www.politico.eu Open in urlscan Pro
2606:4700:20::ac43:46c0  Public Scan

21 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1629293343417&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D515964%26time%3D1629293343417%26url%3Dhttps%253A%252F%252Fwww.politico.eu%252Farticle%252Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%252F%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1629293343417&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1629293343417&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&liSync=true&e_ipv6=AQKsjCNME_2bNQAAAXtZc3QFsHVL_3Pa6lDruuobSJmSxvieMh1phqDqZF17nR4R_Um1xDvr

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/	214 KB 46 KB	589ms 567ms	Document text/html	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / WP Engine Resource Hash 5c80752b46e27a323a72daef22bde1b41b53a43d02374b09e1637be192ca0335 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers :method GET :authority www.politico.eu :scheme https :path /article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding Accept-Encoding Accept-Encoding,Cookie x-frame-options SAMEORIGIN link <https://www.politico.eu/wp-json/>; rel="https://api.w.org/" <https://www.politico.eu/wp-json/wp/v2/article/805282>; rel="alternate"; type="application/json" <https://www.politico.eu/?p=805282>; rel=shortlink x-powered-by WP Engine x-cacheable SHORT cache-control max-age=600, must-revalidate x-cache MISS x-cache-group normal cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXDYWHDhpZutcrqio%2FtltNE72kjk5LyU6dcNLPXoFTUz1xx6KjhVkz8vxSPaPTsgsqf6uLlsq5USCMeavzPD21G9dLEa4jA1zYlFOb7cHc0aMcFJfpEdcTXlt%2Bi9yDKgk4Kj1E8goPqXhlWNCQ%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 680b7d1d5e36645b-FRA content-encoding br
GET H2	200	IvarText-Regular.woff2 www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/	38 KB 38 KB	15ms 13ms	Font font/woff2	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/IvarText-Regular.woff2 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 25e4521abb90ae6f17b9a111dac828f25e3f083d9837b506addd33a82e4cf98b Request headers :path /wp-content/themes/politico-new/dist/fonts/ivar-text/IvarText-Regular.woff2 pragma no-cache origin https://www.politico.eu accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Origin https://www.politico.eu Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 12843716 content-length 38524 last-modified Tue, 26 Jan 2021 11:15:04 GMT server cloudflare etag "600ff9b8-967c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgSe0aq7W2886M58u84%2F%2FtHLY8tR02SZgQo70NwwjhQ1XqCYLljdb6iMGk%2F3RTzdzoZSuoemq9sdI2fZygIjmsD5%2F2u4cx3datHS6WjoqdLXoV8qEx9TjbixZJsGB0DPoi%2FmQMk9avAsiKQmTA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 680b7d20eeeb645b-FRA
GET H2	200	National2Compressed-Medium.woff2 www.politico.eu/wp-content/themes/politico-new/dist/fonts/national2-compressed/	30 KB 30 KB	16ms 15ms	Font font/woff2	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/national2-compressed/National2Compressed-Medium.woff2 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8749df62cad8b7c300bf709ad6dea89e59831cd5b305b6450877af40c131ffb Request headers :path /wp-content/themes/politico-new/dist/fonts/national2-compressed/National2Compressed-Medium.woff2 pragma no-cache origin https://www.politico.eu accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Origin https://www.politico.eu Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 12843716 content-length 30240 last-modified Tue, 26 Jan 2021 11:15:04 GMT server cloudflare etag "600ff9b8-7620" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DNMDjmDZL3Ub0b2XPKQKcgxncUvDUSgz1p%2BWT%2BCvXb119mnkFFRPO3U82wfglvpPfk%2BV7AvfULlfX7D68juMED3ObnnzX37WM5hfoFlC5CKX3RfxX0b%2Fl2GdB56M%2FWy8%2FQ7jDWE%2Byf0BMgHmuw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 680b7d20eeec645b-FRA
GET H2	200	PublicoHeadline-Medium.woff2 www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-headline/	50 KB 50 KB	24ms 23ms	Font font/woff2	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-headline/PublicoHeadline-Medium.woff2 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5124324d76d543186718728f1ea0496403eb2b11816357db69def8c2ced41f45 Request headers :path /wp-content/themes/politico-new/dist/fonts/publico-headline/PublicoHeadline-Medium.woff2 pragma no-cache origin https://www.politico.eu accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Origin https://www.politico.eu Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 12843716 content-length 51344 last-modified Tue, 26 Jan 2021 11:15:04 GMT server cloudflare etag "600ff9b8-c890" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6v9oVkW%2Fa7uSGuOOvoJ8bN5yKQZSxgRf3aEpgPUu3JrxPA4Mkv2wxhpFcunMSKbLvWOIZfZ2WmUVPLaIT5gVrbowCxaH%2Figb4q24ly40QRDWh3M82%2ByxpUufW4IwDTlUG2cJpFZLipR3r7xRCg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 680b7d20eeed645b-FRA
GET H2	200	PublicoHeadline-Roman.woff2 www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-headline/	52 KB 52 KB	28ms 27ms	Font font/woff2	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-headline/PublicoHeadline-Roman.woff2 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 566b0aee0cae2b02daa9a43461881182e6ec302f1b3e627068315cf97cccb61d Request headers :path /wp-content/themes/politico-new/dist/fonts/publico-headline/PublicoHeadline-Roman.woff2 pragma no-cache origin https://www.politico.eu accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Origin https://www.politico.eu Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 12843716 content-length 52808 last-modified Tue, 26 Jan 2021 11:15:04 GMT server cloudflare etag "600ff9b8-ce48" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sv8fu0bqCTEifIdTo42CJtUsXMhnzpnMSikPXerm%2B3X7ZF3bkHK3ROq8s0Es2qrmw%2B5eAQxn7iXLUTTnwQxwHLBFfY64m6Szk77xyGpGh7cY5xXar7jC0aVtfidIUb5gf%2BxptztOh1ubvLQ3Aw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 680b7d20eeee645b-FRA
GET H2	200	PublicoBanner-Medium.woff2 www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-banner/	43 KB 44 KB	21ms 20ms	Font font/woff2	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-banner/PublicoBanner-Medium.woff2 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af741a6627d0cba98a0dcdd237cbfd04d6aca87c5e0347c43ea34ddb7860d7f5 Request headers :path /wp-content/themes/politico-new/dist/fonts/publico-banner/PublicoBanner-Medium.woff2 pragma no-cache origin https://www.politico.eu accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Origin https://www.politico.eu Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10179388 content-length 44248 last-modified Tue, 26 Jan 2021 11:15:04 GMT server cloudflare etag "600ff9b8-acd8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hg2nJ9O1Ky%2BlQAoIwCSIDEkqhR0OktaXgIlPht2eX0WzPEJc52KcUVZcZ6EmK5Do4BS6%2BjbnBPOZzZVzP5ckswAsKd7El0bw3wtP8PvaDZj9JoScZ9lPojo8q3XmcSPZmllExVhASxaZnUEbeQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 680b7d20eeef645b-FRA
