www.nwaonline.com Open in urlscan Pro
2606:4700:20::ac43:4735 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Submission: On March 05 via api (March 5th 2022, 2:16:29 pm UTC) from US — Scanned from DE

Summary HTTP 160 Redirects Links 33 Behaviour Indicators

Summary

This website contacted 63 IPs in 10 countries across 51 domains to perform 160 HTTP transactions. The main IP is 2606:4700:20::ac43:4735, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.nwaonline.com. The Cisco Umbrella rank of the primary domain is 323914.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2021. Valid for: a year.

This is the only time www.nwaonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:20:... 2606:4700:20::ac43:4735	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	208.91.60.7 208.91.60.7	14244 (NSIHOSTIN...) (NSIHOSTING-EQX-VA)
1	2606:4700::68... 2606:4700::6812:551	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82f::2014	15169 (GOOGLE) (GOOGLE)
1	143.204.98.65 143.204.98.65	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3033::6815:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
1 4	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.107.254.252 34.107.254.252	15169 (GOOGLE) (GOOGLE)
7	162.244.66.114 162.244.66.114	18501 (CODERO-DFW) (CODERO-DFW)
3	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.98.38 143.204.98.38	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	104.18.12.242 104.18.12.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:e8a... 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4	14618 (AMAZON-AES) (AMAZON-AES)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
3	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
3	18.184.249.62 18.184.249.62	16509 (AMAZON-02) (AMAZON-02)
1	52.28.154.195 52.28.154.195	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	35.211.165.199 35.211.165.199	19527 (GOOGLE-2) (GOOGLE-2)
3 5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
6	64.202.112.127 64.202.112.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2 6	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
2 4	18.193.253.133 18.193.253.133	16509 (AMAZON-02) (AMAZON-02)
2 2	18.184.108.74 18.184.108.74	16509 (AMAZON-02) (AMAZON-02)
8 11	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:48c:2850:f91f:4df0	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
2 2	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.182 213.155.156.182	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
4	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1 1	51.79.83.225 51.79.83.225	16276 (OVH) (OVH)
1 2	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	54.239.37.23 54.239.37.23	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
160	63

2 2606:4700:20::ac43:4735 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.nwaonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 208.91.60.7 (United States)

ASN14244 (NSIHOSTING-EQX-VA, US)

wehco.media.clients.ellingtoncms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:551 (United States)

ASN13335 (CLOUDFLARENET, US)

32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

wehco-bi.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-65.fra50.r.cloudfront.net

s336.nwaonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

32486ac9-2d2f-4adf-abee-f255f399471e.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.14 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.107.254.252 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 162.244.66.114 (United States)

ASN18501 (CODERO-DFW, US)
PTR: 162-244-66-114.dedicated.codero.net

magnetapi.klangoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.klangoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
magnetapi2.klangoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
magnetrack.klangoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-38.fra50.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.resonate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

