f2986c6a6c6fe710f5f3289f05d8ea6f5a935630de85fae14db4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: hHllXUgHQFEEC04xX.MbumV.T7pJf7Qp
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
last-modified: Mon, 22 Nov 2021 12:30:38 GMT
server: AmazonS3
age: 361
etag: "5edc02e2c06cfa93cfe37934c5e0b467"
x-cache: Hit from cloudfront
content-type: image/svg+xml
date: Tue, 07 Dec 2021 15:38:00 GMT
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 716
x-amz-cf-id: usPd4kVmCQxG3bqimkMDdAl2BsN6OtdNpKIcF5pW3TDDtj2M0r8suw==

GET
H2 200 06%20-%20news.svg
static.instiengage.com/avatars/ Frame ECA5 2 KB
1 KB 11ms
11ms Image
image/svg+xml 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/avatars/06%20-%20news.svg
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2caed79550c84018f7884125fd3e77e1ee5d2391383365be65f3bd7e2b0f4763

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: Y61nnOy4wQ1ZIPnR_jqAx_AHrnyXokLM
content-encoding: br
last-modified: Mon, 22 Nov 2021 12:33:40 GMT
server: AmazonS3
age: 162
etag: W/"fb23e15d0c6048019f19d51942214c13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
date: Tue, 07 Dec 2021 15:42:19 GMT
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: m2r8h1QR7kqF-dzO71v6ga8m6aE86zLqtAXuYXE7hu_PPfUVVqxRug==

GET
H3 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ Frame ECA5 47 KB
47 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://soapps.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 01 Dec 2021 05:36:22 GMT
x-content-type-options: nosniff
age: 554760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 01 Dec 2022 05:36:22 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 53DD 42 B
497 B 70ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5W8tq--tC3fGYfRCdeIORFJk-e8JTaA1lhfpArNvLv014vPAZpoZMcbvVdsIxqOTDc7dzjwBFeQwYzfZ9W-u5of3OlYx7C-oVd58iSAlqbYXdBErkLA&sai=AMfl-YRdrnkxZIqKeUkBR9Xg2SM5WvGa-hFF2WHHsQcn_xz3R1Z9Yd0vOff6g4sWKLFNC2nCbKf3uIZKxIpv9zNYyjD9cjcnnt9ByjnmBcOcufTn-iOr3SVGg8MfdJCgaGA&sig=Cg0ArKJSzObTiGnC-nHNEAE&id=ampim&o=315,310&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=185&tls=1185&g=100&h=100&tt=1185&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=3610299459

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e5e85032a3c51694d231f5f11240ed1f
static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/bbc4acd4-7a5d-4a12-b5fa-1e62785c6146/ Frame ECA5 85 KB
85 KB 14ms
13ms Image
binary/octet-stream 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/bbc4acd4-7a5d-4a12-b5fa-1e62785c6146/e5e85032a3c51694d231f5f11240ed1f
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13f7a0a2e608a1bba799dac829a71aa2be5a7a49ee45b7d3f5e9c8ca65ea99d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: gBSQgoOXbwytu5.67m524N5VvdhVmenL
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 09:28:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "ee71a6b8f169cef0569ab6aba65cce57"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
date: Tue, 07 Dec 2021 15:42:22 GMT
accept-ranges: bytes
content-length: 86556
x-amz-cf-id: pQ5-3irKbvAHc8T52uf00bmQsJ61BN6VCcwQE3OtBWz_hMdjhFMH0Q==

GET
H2 200 1fd6e67099d39ed7baf820a728e3b7d6
static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/013eee14-29cb-4fea-ad2f-d1b858d69182/ Frame ECA5 49 KB
49 KB 55ms
54ms Image
binary/octet-stream 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/013eee14-29cb-4fea-ad2f-d1b858d69182/1fd6e67099d39ed7baf820a728e3b7d6
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b00d20815da2ed22c6e3a4b6e620c61dd7d021ea1e4b7ab4f1c8aa1eb0b45894

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: CzZbggNkPV.UrhW7d4_EZUUUJILABObR
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 09:45:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "c694a13e1a84485706381741410277df"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
date: Tue, 07 Dec 2021 15:42:22 GMT
accept-ranges: bytes
content-length: 50194
x-amz-cf-id: _Gqo-nrjVbTnJaV9oWA3X-X-LTPrQnclkiWsxvldXQ_bkpkyYBJsGA==

GET
H2 200 f9eda8c3e2a4b5ed4987cd45b06d2ab5
static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/7eea769c-48de-4ac1-9015-7f0ca0600073/ Frame ECA5 91 KB
91 KB 14ms
13ms Image
binary/octet-stream 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/7eea769c-48de-4ac1-9015-7f0ca0600073/f9eda8c3e2a4b5ed4987cd45b06d2ab5
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ceb50d8f86029f76e351eeee3967a64af4431a1138bccab062abe9e143c6829

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: lmw7V.dhnIjdDUizKY.mZnsGlp1KmWol
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 09:27:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "ecabd05afbc20cc6a5ad0b1a68204256"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
date: Tue, 07 Dec 2021 15:42:22 GMT
accept-ranges: bytes
content-length: 93080
x-amz-cf-id: 4Xi_YL7jjZ3BypqeDgR0DVkGh73MkSfh5hgsiLFgw_wVOwSIUz0O8w==

GET
H2 200 7cfabb9572c564c52e64e15f9ece3739
static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/ab66158f-df0a-4a8d-a85d-3cb6d933f539/ Frame ECA5 75 KB
76 KB 56ms
55ms Image
binary/octet-stream 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/ab66158f-df0a-4a8d-a85d-3cb6d933f539/7cfabb9572c564c52e64e15f9ece3739
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea0524eba5a389e45372aa903af8dc34d7a8f45081c422ca539b87f9e0c2d414

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: wS6I2oB20FjY.o5KqccZNqXKZe87yDsU
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 09:30:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "7750fb348ba3526f74831a72d456b087"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
date: Tue, 07 Dec 2021 15:42:22 GMT
accept-ranges: bytes
content-length: 77113
x-amz-cf-id: K__XBLecKP9n6tNwb0NFio5IcPDcgqT_1vomkWN34Y-Y1yxGbPRpRg==

GET
H2 200 4012653fe4ee98d9627a3293ffb97070
static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/d048475c-9c2d-4d53-b9e7-5c04324185fb/ Frame ECA5 48 KB
48 KB 14ms
13ms Image
binary/octet-stream 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/d048475c-9c2d-4d53-b9e7-5c04324185fb/4012653fe4ee98d9627a3293ffb97070
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 589a896c79d3ebe50e1c1ec457f5347b995c7da6403027a2bdf101a7b3f1d6af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: k5xJMYHkicdJMMypseTPlQ3LCXMmgWOY
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 09:48:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "6f35bc9e0116f4b9b8b2d0da66c9537d"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
date: Tue, 07 Dec 2021 15:42:22 GMT
accept-ranges: bytes
content-length: 49157
x-amz-cf-id: z3uvbJ6jra5mn845Puo9qY3ntKp6TBxu0wDbqoZZnIqZ-caKZ9WONw==