GET H2	200	style.min.css www.politico.eu/wp-includes/css/dist/block-library/	57 KB 9 KB	24ms 23ms	Stylesheet text/css	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde Request headers :path /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT content-encoding br cf-cache-status HIT last-modified Wed, 26 May 2021 08:09:07 GMT server cloudflare age 7276767 etag W/"60ae0223-e33b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rl5o4FDsNuGmyN2fFNYEjPCbF0S%2B80V3dCxhbdo8hB4pEL%2Fyf19fFJFJG0QvQlrW4gZWktSPxwEVxkzrxWj00D9RZ8Om6U5DralZ%2BrbXj1iedsRBjaaNo1b5ss%2BM%2FH9kLYdrfxOHuyv%2BYRjrfg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 680b7d20fef1645b-FRA
GET H2	200	jquery.ui.css www.politico.eu/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/css/	22 KB 4 KB	27ms 26ms	Stylesheet text/css	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/plugins/miniorange-saml-20-single-sign-on/includes/css/jquery.ui.css?ver=5.7.2 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d198aa686d1152dea61220e984befd325376330286ffbeb9bba9d43347c2f065 Request headers :path /wp-content/plugins/miniorange-saml-20-single-sign-on/includes/css/jquery.ui.css?ver=5.7.2 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT content-encoding br cf-cache-status HIT last-modified Mon, 21 Jun 2021 20:01:35 GMT server cloudflare age 4936942 etag W/"60d0f01f-5940" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fHmHhjjp%2BF10kuRcdxyymSEslks6JXD79JQ9u3Dp1tLF07IyP12ldtsOpPGVITngQJSciCoa%2BRQC8mgO%2FQqk%2F9%2FKraYK%2FC5RZsiVo9fR1rIf90zSIxXrB7wU90VcyhB%2FZyhl%2FSBDQcigFtzFQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 680b7d20fef2645b-FRA
GET H2	200	wp-parsely.css www.politico.eu/wp-content/plugins/wp-parsely/	2 KB 852 B	20ms 19ms	Stylesheet text/css	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/plugins/wp-parsely/wp-parsely.css?ver=1629276059 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 771aab9b7a93154ca223a348e5ce6a88c311b74caeb687f8c0ced949296b9b8f Request headers :path /wp-content/plugins/wp-parsely/wp-parsely.css?ver=1629276059 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT content-encoding br cf-cache-status HIT last-modified Mon, 16 Aug 2021 08:01:17 GMT server cloudflare age 17264 etag W/"611a1b4d-709" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6c1XtskIkE1R5QLDn56TTiqy44w1qtCqD6%2BEb6PI5%2Bp3F1NGi0waX4cSpmO8MOEEeOruRO%2FoZJdwoJ1J4CF%2FJzgzjs%2B%2Ff771btCVwfSZKKBoC4jA1N%2FexvY8%2F1r9WEmi0pXv1Z5JYpQ3SZ2Tw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 680b7d20fef3645b-FRA
GET H2	200	style.css www.politico.eu/wp-content/themes/politico-new/dist/css/	351 KB 48 KB	28ms 27ms	Stylesheet text/css	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c44ded1f8c4df3d118329174f0daf247413adc5f3653122eb2fea2ba27fde6e Request headers :path /wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT content-encoding br cf-cache-status HIT last-modified Mon, 16 Aug 2021 08:01:18 GMT server cloudflare age 17264 etag W/"611a1b4e-57b57" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5uc%2F7OwBzd7sKxjKWep3RZKweRK25uz9NxuIi8EmPBNDdvv4nUlJxlhkjf%2Bqr2%2B9h3dSmP5ZFj2bbsj6OEMGm%2BSWAd1YwUl70zwZSJJAR9t0SfS61s475ZVAaF43UgiHaDBjQdsh5Y375okMw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 680b7d20fef4645b-FRA
GET H2	200	wrapperMessagingWithoutDetection.js Show response cmp.politico.eu/unified/	97 KB 31 KB	78ms 15ms	Script application/javascript	13.225.78.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.politico.eu/unified/wrapperMessagingWithoutDetection.js Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-81.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash cc5b793ed4ded5b3ebcee57ba68806eb8fe3a1ef31631fdd584634e599f8842f Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:12:18 GMT content-encoding gzip last-modified Thu, 12 Aug 2021 16:31:56 GMT server AmazonS3 age 1010 etag W/"f6578d511705a2e79e4cc22997cc3be2" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop FRA2-C2 x-amz-cf-id 3qV2x0Ivuyk7Qf2TCXwwC2RN5au5Ml9Tm6ANNBg8rWr2yRw0ifsE8w==
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	72 KB 25 KB	42ms 15ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 32e728ad51ee39ade797482a3b2aa3b22ee88d90c1ef3edde282c5732a9be6ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "962 / 92 of 1000 / last-modified: 1629284901" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 25203 x-xss-protection 0 expires Wed, 18 Aug 2021 13:29:02 GMT
GET H2	200	prebid-5.4.0.js Show response www.politico.eu/wp-content/themes/politico-new/assets/js/frontend/lib/	225 KB 69 KB	36ms 34ms	Script application/javascript	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/themes/politico-new/assets/js/frontend/lib/prebid-5.4.0.js Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 001b94577ec2f76e97f364b7e4703dde056560f9dd6becb7912e7c986469d445 Request headers :path /wp-content/themes/politico-new/assets/js/frontend/lib/prebid-5.4.0.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT content-encoding br cf-cache-status HIT last-modified Tue, 20 Jul 2021 08:26:49 GMT server cloudflare age 2523711 etag W/"60f688c9-38402" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Sgi6riBu3zwdx0i%2BVobKIblByvo%2F8AVGGIpTZ7y3v9jX15DRDzxMl8Fjhqeq1jmQntPhZ2pumnSeyCaIRgktGP%2F83mLO4cs0bBEiuWUbo0ZTKb95NFIdzSrZrnwOcOiiIpJ8tSZBv%2BDMwWGYw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 680b7d214f05645b-FRA
GET H2	200	email-decode.min.js Show response www.politico.eu/cdn-cgi/scripts/5c5dd728/cloudflare-static/	1 KB 1 KB	9ms 8ms	Script application/javascript	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers :path /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 12 Aug 2021 10:09:00 GMT server cloudflare etag W/"6114f33c-4d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options DENY report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmvbIx1SttyNgaXaUvPeKHXoU585plCSjaKlZDxeseWuUMG5CJOleNYuMxiYUBSdYVJWjHuWjE3DkLx6%2BN%2BKV7PZXMGhXLc0%2FFaDkYgFvH%2FNAd76rDx3knwH2xHyaYRnVRbePBkJxJdCr2EhsA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=172800 public nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 680b7d211ef7645b-FRA vary Accept-Encoding expires Fri, 20 Aug 2021 13:29:02 GMT
GET H2	200	p.js Show response cdn.parsely.com/keys/politico.eu/	47 KB 18 KB	57ms 14ms	Script application/javascript	13.225.85.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.parsely.com/keys/politico.eu/p.js Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.85.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-85-39.fra2.r.cloudfront.net Software nginx / Resource Hash 0ffdf994819f279d76e9536d142a997a1cbf99cc224b6da03ff3ac1564edf3a7 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma public date Wed, 18 Aug 2021 00:51:58 GMT content-encoding gzip last-modified Mon, 08 Mar 2021 19:07:47 GMT server nginx age 45657 etag W/"60467603-bd2c" x-cache Hit from cloudfront content-type application/javascript via 1.1 1e498d046330e15095a1a2a958463bf5.cloudfront.net (CloudFront) cache-control max-age=86400, public x-amz-cf-pop FRA2-C2 x-amz-cf-id KSVq-YjEGPghvMLahGrF8xc_ZUkS00J521e5-jz5bVc-OJ_XGaOQ0w== expires Thu, 19 Aug 2021 00:48:05 GMT
GET H2	200	frontend.js Show response www.politico.eu/wp-content/plugins/ad-refresh-control/dist/js/	13 KB 5 KB	20ms 17ms	Script application/javascript	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/plugins/ad-refresh-control/dist/js/frontend.js?ver=1.0.4 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cd0f7339e3fe1e7228f087ed90b78e9fdcbcc1db30e4f228e510ce6bb220f46 Request headers :path /wp-content/plugins/ad-refresh-control/dist/js/frontend.js?ver=1.0.4 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT content-encoding br cf-cache-status HIT last-modified Tue, 18 May 2021 13:44:44 GMT server cloudflare age 7947834 etag W/"60a3c4cc-3583" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z286zIiaDDDC93RK%2FsqZvic9TWLjUjrihTViFCth1d3dJ09corrHs8nnuRmQycI2dXD9RTMvBbIukYSH8DPmBW1pBV0CNaG8jEVpu94DfOYAAhfiIy5K%2FGOlsDDwlIiivtBj2xAIHpOrrkHvTQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 680b7d211efa645b-FRA
GET H2	200	embed.min.js Show response widget.politico.eu/	13 KB 5 KB	69ms 12ms	Script application/javascript	2600:9000:21f3:8e00:2:5291:8280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.politico.eu/embed.min.js?ver=1629275421 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:8e00:2:5291:8280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4e858e4c408a7da3bca6525519fd1bebf80ae3fcbe3df81b8909a6bc479e188b Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 15 Aug 2021 05:29:42 GMT content-encoding gzip last-modified Thu, 04 Jul 2019 14:06:48 GMT server AmazonS3 age 288259 etag W/"500ef0fea11a37b80d034a4d9cbc2ee6" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront) cache-control public, must-revalidate, proxy-revalidate, max-age=604800 x-amz-cf-pop FRA2-C2 x-amz-cf-id wTvWMpCNGgAezAfPulfpwdMBrtFbivVxLEL0e8j0P9G0xotHMB8wsg==
GET H2	200	frontend.js Show response www.politico.eu/wp-content/themes/politico-new/dist/js/	589 KB 173 KB	43ms 40ms	Script application/javascript	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/themes/politico-new/dist/js/frontend.js?ver=1629275421 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7c07838067d87406e5af865a0d12d064c692d8a28946b6be0d4caa45311bc2a Request headers :path /wp-content/themes/politico-new/dist/js/frontend.js?ver=1629275421 pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT content-encoding br cf-cache-status HIT last-modified Wed, 18 Aug 2021 08:40:59 GMT server cloudflare age 17264 etag W/"611cc79b-9325c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFOB9BVaoz0j9wC4aEdD%2BXkxM7twh4lRDU%2FXlWT2F0Ftpe%2BHRxue%2F278LBmrMn0MEPPMEmuRoaARzZknsJM%2BdQmVGlHLZvGxPcRAjY2CZ2VMwQ7qFMLS1odsNiZ1dvHAX%2FE9UiDz0y%2FZQ82hrQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 680b7d211efb645b-FRA
GET H2	200	gtm.js Show response www.googletagmanager.com/	186 KB 61 KB	16ms 15ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MLNH8XV Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 885752444eb1fefb8cc16e7f1a14440a3a43b390f6e314ec359412e5707d8278 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62327 x-xss-protection 0 last-modified Wed, 18 Aug 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 18 Aug 2021 13:29:02 GMT
GET H2	200	AGSKWxUzwJUkrknMORZONyw8bdlSJZP5TQJiI5EttDNXRHKTAix9WJCT_HeXhUFv9keRgBHDc_lO9CcXkSZyqkcI8J8= Show response fundingchoicesmessages.google.com/f/	22 KB 10 KB	56ms 32ms	Script application/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUzwJUkrknMORZONyw8bdlSJZP5TQJiI5EttDNXRHKTAix9WJCT_HeXhUFv9keRgBHDc_lO9CcXkSZyqkcI8J8= Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0a70437df5275f450c0ddf2f603767336526740473ef437246a73274ec864fe5 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-x7ag68M8r9osSz4MKMOnew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-x7ag68M8r9osSz4MKMOnew' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 18 Aug 2021 13:29:02 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'report-sample' 'nonce-x7ag68M8r9osSz4MKMOnew' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-x7ag68M8r9osSz4MKMOnew' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 25 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 25944 x-xss-protection 0 pragma public x-fb-debug HyGNlGd4mxAhbdR/EnW53xrTRc+Bf7x2fXhJU2XRdQzyJRrs3rYj7asY4YIJfItMdi3RkKrMTDz9EVJusHWCIQ== x-fb-trip-id 686109401 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coop_report" date Wed, 18 Aug 2021 13:29:02 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	chartbeat.js Show response static.chartbeat.com/js/	36 KB 14 KB	42ms 13ms	Script application/x-javascript	2600:9000:2190:5400:18:1fcd:34f:cdc1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat.js Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:5400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 12:15:39 GMT content-encoding gzip last-modified Fri, 09 Jul 2021 00:11:37 GMT server nginx age 4403 etag W/"60e79439-8e96" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript via 1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront) cache-control max-age=7200 cross-origin-resource-policy cross-origin x-amz-cf-pop ZRH50-C1 x-amz-cf-id MyvZiNQsWrdEVTSvDQm6GnZaJQZgDXt40_mhzf6Sqg-GUG-d3eZdqg== expires Wed, 18 Aug 2021 14:15:39 GMT
GET H2	200	ico-quotes.svg www.politico.eu/wp-content/themes/politico-new/dist/svg/typography/	439 B 637 B	19ms 19ms	Image image/svg+xml	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.politico.eu/wp-content/themes/politico-new/dist/svg/typography/ico-quotes.svg Requested by Host: www.politico.eu URL: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e99bd769170a27455daef77ae15c487d2f3abcd36bdcdc7113af00ebe9c1d929 Request headers :path /wp-content/themes/politico-new/dist/svg/typography/ico-quotes.svg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.politico.eu referer https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT content-encoding br cf-cache-status HIT last-modified Tue, 26 Jan 2021 11:15:04 GMT server cloudflare age 10471024 etag W/"600ff9b8-1b7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding Accept-Encoding Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skQg%2BANkYAdaXKTUTWHQhJNi73Y0fyuOwV642HzroncgFD%2FpwjbuUQf%2FwG7clILc9POIAuy5qc8JMs1lEC1yDo1otfUclI8aKyIsPf1qAYml7ejg6YtBDDHqLCBOY2EiyuXOEDCaQo4BmUHO5w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 680b7d219f25645b-FRA
GET H2	200	PublicoHeadline-Italic.woff2 www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-headline/	56 KB 56 KB	21ms 20ms	Font font/woff2	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/publico-headline/PublicoHeadline-Italic.woff2 Requested by Host: www.politico.eu URL: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 09883ab3ad2f6e8f83d45fb7e0bb79972c79c487fe36d8162bb1c9aa65d59b6d Request headers :path /wp-content/themes/politico-new/dist/fonts/publico-headline/PublicoHeadline-Italic.woff2 pragma no-cache origin https://www.politico.eu accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.politico.eu referer https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 :scheme https sec-fetch-site same-origin :method GET Origin https://www.politico.eu Referer https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10138501 content-length 56928 last-modified Tue, 26 Jan 2021 11:15:04 GMT server cloudflare etag "600ff9b8-de60" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpUfv9nOjucGgFYk8x3CaxUR8%2BOH6mWhp0Fx8pYF1QGEKkfMAmn4aSZz60n8TQlxDrBtNI%2B4SEYg43GOMzDAVDvpxv5WpvgAbhgdOzG5YsJOLcRKYAqiBweuY%2Bzaotw2N4iz5xOLMKMrCI9OYg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 680b7d219f26645b-FRA