GET
H2 200 a178c62bc79d8cd98d214efa474052c8
static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/25133301-4fc3-4b9f-ba03-54a6232bca92/ Frame ECA5 103 KB
104 KB 46ms
46ms Image
binary/octet-stream 2600:9000:225e:be00:17:5bae:c7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.instiengage.com/comments-service/theadImages/9af198ff-22cf-4d4b-80d5-b58d0f23e539/25133301-4fc3-4b9f-ba03-54a6232bca92/a178c62bc79d8cd98d214efa474052c8
Requested by: Host: soapps.net
URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:be00:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d3f3ec79819a57bd2a4f95fda2cd0dde2cd505eb76885af0ddfd8b9a521eef0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://soapps.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: ZlFfa.y69e._Ct_vESdpB04QLmVwGMbl
via: 1.1 12e62b05f63a1a2118cca20014b15013.cloudfront.net (CloudFront)
last-modified: Wed, 17 Nov 2021 09:23:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
etag: "53bb9512e8019678906145980300f2a8"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
date: Tue, 07 Dec 2021 15:42:22 GMT
accept-ranges: bytes
content-length: 105869
x-amz-cf-id: ybAsyXXL9f5o4jbn47p0ungrR_BMYNxTCVy0R_AWnVTU2mYBcWmxBg==

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
341 B 37ms
37ms XHR
application/json 52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8f88a6c20b3afdf7c1f2e3451b00d506fa1f5a4811e72b065ac0698aef437c08

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache
x-server: 10.45.26.62
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
546 B 33ms
32ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 0766f30ae59f6c8aefbe07d4cad1ae7f65c2cbc0ae00cdc0cfc4cca71bdb5814

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 15:42:22 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Thu, 06 Jan 2022 15:42:22 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
333 B 45ms
15ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 07 Dec 2021 15:42:22 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 nr-1212.min.js Show response
js-agent.newrelic.com/ 34 KB
13 KB 36ms
14ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1212.min.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: S6r4yaeB6jo_ZylmZ_5cM21n7ZH1t6gc
content-encoding: gzip
etag: "9dfe540eb31e6fc0e0dddd91e3511f68"
x-amz-request-id: 0TM5PC7FSF00SYG0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12828
x-amz-id-2: z1U4CFjweYlb7Zya5oHzZMGY3E8DebmJqf9nnIggGk20PzHVfM8IK0N8VEjPd6CQsXF8vEVtHl8=
x-served-by: cache-hhn4053-HHN
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1638891743.713847,VS0,VE0
date: Tue, 07 Dec 2021 15:42:22 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 28287

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame 42E9 28 KB
10 KB 202ms
201ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?cid=8CUYW0S8R&cs=1&cv=37&hb=1&prvid=3020%2C251%2C3011%2C80%2C178%2C2025%2C182%2C203%2C2009%2C3018%2C214%2C237%2C222%2C301%2C225%2C2033%2C2027%2C175%2C2028%2C117%2C3007%2C201%2C2011%2C2030%2C255%2C261%2C2034%2C3022%2C3017%2C3010%2C246%2C108%2C273%2C3014%2C97%2C38%2C3012%2C141&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

39b1a352be61ff641814e342fc83cd242d8477a0879d2cbf0242d055506dcb5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Thu, 09 Dec 2021 15:42:22 GMT
date: Tue, 07 Dec 2021 15:42:22 GMT
content-length: 9814

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 37ms
22ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021120201&st=env

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cd2332f8092d9474578623021bdcdd9780abb0725ea6cadb084a0ebb8d6394a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Dec 2021 15:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8592
x-xss-protection: 0

POST
H2 200 v2mbvsbLuykhED0JLS6OSQy6SVX0_zvMbxUsvb-T_Qc36xyJOwME-7S-6ks0_ho5cFZ1ADFch Show response
breadbalance.com/ 216 B
252 B 50ms
17ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://breadbalance.com/v2mbvsbLuykhED0JLS6OSQy6SVX0_zvMbxUsvb-T_Qc36xyJOwME-7S-6ks0_ho5cFZ1ADFch

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

6e5c2773fa76a992d133b774d0357efe47d46d93000491f0f83c404789a1de22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 07 Dec 2021 15:42:22 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 37b68176
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Tue, 07 Dec 2021 15:42:21 GMT

POST
H2 200 v2wru-z0wb5AkPhL-yynBgk2tyoCyw4BbHhAuRTklDjvc9U1fzNUa_QRbFxOPFRoQdHWfuqfP Show response
breadbalance.com/ 215 B
617 B 31ms
17ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://breadbalance.com/v2wru-z0wb5AkPhL-yynBgk2tyoCyw4BbHhAuRTklDjvc9U1fzNUa_QRbFxOPFRoQdHWfuqfP

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

aea6815fee35f265dcdb3e8dd0ca55759e59bd48688e9a35583f4cfde5aa581a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 07 Dec 2021 15:42:22 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 37b68176
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 215
expires: Tue, 07 Dec 2021 15:42:21 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Tue, 07 Dec 2021 15:42:22 GMT

GET
H/1.1 200
OK 122dc12de0 Show response
bam-cell.nr-data.net/1/ 49 B
725 B 574ms
514ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/122dc12de0?a=17724322,86577151&v=1212.e95d35c&to=YQFSN0RZDxZUUEBaClhLZRFfFwgLUVZMHRVeFA%3D%3D&rst=4674&ck=1&ref=https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/&ap=984&be=1598&fe=4587&dc=2006&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1638891738098,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:11,%22c%22:11,%22s%22:17,%22ce%22:63,%22rq%22:63,%22rp%22:1577,%22rpe%22:1686,%22dl%22:1580,%22di%22:1873,%22ds%22:2005,%22de%22:2006,%22dc%22:4586,%22l%22:4587,%22le%22:4663%7D,%22navigation%22:%7B%7D%7D&fp=1830&fcp=1830&at=TUZRQQxDHBg%3D&jsonp=NREUM.setToken
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 07 Dec 2021 15:42:23 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6b9edd10cac2bfbb-MAN

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 228B 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 07 Dec 2021 14:28:24 GMT
expires: Wed, 07 Dec 2022 14:28:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2BB2 783 B
535 B 16ms
16ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

05b0e6248788f7d11a80f73fcb5a9c262cb84ee49116db37cb72e155ca138d05

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UAj1+rxtjBGyLsIUaJ4k3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 07 Dec 2021 15:42:22 GMT
date: Tue, 07 Dec 2021 15:42:22 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-UAj1+rxtjBGyLsIUaJ4k3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js Show response
pagead2.googlesyndication.com/bg/ Frame 228B 35 KB
13 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lpsW2_ffPYTZ8rZJjb0UUxqN4MuIngUyqdH9Px88Rrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 02:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13349
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 02:46:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2BB2 0
0 68ms
56ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2021120201&jk=747278088615860&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 log
c21lg-d.media.net/ Frame 42E9 35 B
194 B 186ms
163ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=2818933429538391000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-bs&pvgid[]=data-c&pvgid[]=data-ct
Requested by: Host: hbx.media.net
URL: https://hbx.media.net/checksync.php?cid=8CUYW0S8R&cs=1&cv=37&hb=1&prvid=3020%2C251%2C3011%2C80%2C178%2C2025%2C182%2C203%2C2009%2C3018%2C214%2C237%2C222%2C301%2C225%2C2033%2C2027%2C175%2C2028%2C117%2C3007%2C201%2C2011%2C2030%2C255%2C261%2C2034%2C3022%2C3017%2C3010%2C246%2C108%2C273%2C3014%2C97%2C38%2C3012%2C141&vsSync=1&refUrl=&gdpr=1&gdprconsent=2&gdprstring=&usp_status=0&usp_consent=1&coppa=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hbx.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:23 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Tue, 07 Dec 2021 15:42:23 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2021120201&jk=747278088615860&bg=!iIuli8_NAAaQHwIOkB87ACkAdvg8WlwS53XNs9oLG38TTMWSNaFNhYUyxtF-wREmAyt9XC72D0p6bgIAAABjUgAAAAxoAQeZArne3cv-1iqkl7Uj2tjQsYusla8UDoaulkJvfbRY1C_s6rG4jhtbw436N6BkLraIu3XeSI-c4Vvsy0Tj74bKpU49qejD0yGTLXKm2OZ8MPrnQQCQt0w_K7p2WUW-2BMie_EvKNPcCCFrXlX8H0e1gu2PjlJQI8ZvmJmPUWTAlCRhKM9VYEn8nv7OWkadyojzciXjje-N_2cBD6kILQ4tbHSEwcdVMqtS3x3u48ech5P8SasH8y0Nck1HGTvoeIGlYJwnv8iSo8pb5YcvpDKoK8e9hZvDO5vz5qo6cr3Cbull8QaZ4rgty1GIliPJeJePai1k71YOs_E1CK9J9o01WqKXFGWrmaLjMHmBXScX1JBUM1hHvS2KJbEtCi7QDEx_1OO6Jt3NmWN2GdJPIyud-AqpavTHvkQYr4teR21PuvSNVBJnf0ppoXDWAWdqN9KQyVfKoCJgQhLRPLkNx9OgCw0KfHLeWwdM9znzmW9s1d3Aoqx3-tk2ac4UH_3-QrJzf4Hq3H01lVi6M1lu4_lS4j9_jAphR8qa6duCzp-5qvTCW8-NeNFPfDvPQmXuPSTB7rNygCfh6ynIVkQ1tvzhknE3JfsfQJLklM1WfghTA7ZBiR_yMaVDQtLc0dUWeuFQCQEktC8pWYY1-FY0C3Wj8iSSaknc8690WH3r8G-NNjthaEBAcjYS2cX7ps73kNcAulPntpTUYmXbyfmEz4zkWQE2w_A0p4jYagDgAbNJRgvtrn74JsEvlClUozo10vEGBWUo4Q6ceUuccXi_Ug5yaRxpyrNxO4a4CXjsHLdq1vS5zNzCPeeBm75ywp3jeHe-_f9OyrzzhnGyQpOIK5RIIXvQxcDJ5J19O2oFw1kyC_DTrX08v58EZ0UYd1CK2Mz872Gcp3i0Y86D1LRdzzoMrzLlXQvA871K0OaR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 191F 38 KB
14 KB 21ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.westernjournal.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=116451
expires: Thu, 09 Dec 2021 00:03:14 GMT
date: Tue, 07 Dec 2021 15:42:23 GMT
vary: Accept-Encoding

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 191F 2 KB
3 KB 59ms
19ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71226890&p=158410&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 3c8ecc5cd61124660a2cee52e553f0066607cc8aeb39b15947e794467e2f48f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:23 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 bq-streamer Show response
liftable-bq-streamer.appspot.com/ 0
272 B 205ms
167ms XHR
text/html 2a00:1450:4001:808::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://liftable-bq-streamer.appspot.com/bq-streamer
Requested by: Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 07 Dec 2021 15:42:23 GMT
server: Google Frontend
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: a44b61bb7e70f1d931c550cf76be1ef5
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 610F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=65675554-F1CC-4DBB-BFBA-4D9495955AF6
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=65675554-F1CC-4DBB-BFBA-4D9495955AF6

35 B
476 B

27ms
27ms

Document
image/gif

37.157.2.238
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=65675554-F1CC-4DBB-BFBA-4D9495955AF6

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 07 Dec 2021 15:42:23 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 07 Dec 2021 15:42:23 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=65675554-F1CC-4DBB-BFBA-4D9495955AF6
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C23F
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5725784548338525498

42 B
310 B

19ms
19ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5725784548338525498
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 07 Dec 2021 15:42:23 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug017:0:600
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5725784548338525498
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame CBB6 43 B
334 B 53ms
16ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 07 Dec 2021 15:42:22 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Tue, 07 Dec 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 537630

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 191F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZWdVVPHMTbu_uk2UlZVa9g%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

20ms
19ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:23 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=52320
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Wed, 08 Dec 2021 06:14:23 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 191F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=51ba61af-80de-4600-baa5-cb12bb2c8ab9

0
260 B

73ms
14ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=51ba61af-80de-4600-baa5-cb12bb2c8ab9
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 07 Dec 2021 15:42:23 GMT
Server: MT3 4133 baa842e master zrh-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=51ba61af-80de-4600-baa5-cb12bb2c8ab9
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 07 Dec 2021 15:42:22 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 191F
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=65675554-F1CC-4DBB-BFBA-4D9495955AF6
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=29c033e6dcec71bfcffa7939c1d2b0a1
https://spl.zeotap.com/?zdid=1332&zcluid=1f94a85b42b0dd12
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a0a2af38-bf2c-43f4-61f0-4e5f481cc78e&reqId=b547de55-8c39-4b4e-5412-8d582ffe30ce&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEMCP23kuTuKnstRm_tBfwlA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a0a2af38-bf2c-43f4-61f0-4e5f481cc78e&reqId=b547de55-8c39-4b4e-5412-8d5...