GET H2	200	IvarText-BoldItalic.woff2 www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/	35 KB 35 KB	22ms 21ms	Font font/woff2	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/IvarText-BoldItalic.woff2 Requested by Host: www.politico.eu URL: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 89103cbb04e7b236ece75ca34ed4c6e84d40a60ee5ad613d6490f956be7c4157 Request headers :path /wp-content/themes/politico-new/dist/fonts/ivar-text/IvarText-BoldItalic.woff2 pragma no-cache origin https://www.politico.eu accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.politico.eu referer https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 :scheme https sec-fetch-site same-origin :method GET Origin https://www.politico.eu Referer https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10138340 content-length 35744 last-modified Tue, 26 Jan 2021 11:15:04 GMT server cloudflare etag "600ff9b8-8ba0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Sz2zEi5A7DdFUSz7yD%2BV9e%2BQlKJfJm83BV0FxNf28rke3Pn%2Fx2xk3tQPwfJCMmsZPFg4kzQot4lV6L7%2FSaoQ%2BGziMUlN5bKES2w2sFkVCqqfVwLN9tWh%2FZrbYekTQC1VRQVXGDx3IQXo2fYsw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 680b7d219f27645b-FRA
GET H2	200	IvarText-Italic.woff2 www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/	33 KB 33 KB	18ms 18ms	Font font/woff2	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/IvarText-Italic.woff2 Requested by Host: www.politico.eu URL: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a13bbfbdf5c062b7107267f9c2482364b29f46ea19295b03926ee6e65113359a Request headers :path /wp-content/themes/politico-new/dist/fonts/ivar-text/IvarText-Italic.woff2 pragma no-cache origin https://www.politico.eu accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.politico.eu referer https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 :scheme https sec-fetch-site same-origin :method GET Origin https://www.politico.eu Referer https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:02 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10548001 content-length 33548 last-modified Tue, 26 Jan 2021 11:15:04 GMT server cloudflare etag "600ff9b8-830c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cpdw6NgBg4ZNowD%2BLWOHj4FlYjyJ3hh7BFzepr1iLThG2IE4V%2BhQ1p1HJEStFG3I8X6PZkzvKwuST3ecTmDgdp3Tc3xdmFVwzBSjPI%2F7z%2B5kqhc9rw%2FiO2qMPm0nK8dAMM3f99uh1ux%2FEkBIRA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 680b7d219f28645b-FRA
GET H2	200	IvarText-Bold.woff2 www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/	40 KB 40 KB	25ms 24ms	Font font/woff2	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.politico.eu/wp-content/themes/politico-new/dist/fonts/ivar-text/IvarText-Bold.woff2 Requested by Host: www.politico.eu URL: https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43214b89245d0798de38bbefccc32afaa328f85c2502ad39b15091bc0d0c8d33 Request headers :path /wp-content/themes/politico-new/dist/fonts/ivar-text/IvarText-Bold.woff2 pragma no-cache origin https://www.politico.eu accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.politico.eu referer https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 :scheme https sec-fetch-site same-origin :method GET Origin https://www.politico.eu Referer https://www.politico.eu/wp-content/themes/politico-new/dist/css/style.css?ver=1629275421 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 10816628 content-length 40560 last-modified Tue, 26 Jan 2021 11:15:04 GMT server cloudflare etag "600ff9b8-9e70" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTVYHzzxhyFwMgUrqBjW5%2Fo3zl%2FFJLMS03i7cMWtFkf1Kld9Ziq4aBeO35oRmAYZBsShSg9RHJiZ1fnjNDcYkGuaGN9qUmvtWUH2ZnTFx6JkX%2BX1ss2i91RyIZaNAmetQuV2rvpvGnA4LYSu8A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 680b7d220f36645b-FRA
GET H2	200	LibyaWeb-1294x720.jpg www.politico.eu/wp-content/uploads/2018/02/	213 KB 214 KB	34ms 33ms	Image image/jpeg	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.politico.eu/wp-content/uploads/2018/02/LibyaWeb-1294x720.jpg Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0da4df825782d5e23a698d023d14da0b41e10baecc3fb93bc92c36a7823c825 Request headers :path /wp-content/uploads/2018/02/LibyaWeb-1294x720.jpg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1888606 cf-polished origSize=297253, status=webp_bigger content-length 218005 last-modified Wed, 09 Dec 2020 11:08:17 GMT server cloudflare etag "56a515efb7edd7d4fe5dd8afd773c818" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIGw6WakIrtKKA6kMVVD5m8J%2F3BZUAoTCJOE4Gr%2FQO8234m1e9HwVL0cG3LNfCfEj1wp92BCoKkN%2BLmgqunXKydFJ6E6mDF4NbrDPWcgk3BZUojXgeDwR9%2FFQxSwHBxgd0XRQNv1BxHIlXMMXg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg expires Thu, 26 Aug 2021 16:52:16 GMT cache-control max-age=2592000 accept-ranges bytes cf-ray 680b7d221f39645b-FRA cf-bgj imgq:100,h2pri
GET H2	200	dropS-100x100.png www.politico.eu/wp-content/uploads/2017/06/	546 B 988 B	22ms 22ms	Image image/webp	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.politico.eu/wp-content/uploads/2017/06/dropS-100x100.png Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5721339b9e908505b371c18888b257eb637231045cc744afb1e7f3684ee478c Request headers :path /wp-content/uploads/2017/06/dropS-100x100.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 534917 x-amz-server-side-encryption AES256 content-disposition inline; filename="dropS-100x100.webp" content-length 546 last-modified Tue, 02 Feb 2021 08:11:15 GMT server cloudflare etag "709117fdb8fe18dc566b9ebdb1e62dfc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=td1jGvkQsw1ni0xeR4YFqWby7YhGJT4BkCm8%2FshYXasQOxwCsQuKLm0%2FkPC%2FxgN3ocmZUBUOY%2B36ZZMJeWC6%2FAOntV8K5BEYyet5SEl6e2VKwirSfIQA7tAVgofirikRebm5nZKA%2BDbzgErAZQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp expires Sat, 11 Sep 2021 08:53:46 GMT cache-control max-age=2592000 cf-polished origFmt=png, origSize=957 accept-ranges bytes cf-ray 680b7d221f3a645b-FRA cf-bgj imgq:100,h2pri
GET H2	200	dropa-100x100.png www.politico.eu/wp-content/uploads/2017/06/	854 B 1 KB	20ms 20ms	Image image/webp	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.politico.eu/wp-content/uploads/2017/06/dropa-100x100.png Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7004c2926c3858a1228bde1ec4462d8a468a0945ec2fc2a3e86d08a5e0adeb01 Request headers :path /wp-content/uploads/2017/06/dropa-100x100.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 448634 x-amz-server-side-encryption AES256 content-disposition inline; filename="dropa-100x100.webp" content-length 854 last-modified Tue, 02 Feb 2021 08:10:45 GMT server cloudflare etag "ec5e742e5ff2926c87996e165b8cc216" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gCForK6hiArsYrYOPYrE5ufRHfh1KruACpbNYfEUXVHE9yu8QOrwEyo7pSf7JQjySdZaITcFGqg1EgRFasWaFbjRzon7xAyBqSZlPANa2bSYoHSQWSEVCFSozcXAtAFUVW6HpigJ6TEKS1Tmw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp expires Sun, 12 Sep 2021 08:51:49 GMT cache-control max-age=2592000 cf-polished origFmt=png, origSize=1142 accept-ranges bytes cf-ray 680b7d221f3b645b-FRA cf-bgj imgq:100,h2pri