95 B
187 B

1099ms
1088ms

Image
image/png

2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEMCP23kuTuKnstRm_tBfwlA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a0a2af38-bf2c-43f4-61f0-4e5f481cc78e&reqId=b547de55-8c39-4b4e-5412-8d582ffe30ce&zcluid=1f94a85b42b0dd12&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6b9edd16cfa71f55-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEMCP23kuTuKnstRm_tBfwlA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=a0a2af38-bf2c-43f4-61f0-4e5f481cc78e&reqId=b547de55-8c39-4b4e-5412-8d582ffe30ce&zcluid=1f94a85b42b0dd12&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 191F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjU2NzU1NTQtRjFDQy00REJCLUJGQkEtNEQ5NDk1OTU1QUY2&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
210 B

21ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:23 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug002:0:428
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 191F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDnitX5EnKK4S56yFl5hVVk&google_cver=1

42 B
382 B

21ms
20ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDnitX5EnKK4S56yFl5hVVk&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:23 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:600
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEDnitX5EnKK4S56yFl5hVVk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 191F 43 B
614 B 88ms
37ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 06 Dec 2021 15:42:23 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 191F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1c7a61af-80de-4b00-8988-b110c601e04c&gdpr=0&gdpr_consent=

42 B
647 B

62ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1c7a61af-80de-4b00-8988-b110c601e04c&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:23 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug012:0:425
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 07 Dec 2021 15:42:23 GMT
Server: MT3 4133 baa842e master zrh-pixel-x10 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:1c7a61af-80de-4b00-8988-b110c601e04c&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 07 Dec 2021 15:42:22 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 191F
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e206d271-5a82-4760-9a63-9ef27485071a

42 B
293 B

81ms
21ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e206d271-5a82-4760-9a63-9ef27485071a
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:23 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug001:0:2263
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e206d271-5a82-4760-9a63-9ef27485071a
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 191F
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=355728561869301299

42 B
232 B

19ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=355728561869301299
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:23 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:417
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:23 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=355728561869301299
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 191F
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8524837318172741685&gdpr=0&gdpr_consent=

42 B
310 B

73ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8524837318172741685&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:23 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug024:0:504
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 07 Dec 2021 15:42:23 GMT
X-Proxy-Origin: 185.232.23.183; 185.232.23.183; 867.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 46990085-bf42-4a13-a626-8b31dacd9a25
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8524837318172741685&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 191F
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=o5FTM62QVja4wVRg8JkfZqDBUWO4lwM28cGqcHUu

42 B
623 B

76ms
30ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=o5FTM62QVja4wVRg8JkfZqDBUWO4lwM28cGqcHUu
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:23 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:428
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 07 Dec 2021 15:42:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=o5FTM62QVja4wVRg8JkfZqDBUWO4lwM28cGqcHUu
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 v2rsmtPIA4ZtLuhT0e-LMrlIuCk0FrSKmcfLOM9_ozT9CTxPUsSulFpSQhLo2Y9zpcksoQjhRwg
breadbalance.com/ 2 B
327 B 16ms
15ms Ping
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://breadbalance.com/v2rsmtPIA4ZtLuhT0e-LMrlIuCk0FrSKmcfLOM9_ozT9CTxPUsSulFpSQhLo2Y9zpcksoQjhRwg

Requested by

Host: breadbalance.com
URL: https://breadbalance.com/v2svcgWLBZ2ruI6dzDUzhrYwbYtJiXHMggLSV3Aqxa-FIj0aMUvXE4hk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 07 Dec 2021 15:42:23 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 37b68176
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 2
expires: Tue, 07 Dec 2021 15:42:22 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 191F 0
128 B 21ms
14ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158410&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 15:42:24 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H2 200 v2pec2i3W0hAFEPgeD6rqosMEzfJs21DzzVZwga5bh0OjKf4MLEkpXnq_lfmz-FRMHdg9jRioIBRuJ-WFWA Show response
partplanes.com/ 256 B
659 B 50ms
22ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partplanes.com/v2pec2i3W0hAFEPgeD6rqosMEzfJs21DzzVZwga5bh0OjKf4MLEkpXnq_lfmz-FRMHdg9jRioIBRuJ-WFWA

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

02028014abde2baeda748d88b09ce10cd14f071979a095b1617e22205cdd3560

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Tue, 07 Dec 2021 15:42:25 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.westernjournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 37b68176
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 256
expires: Tue, 07 Dec 2021 15:42:24 GMT

POST
H2 200 v2ubvnTWYQLNmYK3fHIlx9ELtAT6v-_wpoYhykml-TA27qjbSQHGwsTPvywEVGWuaLX3Zy--zbeV7bmToQQ Show response
partplanes.com/ 5 KB
1 KB 550ms
550ms Fetch
application/json 35.201.96.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partplanes.com/v2ubvnTWYQLNmYK3fHIlx9ELtAT6v-_wpoYhykml-TA27qjbSQHGwsTPvywEVGWuaLX3Zy--zbeV7bmToQQ

Requested by

Host: www.westernjournal.com
URL: https://www.westernjournal.com/jp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.96.133 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

133.96.201.35.bc.googleusercontent.com

Software

Resource Hash

31f73876c6bbe4a51e81132585e1ef043d1a872397b3bbb5ec014e5578be2a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.westernjournal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
date: Tue, 07 Dec 2021 15:42:26 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.westernjournal.com
access-control-allow-credentials: true
x-hostname: 37b68176
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 1259

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pa.rxthdr.com
URL: https://pa.rxthdr.com/v3/c?publisherId=556182c7-ac68-4d56-8c66-4b4336e28e5e&host=www.westernjournal.com

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.westernjournal.com/	1970-01-19 23:17:44	Name: ADRIZER_SOURCE Value: {%22value%22:%22%22%2C%22expires%22:%222021-12-09T15:42:19.876Z%22}
www.westernjournal.com/	1970-01-19 23:17:44	Name: ADRIZER_WIDGET Value: {%22value%22:%22%22%2C%22expires%22:%222021-12-09T15:42:19.876Z%22}
www.westernjournal.com/	1970-01-19 23:58:03	Name: _pbjs_userid_consent_data Value: 3524755945110770
.westernjournal.com/	1970-01-20 03:34:03	Name: _pubcid Value: a3ca3045-ae9b-46eb-b9f9-5da8f7ec06ee
.lijit.com/	1970-01-20 08:00:27	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
.westernjournal.com/	1970-01-19 23:14:53	Name: __asc Value: 2bbd110f17d958f5b6f3f0485a2
.westernjournal.com/	1970-01-20 08:01:54	Name: __auc Value: 2bbd110f17d958f5b6f3f0485a2
.westernjournal.com/	1970-01-20 16:46:03	Name: _ga Value: GA1.2.1120668282.1638891740
.westernjournal.com/	1970-01-19 23:16:18	Name: _gid Value: GA1.2.1099544537.1638891740
www.westernjournal.com/	1970-01-19 23:14:53	Name: ffpvi Value: 2
www.westernjournal.com/	1970-01-19 23:14:53	Name: InstiSession Value: eyJpZCI6ImM5NDdjYjg2LWYyOGUtNGZlNC1iMzMxLTZjNzUyNzU2Y2E1YSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
.westernjournal.com/	1970-01-19 23:14:51	Name: _dc_gtm_UA-54260989-7 Value: 1
www.westernjournal.com/	1969-12-31 23:59:59	Name: mnet_session_depth Value: 1%7C1638891740341
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: bcdb7e8c1e29e3a8
www.westernjournal.com/	1970-01-19 23:16:18	Name: plsVisitorGeo Value: DE
www.westernjournal.com/	1970-01-19 23:16:18	Name: plsVisitorCity Value: Hessen
www.westernjournal.com/	1970-01-19 23:16:18	Name: _lr_geo_location Value: DE
.westernjournal.com/	1970-01-20 01:24:27	Name: _fbp Value: fb.1.1638891740716.781651181
.quantserve.com/	1970-01-20 08:45:06	Name: mc Value: 61af80dc-af5e9-35ac6-71cda
.facebook.com/	1970-01-20 01:24:27	Name: fr Value: 08JhUHVGNKG9q1X95..Bhr4Dc...1.0.Bhr4Dc.
.westernjournal.com/	1970-01-20 08:39:20	Name: __qca Value: P0-2140436091-1638891740677
www.westernjournal.com/	1970-01-20 08:36:27	Name: cto_bidid Value: n5C8Ll9heUt5RVE2bHIzQWtRenJXOHdWM3ZkTXdvdkxseldDR241SUJQVEZETEp6JTJCd2FsZWxDQVhFJTJGZWpuYkFQbW8lMkZZaFVxNGIzbm1najBYQURwUG8zejJHdyUzRCUzRA
www.westernjournal.com/	1970-01-20 08:36:27	Name: cto_bundle Value: QKQA3l8lMkJLMEhHMHBlJTJCbDVubk9BYiUyRmhnbGYxV09qOUJPUiUyRlI2SjNkT0MxaU5NdHVHa3pPTUclMkZsQVlBV0cwaFlvVVZLd280MFEzYkJMam4yMFZSJTJCZiUyRkhOMGJSVUFna2REMTAlMkI1SWglMkJkSTZGeEUzOHQza0gzTnRvM05WbFJTWWFra1VqZQ
www.westernjournal.com/	1970-01-19 23:15:21	Name: _yeti_currency_new_3 Value: {"dataAsOf":"2021-12-03T00:00:00.000Z","generatedAt":"2021-12-06T15:00:47.027Z","conversions":{"USD":{"USD":1,"JPY":113.33805685944557,"BGN":1.732176069435834,"CZK":22.509078026746966,"DKK":6.585953414223718,"GBP":0.7532370914887964,"HUF":322.256664600124,"PLN":4.067221680984855,"RON":4.383402710123107,"SEK":9.138694535470728,"CHF":0.9199362323974847,"ISK":130.0150562394828,"NOK":9.111239039943317,"HRK":6.666637144628465,"RUB":73.52980249756443,"TRY":13.827916039323354,"AUD":1.4169692675582324,"BRL":5.640510140820122,"CAD":1.2816402444424764,"CNY":6.37100345407847,"HKD":7.794349481888229,"IDR":14425.808165795766,"ILS":3.1578248162253124,"INR":75.14436276680541,"KRW":1181.5073952705695,"MXN":21.24178549287043,"MYR":4.230980426888672,"NZD":1.473208750332123,"PHP":50.525197059605,"SGD":1.3697635284740057,"THB":33.88008148082543,"ZAR":15.898414666548579,"EUR":0.885661146045523},"GBP":{"USD":1.3276032358197722,"JPY":150.46797102812528,"BGN":2.299642554792588,"CZK":29.883124823629007,"DKK":8.743533063681687,"GBP":1,"HUF":427.82899068761174,"PLN":5.399656664471827,"RON":5.819419621860597,"SEK":12.13256043645941,"CHF":1.2213103188787509,"ISK":172.60840936882704,"NOK":12.096110431756184,"HRK":8.850649045245039,"RUB":97.61840372495531,"TRY":18.357986078449816,"AUD":1.881172984667482,"BRL":7.488359514627033,"CAD":1.7015097356786757,"CNY":8.458164801053522,"HKD":10.34780359326498,"IDR":19151.749600225754,"ILS":4.1923384441727025,"INR":99.7618991628257,"KRW":1568.5730411061988,"MXN":28.20066315492428,"MYR":5.617063305427523,"NZD":1.9558367039789295,"PHP":67.07741510676324,"SGD":1.818502492709999,"THB":44.97930580378139,"ZAR":21.10678675571442,"EUR":1.1758066033298842}}}
.scorecardresearch.com/	1970-01-20 16:31:39	Name: UID Value: 1MCWTLDWSYZLCKFBQMLOXIg1638891741