GET H2	200	LibyaBox.png www.politico.eu/wp-content/uploads/2018/02/	46 KB 46 KB	18ms 15ms	Image image/webp	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.politico.eu/wp-content/uploads/2018/02/LibyaBox.png Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd60fbf94f06ccee8f9d9b5f1222fa5c674e1bfcf07d8e9e9ee91c03c94155bb Request headers :path /wp-content/uploads/2018/02/LibyaBox.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1138088 cf-polished origFmt=png, origSize=110004 content-disposition inline; filename="LibyaBox.webp" content-length 47112 last-modified Wed, 09 Dec 2020 11:08:15 GMT server cloudflare etag "3420b22301a9c21bec1bd8ea7288058d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6sLStEhRDXKUIbgj%2BEeDoBwAW6EZ7OT2AongebPbT%2FM9eCNvwzlpKN7PaekdeYnvNqVJU7xwsM2Bt36fKsBS%2Fnli0gmye3ELaQr6n211v5%2FxFNCdzaLuV%2BYwBzWVdlJ3rtEvmpcA4Hjt2qK8g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp expires Sat, 04 Sep 2021 09:20:55 GMT cache-control max-age=2592000 accept-ranges bytes cf-ray 680b7d222f3f645b-FRA cf-bgj imgq:100,h2pri
GET H2	200	dropI-100x100.png www.politico.eu/wp-content/uploads/2017/06/	124 B 759 B	24ms 23ms	Image image/webp	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.politico.eu/wp-content/uploads/2017/06/dropI-100x100.png Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be0ed21fa0200f3af2117db5b3551710d4b1b28be3f148348893e2b38774aaf0 Request headers :path /wp-content/uploads/2017/06/dropI-100x100.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 713831 x-amz-server-side-encryption AES256 content-disposition inline; filename="dropI-100x100.webp" content-length 124 last-modified Thu, 04 Feb 2021 07:42:17 GMT server cloudflare etag "3f34488bfc2ac4adb4879d8ab67de119" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhuTtMNA3KWvRS4tw%2Ft%2Bm2KdTH3ZC5OBthmgHObRw2H59zZmdcW0OOJ%2BpESdDSFDfm%2BZpHR1Zi1vdYrrHt8PF%2F7ZUg5ohD3TtlWG3vHhu58GczAl4tPYc%2FdX%2F8zEBwYmmoQL3NV2ar9mU%2FyA3g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp expires Thu, 09 Sep 2021 07:11:52 GMT cache-control max-age=2592000 cf-polished origFmt=png, origSize=299 accept-ranges bytes cf-ray 680b7d222f40645b-FRA cf-bgj imgq:100,h2pri
GET H2	200	dropB-100x100.png www.politico.eu/wp-content/uploads/2017/06/	396 B 824 B	16ms 15ms	Image image/webp	2606:4700:20::ac43:46c0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.politico.eu/wp-content/uploads/2017/06/dropB-100x100.png Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46c0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9434bca91cb7be514ba8633973091223d21cd5867ea31845e1f40075d5e117a5 Request headers :path /wp-content/uploads/2017/06/dropB-100x100.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.politico.eu referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 152072 x-amz-server-side-encryption AES256 content-disposition inline; filename="dropB-100x100.webp" content-length 396 last-modified Thu, 04 Feb 2021 07:59:01 GMT server cloudflare etag "5f5a1a103dabd9958cc657cbaa95f515" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXBuHyPoswOcXg%2FqyBCJ7m3J3Nb6SLQy8GFg75v7R8uYq6QMGnK7U808sNUqPmsMQyMvMG3hS4udJnvCMVoSMcWMKDkWfbwnI4r0WXBD30e2R05fXHx4IpDChudONm%2FbONxKlCKcTyH%2FVDeqLg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp expires Wed, 15 Sep 2021 19:14:31 GMT cache-control max-age=2592000 cf-polished origFmt=png, origSize=725 accept-ranges bytes cf-ray 680b7d223f41645b-FRA cf-bgj imgq:100,h2pri
GET H3-29	200	identity.js Show response connect.facebook.net/signals/plugins/	11 KB 5 KB	7ms 6ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/plugins/identity.js?v=2.9.44 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 4673 x-xss-protection 0 pragma public x-fb-debug SS06B6C7uOkA8fAVTWq5nX1LIQvu6YBHGGD7tqJISsZyRDbZ8d5RqLpzr2JmHEVhMCNaGqD9YFqV3tPlyY3vEw== x-frame-options DENY date Wed, 18 Aug 2021 13:29:03 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3-29	200	394368290733607 Show response connect.facebook.net/signals/config/	253 KB 72 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/394368290733607?v=2.9.44&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 924af7f211e2d498bd78c877fd0c908d8a217206e3d3b56edbc7993e80a152da Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 73556 x-xss-protection 0 pragma public x-fb-debug HhIuA+ryUoWm7ompl0GXILddLLEt9ZgwFYVQqbDLg6s5LbWpM2U/ANlJfS4U5RMICfTPU4kN8y2FVgvJFGZqIw== x-frame-options DENY date Wed, 18 Aug 2021 13:29:03 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	/ p1.parsely.com/plogger/	43 B 260 B	419ms 102ms	Image image/gif	34.194.161.83 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://p1.parsely.com/plogger/?rand=1629293343211&plid=72861698&idsite=politico.eu&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&sref=&sts=1629293343207&slts=0&title=Millions+flow+from+Gaddafi%E2%80%99s+%E2%80%98frozen+funds%E2%80%99+to+unknown+beneficiaries+%E2%80%93+POLITICO&date=Wed+Aug+18+2021+15%3A29%3A03+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=62903632&u=pid%3Db73052efe2a32f9f32e292dec07e4dc9 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-194-161-83.compute-1.amazonaws.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 18 Aug 2021 13:29:03 GMT Cache-Control no-cache Last-Modified Wednesday, 18-Aug-2021 13:29:03 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H3-29	200	pubads_impl_2021081201.js Show response securepubads.g.doubleclick.net/gpt/	329 KB 115 KB	6941ms 6925ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software sffe / Resource Hash 01e51940762b45561e5a0c1ea5e5ad122f4c732178d0cb428f8f4409030efb13 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:10 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 12 Aug 2021 08:42:15 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 117424 x-xss-protection 0 expires Wed, 18 Aug 2021 13:29:10 GMT
GET H2	200	hotjar-1736629.js Show response static.hotjar.com/c/	4 KB 2 KB	101ms 39ms	Script application/javascript	13.224.102.68 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1736629.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLNH8XV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.102.68 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-102-68.zrh50.r.cloudfront.net Software / Resource Hash 768437453efd8ce58ea9449acbb8a881f15cc3c84fa87aa4a0a5923105cb6c4c Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 x-amz-cf-pop ZRH50-C1 etag W/7446b5d509e31dd24d979b4d0159bfcd vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 x-amz-cf-id NyWsq-ks4Jtm-dE1BkcWlR2jJPstX9HjnOo74FCLqWUeA6vH3DYvjA== via 1.1 4e0fd86f7afa735e772d6f7fe5e91f5b.cloudfront.net (CloudFront)