.westernjournal.com/	1970-01-20 08:36:27	Name: __gads Value: ID=0462881bc1597a28-229d26c145cc0042:T=1638891740:S=ALNI_MY0iJNUNeejOj7CgcFKRoOKMB1pKQ
.doubleclick.net/	1970-01-20 08:36:27	Name: IDE Value: AHWqTUn3mg5WPx3XME8spnLsm-WRZ_BHGbsh5yYE4qd7_ApbF-vLWHLt3Aorj5oOdq0
.doubleclick.net/	1970-01-19 23:14:55	Name: DSID Value: NO_DATA
.adsrvr.org/	1970-01-20 08:00:27	Name: TDID Value: e206d271-5a82-4760-9a63-9ef27485071a
www.westernjournal.com/	1970-01-19 23:14:55	Name: _lr_retry_request Value: true
www.westernjournal.com/	1970-01-19 23:58:03	Name: _lr_env_src_ats Value: false
www.westernjournal.com/	1970-01-20 00:41:15	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%22e206d271-5a82-4760-9a63-9ef27485071a%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-11-07T15%3A42%3A22%22%7D
.westernjournal.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1638978142672
.media.net/	1970-01-20 08:00:27	Name: visitor-id Value: 2818933429538391000V10
.pubmatic.com/	1970-01-20 01:24:27	Name: KADUSERCOOKIE Value: 65675554-F1CC-4DBB-BFBA-4D9495955AF6
.pubmatic.com/	1970-01-20 01:24:27	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-19 23:16:18	Name: pi Value: 158410:2
.pubmatic.com/	1970-01-20 01:24:27	Name: DPSync3 Value: 1638921600%3A174%7C1640044800%3A197_219_201
.pubmatic.com/	1970-01-20 01:24:27	Name: SyncRTB3 Value: 1640131200%3A35%7C1640044800%3A220_21_13_161_54_56_3_7_8
.adnxs.com/	1970-01-20 01:24:27	Name: uuid2 Value: 8524837318172741685
.quantserve.com/	1970-01-20 01:24:27	Name: d Value: EJcBCwHzJPijAA
.adsrvr.org/	1970-01-20 08:00:27	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiSmJycxuicOhAFGAEgASgCMgsIkpCfydzonDoQBTgBWghwdWJtYXRpY2AC
.mathtag.com/	1970-01-20 08:40:46	Name: uuid Value: 51ba61af-80de-4600-baa5-cb12bb2c8ab9
.adform.net/	1970-01-19 23:59:30	Name: C Value: 1
.simpli.fi/	1970-01-20 08:01:54	Name: suid Value: 4160F04A11544283AF165C9018A59A02
.pubmatic.com/	1970-01-19 23:58:03	Name: KRTBCOOKIE_153 Value: 1923-o5FTM62QVja4wVRg8JkfZqDBUWO4lwM28cGqcHUu&KRTB&19420-o5FTM62QVja4wVRg8JkfZqDBUWO4lwM28cGqcHUu&KRTB&22979-o5FTM62QVja4wVRg8JkfZqDBUWO4lwM28cGqcHUu
.pubmatic.com/	1970-01-19 23:58:03	Name: PugT Value: 1638891743
.pubmatic.com/	1970-01-20 01:24:27	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 23:58:03	Name: KRTBCOOKIE_57 Value: 22776-8524837318172741685
.adform.net/	1970-01-20 00:41:15	Name: uid Value: 355728561869301299
.de17a.com/	1970-01-20 07:53:15	Name: guid2 Value: 1.5725784548338525498
.pubmatic.com/	1970-01-19 23:58:03	Name: KRTBCOOKIE_27 Value: 16735-uid:1c7a61af-80de-4b00-8988-b110c601e04c&KRTB&16736-uid:1c7a61af-80de-4b00-8988-b110c601e04c&KRTB&23019-uid:1c7a61af-80de-4b00-8988-b110c601e04c&KRTB&23114-uid:1c7a61af-80de-4b00-8988-b110c601e04c
.pubmatic.com/	1970-01-19 23:58:03	Name: KRTBCOOKIE_391 Value: 22924-355728561869301299&KRTB&23263-355728561869301299
.pubmatic.com/	1970-01-19 23:58:03	Name: KRTBCOOKIE_80 Value: 22987-CAESEDnitX5EnKK4S56yFl5hVVk&KRTB&16514-CAESEDnitX5EnKK4S56yFl5hVVk&KRTB&23025-CAESEDnitX5EnKK4S56yFl5hVVk
.pubmatic.com/	1970-01-19 23:58:03	Name: KRTBCOOKIE_377 Value: 6810-e206d271-5a82-4760-9a63-9ef27485071a&KRTB&22918-e206d271-5a82-4760-9a63-9ef27485071a&KRTB&23031-e206d271-5a82-4760-9a63-9ef27485071a
.pubmatic.com/	1970-01-19 23:58:03	Name: KRTBCOOKIE_336 Value: 5844-5725784548338525498
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 5297b29c6f2b1d15
.onaudience.com/	1970-01-20 08:00:27	Name: cookie Value: 1f94a85b42b0dd12
.onaudience.com/	1970-01-19 23:16:18	Name: done_redirects104 Value: 1
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.onaudience.com/	1970-01-19 23:16:18	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 08:00:27	Name: zc Value: a0a2af38-bf2c-43f4-61f0-4e5f481cc78e
.zeotap.com/	1970-01-19 23:16:18	Name: zsc Value: %9E%A6%AD%0E%88F%94%B1%CA%D5%9FK%85%D4%EFp%DCe%0E%B3%00Sx%D1Oj%B5P%EC%81X%94p%23%B3A%C7f%E1%5Bm%A8%CA%9Ewb%C2%C6%92%D7%F7%CF%1B%DD%5B%0Cu%1CB%7D1J%F8%84%E4%DB%F6%2F%81%40%19%A6B%2Ac%16%D3m%C5%BD%3B%AB%0D
.pubmatic.com/	1970-01-19 23:58:03	Name: SPugT Value: 1638891744
.westernjournal.com/	1970-01-21 01:31:39	Name: _awl Value: 2.1638891745.0.4-89461552-2fe7e1e3be8e4554a37f29715f59b0e8-6763652d6575726f70652d7765737431-61af80e1-0
.westernjournal.com/	1970-01-21 01:31:39	Name: _admrla Value: 2.0-2fe7e1e3-be8e-4554-a37f-29715f59b0e8