GET H3-29	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLNH8XV Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 13 Jul 2021 18:24:06 GMT server Golfe2 age 922 date Wed, 18 Aug 2021 13:13:41 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19672 expires Wed, 18 Aug 2021 15:13:41 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	5 KB 2 KB	25ms 7ms	Script application/javascript	151.101.12.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a53ea60fbea6cb1775430998564d5f295aba7d3bfe548a0ba79aa2a049aba839 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT via 1.1 varnish last-modified Mon, 12 Jul 2021 21:25:31 GMT age 48105 etag "65cf0c0ceb852397f0d1e6732cd3c533+gzip" vary Accept-Encoding,Host x-cache HIT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" content-encoding gzip cache-control no-cache accept-ranges bytes content-type application/javascript; charset=utf-8 content-length 1958 x-timer S1629293343.372547,VS0,VE0 x-served-by cache-fra19153-FRA
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	5 KB 2 KB	10ms 9ms	Script application/x-javascript	2a02:26f0:6c00:28b::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:6c00:28b::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 18 Aug 2021 13:29:03 GMT Content-Encoding gzip Last-Modified Fri, 13 Aug 2021 21:34:05 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=72915 Connection keep-alive Accept-Ranges bytes Content-Length 2036
GET H/1.1	200 OK	track.js Show response serve.albacross.com/	10 KB 5 KB	87ms 19ms	Script application/javascript	143.204.98.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serve.albacross.com/track.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLNH8XV Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.98.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-99.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 38fbe56978cc73ba5a5f8c85b360f71aca125c2cd850a3cd6c3683385e388702 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Wed, 18 Aug 2021 13:28:52 GMT Content-Encoding gzip Connection keep-alive Last-Modified Thu, 08 Apr 2021 13:13:21 GMT Server AmazonS3 Age 35 ETag W/"b769e9b4f23be6c9bab7c715fdf2526a" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront) Cache-Control max-age=120 Transfer-Encoding chunked X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id M6qOmCK90EUu1bEff5p4uAA4RqKXg3jvim9upzUG7Nmn9kyKX-E8oA==
GET H2	200	web-vitals.umd.js Show response unpkg.com/web-vitals@1.1.0/dist/	4 KB 2 KB	40ms 25ms	Script application/javascript	2606:4700::6810:7caf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MLNH8XV Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 12846209 vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * x-cloud-trace-context e9412a941d9e2178046a5378c46b42d2 cache-control public, max-age=31536000 cf-ray 680b7d241eecd6c5-FRA
GET H2	200	ping ping.chartbeat.net/	43 B 201 B	310ms 103ms	Image image/gif	54.224.173.8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=politico.eu&p=%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&u=Bfrv35CRc2Vq833fQ&d=politico.eu&g=33430&g0=Foreign%20Affairs&g1=Giulia%20Paravicini&n=1&f=00001&c=0&x=0&m=0&y=10490&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1123&t=BNkZlwB93hjBB6ArGYC04tY4CAo10O&V=128&i=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries%20%E2%80%93%20POLITICO&tz=-120&sn=1&sv=DqT2gvCnpl7-CuqKOhtvLvZdGVil&sd=1&im=067b0fff&_ Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.224.173.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-224-173-8.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 18 Aug 2021 13:29:03 GMT cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif content-length 43 expires 0
GET H2	200	/ www.facebook.com/tr/	44 B 147 B	7ms 7ms	Image image/gif	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=394368290733607&ev=PageView&dl=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&rl=&if=false&ts=1629293343410&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd[language]=en-US&cd[referrer]=&sw=1600&sh=1200&v=2.9.44&r=stable&a=dvpixelcaffeinewordpress&ec=0&o=30&fbp=fb.1.1629293343408.99362694&it=1629293343118&coo=false&rqm=GET Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Wed, 18 Aug 2021 13:29:03 GMT
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1629293343417&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D515964%26time%3D1629293343417%26url%3Dhttps%253A%252F%252Fwww.politico.eu%252Fart... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1629293343417&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1629293343417&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&liSync=true...	0 63 B	111ms 110ms	Image application/javascript	108.174.10.14 LINKEDIN
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1629293343417&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&liSync=true&e_ipv6=AQKsjCNME_2bNQAAAXtZc3QFsHVL_3Pa6lDruuobSJmSxvieMh1phqDqZF17nR4R_Um1xDvr Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 108.174.10.14 , United States, ASN14413 (LINKEDIN, US), Reverse DNS 108-174-10-14.fwd.linkedin.com Software Play / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT server Play linkedin-action 1 x-li-fabric prod-lva1 x-li-proto http/2 x-li-pop prod-edc2 content-type application/javascript content-length 0 x-li-uuid rBmT8qlpnBbwtODwqCsAAA== Redirect headers date Wed, 18 Aug 2021 13:29:03 GMT server Play linkedin-action 1 x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=515964&time=1629293343417&url=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&liSync=true&e_ipv6=AQKsjCNME_2bNQAAAXtZc3QFsHVL_3Pa6lDruuobSJmSxvieMh1phqDqZF17nR4R_Um1xDvr x-li-proto http/2 x-li-pop prod-edc2 content-length 0 x-li-uuid auY/7KlpnBZgHwytIisAAA==
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 22 B	13ms 13ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=355769248&t=pageview&_s=1&dl=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&ul=en-us&de=UTF-8&dt=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries%20%E2%80%93%20POLITICO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=275935899&gjid=46077200&cid=407738130.1629293343&tid=UA-4042686-1&_gid=1116543654.1629293343&_r=1&gtm=2wg8g0MLNH8XV&cd1=Foreign%20Affairs&cd2=Interest%20rates%2COil%2CSanctions&cd3=Giulia%20Paravicini&cd4=article&cd5=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries&cd8=805282&cd10=en&cd11=February%208%2C%202018%204%3A02%20am&cd12=Thursday&cd15=Muammar%20Gaddafi&cd16=Belgium%2CLibya&z=50440183 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 18 Aug 2021 13:29:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.politico.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adsct t.co/i/	43 B 455 B	157ms 126ms	Image image/gif	104.244.42.197 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o2lae&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.197 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT content-encoding gzip x-content-type-options nosniff status 200 OK x-twitter-response-tags BouncerCompliant content-length 65 x-xss-protection 0 pragma no-cache last-modified Wed, 18 Aug 2021 13:29:03 GMT server tsa_o x-frame-options SAMEORIGIN strict-transport-security max-age=0 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 x-connection-hash f67a979bdd0a417d90126c650847dd2dd63b26033804b93e5c80b45e5b9804ca x-transaction d79794fd27139898 expires Tue, 31 Mar 1981 05:00:00 GMT
GET H/1.1	200 OK	reveal.js Show response serve.albacross.com/	662 B 1 KB	21ms 21ms	Script application/javascript	143.204.98.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serve.albacross.com/reveal.js Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.98.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-99.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 137b79e9fe3105ee2c47dbe809a6716a26fa564ccdeb986162c6c90816fd85f2 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 17 Aug 2021 14:39:08 GMT Via 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront) Last-Modified Thu, 01 Apr 2021 11:02:18 GMT Server AmazonS3 Age 82196 ETag "62700c2cfcdcdf017d2358194f4c8eaa" X-Cache Hit from cloudfront Content-Type application/javascript Connection keep-alive X-Amz-Cf-Pop FRA50-C1 Accept-Ranges bytes Content-Length 662 X-Amz-Cf-Id otxFOhsVaa-7j3Z5EIpfT74Y4P3ci5wFSF_22hzJ-oqSsoU72oQJYg==
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 88 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c04::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-4042686-1&cid=407738130.1629293343&jid=275935899&gjid=46077200&_gid=1116543654.1629293343&_u=YEBAAEAAAAAAAC~&z=328920323 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 18 Aug 2021 13:29:03 GMT content-type text/plain access-control-allow-origin https://www.politico.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	modules.e763089bec9f2503d752.js Show response script.hotjar.com/	221 KB 59 KB	90ms 30ms	Script application/javascript	13.224.102.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.e763089bec9f2503d752.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1736629.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.102.55 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-102-55.zrh50.r.cloudfront.net Software / Resource Hash b8e39dad2211fe2aafd3c487471c94934a5230aeb00608f59b80c880ce777440 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 10:32:05 GMT content-encoding br x-content-type-options nosniff age 10618 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 59555 access-control-allow-origin * last-modified Wed, 18 Aug 2021 10:31:58 GMT etag "59b0bd2bf71a6ea4a84151c51b91fba8" vary Accept-Encoding content-type application/javascript via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id oaAL2mXvcPU2p3v3nhc7B_Aa4Xv-UUX_QXZnXpw28AB8gJCMLWgBNg==
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	31ms 30ms	Image image/gif	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-4042686-1&cid=407738130.1629293343&jid=275935899&_u=YEBAAEAAAAAAAC~&z=1257559735 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 18 Aug 2021 13:29:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	30ms 29ms	Image image/gif	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-4042686-1&cid=407738130.1629293343&jid=275935899&_u=YEBAAEAAAAAAAC~&z=1257559735 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 18 Aug 2021 13:29:03 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	401	company Show response reveal.api.albacross.com/	41 B 331 B	34ms 34ms	Fetch application/json	54.73.236.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://reveal.api.albacross.com/company Requested by Host: serve.albacross.com URL: https://serve.albacross.com/reveal.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.73.236.33 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-73-236-33.eu-west-1.compute.amazonaws.com Software / Resource Hash b35734399c068a528ca6d25acfa9f5fee57cfe7da33d962a53459b630dcaba48 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Authorization Api-Key 1a114b83-a3ac-4779-8998-bdd361465358 Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:03 GMT referrer-policy origin-when-cross-origin, strict-origin-when-cross-origin x-permitted-cross-domain-policies master-only x-frame-options DENY content-type application/json access-control-allow-origin * x-xss-protection 1; mode=block x-content-type-options nosniff vary Origin content-length 41 apigw-requestid EQ6s-iqaDoEEM6Q=
OPTIONS H2	204	company reveal.api.albacross.com/ Frame	0 0	119ms 30ms	Preflight	54.73.236.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://reveal.api.albacross.com/company Protocol H2 Server 54.73.236.33 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-73-236-33.eu-west-1.compute.amazonaws.com Software / Resource Hash Request headers Accept */* Access-Control-Request-Method GET Access-Control-Request-Headers authorization Origin https://www.politico.eu User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 18 Aug 2021 13:29:03 GMT access-control-allow-origin * access-control-allow-methods GET access-control-allow-headers * access-control-max-age 0 apigw-requestid EQ6s9hVHjoEEMxw=
GET H2	200	box-25a418976ea02a6f393fbbe77cec94bb.html Show response vars.hotjar.com/ Frame E19D	2 KB 1 KB	90ms 28ms	Document text/html	13.224.102.94 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1736629.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.102.94 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-102-94.zrh50.r.cloudfront.net Software / Resource Hash 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9 Request headers :method GET :authority vars.hotjar.com :scheme https :path /box-25a418976ea02a6f393fbbe77cec94bb.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.politico.eu/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://www.politico.eu/ Response headers content-type text/html content-length 1044 date Sun, 18 Jul 2021 00:16:30 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br etag "76922233be8bdb14c053af468d29404a" last-modified Thu, 15 Jul 2021 14:16:09 GMT x-amz-server-side-encryption AES256 x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id dLfHeo46VkJYU1DfzCxn3f9kmJBvtFTbswZpT7kueP4oXZfSSTnhaA== age 2725953
POST H3-29	200	/ www.facebook.com/tr/	0 15 B	6ms 6ms	Ping text/plain	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryxSiTFyRQ3YjBKtZG Response headers strict-transport-security max-age=31536000; includeSubDomains server proxygen-bolt date Wed, 18 Aug 2021 13:29:03 GMT content-type text/plain access-control-allow-origin https://www.politico.eu access-control-allow-credentials true cross-origin-resource-policy cross-origin content-length 0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i