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s3-us-west-2.amazonaws.com/files.getemails.com/account/K97HRE0/source/getemails.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982(Line 20) Message: A preload for 'https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1258 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	warning	URL: https://soapps.net/live/community/api/page?pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fjp-morgan-official-says-esptein-kept-maxwell-flush-vast-fortune-others-dream%2F&pageTitle=JP%20Morgan%20Official%20Says%20Esptein%20Kept%20Maxwell%20Flush%20with%20a%20Vast%20Fortune%20Others%20Could%20Only%20Dream%20Of&integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&noAccelerate=true&sessionUUID=e8aa844d-759e-4aba-9a23-0df83e765c4c&frameUuid=4d2f915b-8a98-45f3-b39c-62ec1b0df982 Message: The resource https://fonts.googleapis.com/css2?family=Work+Sans:wght@400;500;600;700&display=block was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2100889e6b6950c421d63f4eb128c352.safeframe.googlesyndication.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
assets.revcontent.com
ats.rlcdn.com
auth.instiengage.com
b2c.insticator.com
b2cdn.automatad.com
bam-cell.nr-data.net
bh.contextweb.com
breadbalance.com
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.revcontent.com
cdneast2-xch.media.net
cdnjs.cloudflare.com
certify.alexametrics.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
d3l320urli0p1u.cloudfront.net.
d3lcz8vpax4lo2.cloudfront.net
d5p.de17a.com
df80k0z3fi8zg.cloudfront.net
dh014lg6uwepv.cloudfront.net
dis.criteo.com
eua.instiengage.com
event.insticator.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
go.automatad.com
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
hbx.media.net
i.clean.gg
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.revcontent.com
img.revcontent.com
js-agent.newrelic.com
liftable-bq-streamer.appspot.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
onetag-geo.s-onetag.com
pa.rxthdr.com
pagead2.googlesyndication.com
partplanes.com
pixel.onaudience.com
pixel.quantserve.com
prebid.media.net
product.instiengage.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rules.quantcount.com
run.crtx.info
s3-us-west-2.amazonaws.com
s3.amazonaws.com
sb.scorecardresearch.com
script.4dex.io
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
soapps.net
spl.zeotap.com
static.adsafeprotected.com
static.instiengage.com
static.westernjournal.com
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
tpc.googlesyndication.com
trends.revcontent.com
um.simpli.fi
users.api.jeeng.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.westernjournal.com
pa.rxthdr.com
104.111.219.144
13.251.191.176
13.32.99.122
13.32.99.34
142.250.186.34
151.101.194.137
151.101.65.194
151.139.128.11
159.122.14.34
162.247.243.147
178.250.0.157
178.250.0.163
18.66.109.174
18.66.112.53
18.66.112.71
18.66.112.89
185.29.132.245
185.64.189.112
185.64.190.78
185.64.190.80
198.47.127.20
2.18.233.180
2.18.235.93
213.155.156.184
216.58.212.130
23.20.58.18
23.62.140.165
2600:9000:223d:200:9:78a:e540:93a1
2600:9000:223e:a200:14:248f:8500:93a1
2600:9000:223e:b400:6:44e3:f8c0:93a1
2600:9000:223f:1200:8:48e:53c0:93a1
2600:9000:223f:1600:1c:386f:ec80:21
2600:9000:2240:4c00:1a:5302:20c0:21
2600:9000:2251:6000:10:3422:3f00:21
2600:9000:225e:be00:17:5bae:c7c0:93a1
2600:9000:225e:c000:d:99dd:3480:21
2606:4700:10::6816:1957
2606:4700:10::6816:274b
2606:4700:10::6816:38ae
2606:4700:20::681a:9a9
2606:4700::6810:135e
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2003
2a00:1450:4001:801::2008
2a00:1450:4001:802::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::2014
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9a
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.136.15.54
3.82.254.41
34.107.148.139
34.120.133.55
34.239.232.96
34.247.9.63
34.95.69.49
35.201.96.133
35.71.131.137
37.157.2.238
37.252.173.215
46.105.202.126
51.195.5.40
51.222.80.231
52.202.233.191
52.208.103.128
52.218.192.48
52.222.214.95
52.222.236.68
52.30.14.23
54.230.69.41
54.231.133.120
72.251.249.14
74.214.196.131
89.187.169.47
0105def0e6568dc77a073c18c4bcee05ea12c744d451b1ec3756b9dc2d94b2c3
017100a1d28f9dd94f54e7d812803134c0a36f6b05c8ff71e02cfd2d1ce1d5a3
02028014abde2baeda748d88b09ce10cd14f071979a095b1617e22205cdd3560
029ffff4f5d1efaeb0010bccf45aca803442a1eb2cb848abca13383cb068557d
05b0e6248788f7d11a80f73fcb5a9c262cb84ee49116db37cb72e155ca138d05
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0766f30ae59f6c8aefbe07d4cad1ae7f65c2cbc0ae00cdc0cfc4cca71bdb5814
078df1ec1b9a36ec364047b85868d7a389e5c8b14cad4a9a71024a727313f946
086f1f7808a35cf3a030064e6d02f34e9ee55ebabdbe7823acddea0e7b23cd71
09a6f437d48bacd234ab91b951258e5ded6eca367b12983e163d0ebce46ef2d0
0b0b0b673e9dd54874d4a47f1348fdcc93a172fddf681e78dd44bfd86e4f8d79
0d3f3ec79819a57bd2a4f95fda2cd0dde2cd505eb76885af0ddfd8b9a521eef0
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13f7a0a2e608a1bba799dac829a71aa2be5a7a49ee45b7d3f5e9c8ca65ea99d7
16d6d7ba4006096fb536c7321f156e466e93bad8397ead0a325368974436037f
176f781da7f07eb7de63817a8bd5e63f1cbe3abacb597e5565e502f93ba8cf68
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1bfb186a3db0ab5d21167fb3afa96f81b3de41385499c0dd3fa6b1aa6a056047
1e3124c9fc374a00db94528aabad5b2c5d5e79ec7ff909b9d50734faade2dd4f
1e91c52adb82442b6457885a1c91e31db0bbed3d80e475c764657f4670546b01
1f3a24ac0528ed6516588e779fb900c2400e73a5caa82a81b2a0e2dd237e09f3
21f6baf6f437f5ae0d94897041095becbd1c836b75f5111bd2c2c620f8a4d6b7
287bd74d1bcf640aedc9296c12cf4b98225078b772e551326c108ff54ee8f4c8
2ad650055e6733a52fb920ccc7574e6d4268a69b58bd46d15969b2e3965384d0
2caed79550c84018f7884125fd3e77e1ee5d2391383365be65f3bd7e2b0f4763
2d22e679dae25289d250f190cdc9a720f46f09ca9181040e56e3359f0a7d1cb7
2e100922fa8baefc0494288d14f370efc3e4af795723bcd146dce4c36001122c
31f73876c6bbe4a51e81132585e1ef043d1a872397b3bbb5ec014e5578be2a3a
34f26494f7d320a8462578286b02199c509d3134f8ccee05f13f979675160daa
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3826f3a535b9885dd088ad7e1885b4e117cb18ccb05ac2f94aef6cb61a71c8bc
3912fff770f1dc1a44bbe0a9ac2ec1acc98c75e6b996058fa6b991a6d5915307
39b1a352be61ff641814e342fc83cd242d8477a0879d2cbf0242d055506dcb5b
3b87bc3352de2fc3b4cc0cb79b83c3d018aec1d15946b86439a8300f28dae1aa
3c8ecc5cd61124660a2cee52e553f0066607cc8aeb39b15947e794467e2f48f2
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3e03b850c4b722c8ceb2e8ba48de53427de7b7ea3ff638ba7e42c11eba7a4cb6
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3febc142f194fc5b883375e40c4da2ffb22e5880622057210f1f82334aab0b0d
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
4393b17628fe022ce8c6d21b408b064f8a33388a7450914c0e6e3bdaa682ffe6
43a060f1c0949125cf64646f359ba7f4a09a53285b037d72b35606a47537a29b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445c395809e2e00980ad2333e58366040c979c6290e1f6285e87dbb23752d4af
4479fe9eb2cf0479456568bead92142d717b2ddb72b541b8b0ddd93ecf8d7409
44b02c22ab6e48cd23929e7b5eba3a06be6b9bc11bbdb308716a9a1088889e72
4657ae700944a09d6efa2a1afb9aef7c6413fccad0c4eab3285654a46e8fd786
46681005eabfde44baa00c4220a935bf7c1b1b04a7e2a9f228c1dccf51868891
46dd7fae8b743a91a7b4577ad39c460f0b5397ce93075409f7b61303787c846d
47e41babdfcfb9ab440deece5c9fcf6ef72b37b0ab14322599b0f39bbd2aa6eb