GET H2	200	e.gif new-collect.albacross.com/	37 B 103 B	108ms 30ms	Image image/gif	52.30.204.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview&ci0=34abaf5d-5321-2dc8-6ffb-cf1a7b507ccf&v0=1f5e61b9-4ea8-5221-97a9-92bc46b1b0c8&p0=8e4b59f1-df17-cb41-e66d-4c0dd4f1725a&u0=8e4b59f1-df17-cb41-e66d-4c0dd4f1725a&c0=89576908&t0=1629293343452&ur0=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&ti0=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries%20%E2%80%93%20POLITICO&re0=1600&re0=1200&o0=landscape-primary&e1=pageview_ping&ci1=34abaf5d-5321-2dc8-6ffb-cf1a7b507ccf&v1=1f5e61b9-4ea8-5221-97a9-92bc46b1b0c8&p1=8e4b59f1-df17-cb41-e66d-4c0dd4f1725a&u1=82905bb2-cc90-62f3-31ec-eebaf2f4d415&c1=89576908&t1=1629293343453&li1=1629293343448&e2=pageview_ping&ci2=34abaf5d-5321-2dc8-6ffb-cf1a7b507ccf&v2=1f5e61b9-4ea8-5221-97a9-92bc46b1b0c8&p2=8e4b59f1-df17-cb41-e66d-4c0dd4f1725a&u2=397d36f6-059d-462b-6b11-83d72599da07&c2=89576908&t2=1629293343454&li2=1629293343448 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.204.129 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-204-129.eu-west-1.compute.amazonaws.com Software / Resource Hash 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:06 GMT content-length 37 content-type image/gif
GET H2	200	e.gif new-collect.albacross.com/	37 B 102 B	29ms 29ms	Image image/gif	52.30.204.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=d5da09ef-9e9e-e95e-4991-375dace4e0f3&v0=7c7a020c-5797-b8c9-7b28-13b7be1a0c9f&p0=8e4b59f1-df17-cb41-e66d-4c0dd4f1725a&u0=7ebe2fec-afdf-f165-de20-ed08c19c317d&c0=89576908&t0=1629293347955&li0=1629293343448 Requested by Host: www.politico.eu URL: https://www.politico.eu/article/muammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.204.129 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-204-129.eu-west-1.compute.amazonaws.com Software / Resource Hash 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:09 GMT content-length 37 content-type image/gif
GET H2	200	adsct Show response analytics.twitter.com/i/	31 B 657 B	156ms 124ms	Script application/javascript	104.244.42.131 TWITTER
General Check archive.org Show headers Download Go to Full URL https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.1&p_id=Twitter&p_user_id=0&txn_id=o2lae&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F Requested by Host: static.ads-twitter.com URL: https://static.ads-twitter.com/uwt.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.131 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:10 GMT content-encoding gzip x-content-type-options nosniff p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" status 200 OK x-twitter-response-tags BouncerCompliant content-length 57 x-xss-protection 0 pragma no-cache last-modified Wed, 18 Aug 2021 13:29:10 GMT server tsa_o x-frame-options SAMEORIGIN strict-transport-security max-age=631138519 content-type application/javascript;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 x-connection-hash 693cd7456406a26a0646b76b4d0520b1b6555e661d26e0c0fc410beb037ca16a x-transaction cb4e329cf2c8cf4a expires Tue, 31 Mar 1981 05:00:00 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 22 B	13ms 13ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j92&aip=1&a=355769248&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.politico.eu%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&ul=en-us&de=UTF-8&dt=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries%20%E2%80%93%20POLITICO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=10%25&_u=aEhAAEABAAAAAC~&jid=1089486326&gjid=164797474&cid=407738130.1629293343&tid=UA-4042686-1&_gid=1464699246.1629293350&_r=1&gtm=2wg8g0MLNH8XV&cd1=Foreign%20Affairs&cd2=Interest%20rates%2COil%2CSanctions&cd3=Giulia%20Paravicini&cd4=article&cd5=Millions%20flow%20from%20Gaddafi%E2%80%99s%20%E2%80%98frozen%20funds%E2%80%99%20to%20unknown%20beneficiaries&cd8=805282&cd10=en&cd11=February%208%2C%202018%204%3A02%20am&cd12=Thursday&cd15=Muammar%20Gaddafi&cd16=Belgium%2CLibya&z=1179547148 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 18 Aug 2021 13:29:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.politico.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	15ms 14ms	XHR text/plain	2a00:1450:400c:c04::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-4042686-1&cid=407738130.1629293343&jid=1089486326&gjid=164797474&_gid=1464699246.1629293350&_u=aEhAAEABAAAAAC~&z=2116871533 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 18 Aug 2021 13:29:10 GMT content-type text/plain access-control-allow-origin https://www.politico.eu cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	ga-audiences www.google.com/ads/	42 B 63 B	30ms 30ms	Image image/gif	2a00:1450:4001:813::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-4042686-1&cid=407738130.1629293343&jid=1089486326&_u=aEhAAEABAAAAAC~&z=167708668 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 18 Aug 2021 13:29:10 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 107 B	28ms 28ms	Image image/gif	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-4042686-1&cid=407738130.1629293343&jid=1089486326&_u=aEhAAEABAAAAAC~&z=167708668 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 18 Aug 2021 13:29:10 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	e.gif new-collect.albacross.com/	37 B 102 B	30ms 30ms	Image image/gif	52.30.204.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=d5da09ef-9e9e-e95e-4991-375dace4e0f3&v0=7c7a020c-5797-b8c9-7b28-13b7be1a0c9f&p0=8e4b59f1-df17-cb41-e66d-4c0dd4f1725a&u0=e3e786ce-bb92-e97f-1f96-abacf1efd637&c0=89576908&t0=1629293350205&li0=1629293343448 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.204.129 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-204-129.eu-west-1.compute.amazonaws.com Software / Resource Hash 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:12 GMT content-length 37 content-type image/gif
GET H2	200	ping ping.chartbeat.net/	43 B 200 B	103ms 103ms	Image image/gif	54.224.173.8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=politico.eu&p=%2Farticle%2Fmuammar-gaddafi-frozen-funds-belgium-unknown-beneficiaries%2F&u=Bfrv35CRc2Vq833fQ&d=politico.eu&g=33430&g0=Foreign%20Affairs&g1=Giulia%20Paravicini&n=1&f=00001&c=0.25&x=0&m=0&y=10490&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1123&t=BNkZlwB93hjBB6ArGYC04tY4CAo10O&V=128&tz=-120&sn=2&sv=DqT2gvCnpl7-CuqKOhtvLvZdGVil&sd=1&im=067b0fff&_ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.224.173.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-224-173-8.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Wed, 18 Aug 2021 13:29:18 GMT cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif content-length 43 expires 0
GET H2	200	e.gif new-collect.albacross.com/	37 B 102 B	30ms 29ms	Image image/gif	52.30.204.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview_ping&ci0=adc21185-c988-3fe7-0df4-4020fdd375c7&v0=5051279a-c796-28c2-69f6-fafbecdc8239&p0=8e4b59f1-df17-cb41-e66d-4c0dd4f1725a&u0=b6a96295-51ff-822a-9ab3-6db771121bb1&c0=89576908&t0=1629293358081&li0=1629293343448 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.204.129 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-204-129.eu-west-1.compute.amazonaws.com Software / Resource Hash 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d Request headers Referer https://www.politico.eu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 18 Aug 2021 13:29:18 GMT content-length 37 content-type image/gif