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4acbb0e8dcccf0908723ce9e5e7390f621c150bbf568f523e2e95336f081a4b5
4c34a53d15bea53107b468badad51aca131cd46dbff0b6edb0c1ce93a8e6755b
4c4b897eabbcf94cc5f85124ad0f1715051c0a0746490dd4af4d5531238ec213
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53f40153ce96daae594e7a554e3f335b042f970385e7b6749aabb25e221bf69b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578da29b095aa5645641c310fa3263a6f540af8a7629e5a82747a89677c98d18
589a896c79d3ebe50e1c1ec457f5347b995c7da6403027a2bdf101a7b3f1d6af
5a3e87cfa469cfa12a0208d51b5160faa3682b478018a129ae7e08df3dcb0917
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
631e81faab0833f9d7f2a29efd36dbf8d105f78490c4a16c8b350d3f1003a1fc
6386ea013071217755d9a338da272ee8412ee5f89bc901fbb84d5ce774250b67
640cfa03a0edf6a9ccc1794366dc2a16dcdb308bd4b2dcbb60ff5e60e795d7ac
64f535fd8ce4cd1140cd9dce248a102f3f948d8d3d1c11574bd24c09f667efd4
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
66e77025c7c0fc22a058b437787f94da35c8f4aa7088fdca18278adda16c4fc7
68c29ebc999c08f7e5b4074dbecfbd499274c360d4daef894dee7a5369b45fde
6908daa90a04447250334d6fed11840cc883fa169d81f516d7c0aa154abb688e
6e5c2773fa76a992d133b774d0357efe47d46d93000491f0f83c404789a1de22
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76ab297a1fc6a9073d19013d0b1c26b5798430fb1af2f0e13404e559b8355798
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a9d7699befc2fb1c4d4a9ebd5d5628c51993abe8d7b8ee7ddefed7fd59167eb
7cd2332f8092d9474578623021bdcdd9780abb0725ea6cadb084a0ebb8d6394a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80da370ad41bee2716b42d1583e139eac39f5c7c243c5fe6439b9754013116c6
8108452f8ad6ff53517b76d9974037423825272aaea25a2c76b02d418638924e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83af3eed9bc9713193f2ad86f6214e2554ec29f8022e054dcf696a10d59ff9d2
846339e8fd4f5615b523b1b65423fa2cee96e43d63398c9e2470b4160129723e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8745f08ab7e1f2986c6a6c6fe710f5f3289f05d8ea6f5a935630de85fae14db4
8836c1892f7d9d09fb46bb0386139a8aea4083ca412abadc6491916f5ced7079
8859814de7eb893b5db149ca8bd553637aaa5cb234c7278dfd35002b128c6c76
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a7c47a8583e0d6644626c1d8f4006fbeaf934262c5ac382f0fae06ece095e7c
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8bfdf79d9dcc07585ff31f266d0725a9108122726ce789c7997d2d301a3257df
8c8baffcbc46c84d4e2207819e099ee5883706283f9c3f64cc5302929d77bfd1
8ceb50d8f86029f76e351eeee3967a64af4431a1138bccab062abe9e143c6829
8d4c2486d1b1e476ca4f27c7736c35254fafc7ee3a586856766f07fa54bb1a4e
8eb55a5a836670be78c05907572caf0901b0f7f627f4af90e3949eec45a0cd76
8f88a6c20b3afdf7c1f2e3451b00d506fa1f5a4811e72b065ac0698aef437c08
92627a43304f987a16af999049bd9859ff6f7e165d7d764811958c9c4aa97a71
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5
969b16dbf7df3d84d9f2b6498dbd14531a8de0cb889e0532a9d1fd3f1f3c46b7
96a614e0013ea591290a0829fe5058240ec64326d833bb34366a83ab5c395cd7
9795fa71b6b77a5d54371820d8c6bb9af3eb4a771f6c3226d542914478d95b2d
984bca55409990098cf74adc47ed650c3d22c68900739950bd14c04c9d45f8f7
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
99b789102b36d6e8cc86cd4a7fc5464bf80b7912ca39ab9a6faee9d2fdd8e2ee
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9ab5e23e0bb7ad0cbeeb3f16953fb6390030a1fd143262be840ffbc2b5063dc6
9ad498922283d143b7abade92e57ea7f0aea2bd35655220dc50a675f463a3c04
9b46f3f18993f8f6b281c13fc1ecdaff22c1e429ebccb35a0133dde6aef9b316
9c10f8fc0dfdd02668d6451e01612721436444d1983df9bd60c57be171220d39
9dd82459816e9c47e9b0d51f7725d245fd679c73739a91a951b38c1660289177
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e162db4a534b9105fce517625fa11cc1d9e77e55a0d587087fc6c5ec036776
a95dc6751dcc844dab1e0387b3d147961ef5c746e9e1a1d6f5bcfaf740547cce
aaba3136d2672accfc40ee820a19c23749273ab60886eb733f918ef2935a461d
ad63010f509043490052b2c949f6425fd5d27ab3178903d47555dad8f14ddce5
aea6815fee35f265dcdb3e8dd0ca55759e59bd48688e9a35583f4cfde5aa581a
afd009d29b0cbcdd0a27f48454ea1e972b2e3d93dc2e260146e882521bf58071
b00d20815da2ed22c6e3a4b6e620c61dd7d021ea1e4b7ab4f1c8aa1eb0b45894
b172a835742a6505e994ff7794d27687181186ae8e2cda21d07236a96886abce
b19532ad13b810fec9c9bcb25f4f1789db850ca1da95f851e8e5c50ea5ed313c
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
ba285a6c4b8006b2d95e1ebd8e05f1b53030179ef2ec02fdf349a4caff7d8938
c27683cf096fc5b4c7d33a26a3724dbf1ab465be4bb7eedded81665a4c05f633
c44a339ae013a985712663b9de8319291d02c030531c08395982fdf15190ec87
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
cbad153d8efbdf5dc8f077403de84e0cfa991709716eb4ed70404d68bef404d7
cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb
cdb56cd205a7785685c3b899966ad998ebe86c3946e0ee44e5245011289b2192
cdc17e75b80da3e1a643e987fc283402a3f86d3e34314ba8fae65a8ff0c1ad64
ce0d8180e796390eaba89c213059ee270e6bc67fdc219cf1ff67953b0723649a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
cf59528efd9510b6fec909d14775ce981dd277be163eb1c2ec7784235ff57b7d
cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d312f39cbae5dd049cf3358304ea3ddf4fa6bb7cc1714041e406f0968e5e42e5
d426ab958f0e338cf2136cc2b2b653e040eea8004e0c946302417e7c0cba8c1a
d50c7fc5d3c47199829b52e3ce509b94ae3adac033b83a7dc1973a50f985b33b
d89ddf30ec7c8687516d93e8cdcdd2b892d47e6fd7cd166cdb839283203edf5f
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
dea36661bcd2e84495bb6ab5c2b679cde1267f5fd6e9e4f44908b3acb8816ec6
e1c0230c24ee764b096fcb91b2590197cde77d791d7319af83be20e16502c9af
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6
e2f7de40cc10c694d2555d8d75b5007f2d9396336983016172594d23aad7855e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e409cb8e21d6e19f300b77b13808478b9378ac52c52f69a71ec12fca0c6d4579
e70881cdf7d08c9cefa0e4008a2ab1c5f61ba9a7400e93f13bea6c95ac91c03b
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea0524eba5a389e45372aa903af8dc34d7a8f45081c422ca539b87f9e0c2d414
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd37808662afd01c4de0bd00e301a63a4d132a0a80dc775149ef18682548cb0
f1021bdb5ffeb515a31254dbaa37a53a9eb7da7500db00f6e54c9bf7a8ad7325
f24a6a7d78e4a99caf119573507d8ccd650d0919ad9c647441b86d10dc1c8f85
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f8931fb54a893eb8399cb625262171e4dee6a7c74f8fb7e7db94fffb015872e7
f969e4dbf49402d7d3bcf499495287df7708679505e65a3101350d86c8c9d5b9
fb7e70becd9b9f29c4afe8b2b82eef24739e120c0abafc812e24c8362657f37d
fcf47517c3b2b996f0a78e5d794c30770fc45d1240a17f428177512cdab58376
febbe769b4b00ffa54b0380c98438b3344bedb083848009a1b6f87873a3d7066
ff034de1c43fe6d55add5744b3b48832ad0c54ea78b3a41e12215acde3b190f2
ff5c029058813b1678698d6ff6f9c46b3f1cd0ddec9a5c8ddf7530108fa3878a

www.westernjournal.com Open in urlscan Pro 2606:4700:10::6816:274b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

246 Requests

93 %HTTPS

40 %IPv6

59 Domains

100 Subdomains

81 IPs

11 Countries

4460 kBTransfer

11798 kBSize

66 Cookies

32 Outgoing links

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.westernjournal.com Open in urlscan Pro
2606:4700:10::6816:274b Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

93 %
HTTPS

40 %
IPv6

59
Domains

100
Subdomains

81
IPs

11
Countries

4460 kB
Transfer

11798 kB
Size

66
Cookies

246 HTTP transactions
2 data transactions