cdn.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

ascendeum-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.184.249.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-249-62.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.154.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-154-195.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.211.165.199 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 199.165.211.35.bc.googleusercontent.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 64.202.112.127 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplify-imp.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1-nydc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1t-nydc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.193.253.133 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-253-133.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.108.74 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-108-74.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.212.130 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:48c:2850:f91f:4df0 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (Leesburg, United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.39 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.182 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-182.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.79.83.225 (Beauharnois, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-us-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:db6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.239.37.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 417 ads.pubmatic.com — Cisco Umbrella Rank: 419 image6.pubmatic.com — Cisco Umbrella Rank: 571 simage2.pubmatic.com — Cisco Umbrella Rank: 554 image2.pubmatic.com — Cisco Umbrella Rank: 774 image4.pubmatic.com — Cisco Umbrella Rank: 765 simage4.pubmatic.com — Cisco Umbrella Rank: 1012	28 KB
14	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	152 KB
14	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1147 widget-pixels.outbrain.com — Cisco Umbrella Rank: 1428 odb.outbrain.com — Cisco Umbrella Rank: 1329 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 4647 amplify-imp.outbrain.com — Cisco Umbrella Rank: 4426	93 KB
12	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 412 eus.rubiconproject.com — Cisco Umbrella Rank: 503 token.rubiconproject.com — Cisco Umbrella Rank: 595 pixel.rubiconproject.com — Cisco Umbrella Rank: 289	16 KB
9	gstatic.com fonts.gstatic.com	306 KB
9	ellingtoncms.com wehco.media.clients.ellingtoncms.com — Cisco Umbrella Rank: 106366	405 KB
7	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 512 eb2.3lift.com — Cisco Umbrella Rank: 346	5 KB
7	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 275 s.amazon-adsystem.com Failed aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1352	42 KB
7	klangoo.com magnetapi.klangoo.com — Cisco Umbrella Rank: 78821 cdn.klangoo.com — Cisco Umbrella Rank: 80584 magnetapi2.klangoo.com — Cisco Umbrella Rank: 199889 magnetrack.klangoo.com — Cisco Umbrella Rank: 100010	44 KB
7	permutive.com cdn.permutive.com — Cisco Umbrella Rank: 2147 api.permutive.com — Cisco Umbrella Rank: 1691	3 KB
6	yahoo.com 2 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 682 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416 ads.yahoo.com — Cisco Umbrella Rank: 816	12 KB
6	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 3759 log.outbrainimg.com — Cisco Umbrella Rank: 1961 zem.outbrainimg.com — Cisco Umbrella Rank: 2613 images.outbrainimg.com — Cisco Umbrella Rank: 1845	71 KB
6	teads.tv a.teads.tv — Cisco Umbrella Rank: 1118 t.teads.tv — Cisco Umbrella Rank: 2303	133 KB
5	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 293	2 KB
5	bidswitch.net 2 redirects grid.bidswitch.net — Cisco Umbrella Rank: 977 x.bidswitch.net — Cisco Umbrella Rank: 257	2 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 205 acdn.adnxs.com — Cisco Umbrella Rank: 523	26 KB
4	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 524	2 KB
4	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2029	84 KB
3	zemanta.com 1 redirects b1-nydc1.zemanta.com — Cisco Umbrella Rank: 4571 b1t-nydc1.zemanta.com — Cisco Umbrella Rank: 4055 b1sync.zemanta.com — Cisco Umbrella Rank: 528	555 B
3	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 989	346 B
3	cheqzone.com ob.cheqzone.com — Cisco Umbrella Rank: 7646 obs.cheqzone.com — Cisco Umbrella Rank: 4536	20 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 828	102 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 251	92 KB
3	appspot.com wehco-bi.appspot.com — Cisco Umbrella Rank: 221599	1 KB
3	nwaonline.com 1 redirects www.nwaonline.com — Cisco Umbrella Rank: 323914 s336.nwaonline.com — Cisco Umbrella Rank: 481967	53 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1469 mwzeom.zeotap.com — Cisco Umbrella Rank: 1307	899 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4364	637 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 384	1 KB
2	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 434	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2159	1 KB
2	openx.net ascendeum-d.openx.net — Cisco Umbrella Rank: 44949 u.openx.net — Cisco Umbrella Rank: 621	472 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 88	51 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	126 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 565
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 707	610 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 1868	398 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1438	501 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 617	362 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 690	412 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 193	593 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	349 B
1	connatix.com cdn.connatix.com — Cisco Umbrella Rank: 12696
1	resonate.com cdn.resonate.com — Cisco Umbrella Rank: 7842	169 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 329	1 KB
1	prmutv.co 32486ac9-2d2f-4adf-abee-f255f399471e.prmutv.co — Cisco Umbrella Rank: 238727	489 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	4 KB
1	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1373	114 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3112	115 KB
1	permutive.app 32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app — Cisco Umbrella Rank: 186435	75 KB
0	postrelease.com Failed jadserve.postrelease.com Failed
0	blueconic.net Failed wehco.blueconic.net Failed
160	51

	Domain	Requested by
11	cm.g.doubleclick.net	8 redirects eb2.3lift.com www.nwaonline.com
10	widgets.outbrain.com	www.nwaonline.com widgets.outbrain.com
9	fonts.gstatic.com	fonts.googleapis.com
9	wehco.media.clients.ellingtoncms.com	www.nwaonline.com
6	eb2.3lift.com	2 redirects wehco.media.clients.ellingtoncms.com eb2.3lift.com
6	api.permutive.com	32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app www.nwaonline.com
5	match.adsrvr.org	3 redirects eb2.3lift.com www.nwaonline.com
4	token.rubiconproject.com	4 redirects
4	image2.pubmatic.com	ads.pubmatic.com www.nwaonline.com
4	simage2.pubmatic.com	ads.pubmatic.com www.nwaonline.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	x.bidswitch.net	2 redirects www.nwaonline.com eb2.3lift.com
4	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
4	c.amazon-adsystem.com	wehco.media.clients.ellingtoncms.com c.amazon-adsystem.com
4	ib.adnxs.com	1 redirects 32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app wehco.media.clients.ellingtoncms.com acdn.adnxs.com
3	aax-eu.amazon-adsystem.com	2 redirects www.nwaonline.com
3	pixel.rubiconproject.com	1 redirects www.nwaonline.com
3	btlr.sharethrough.com	wehco.media.clients.ellingtoncms.com
3	c2shb.ssp.yahoo.com	wehco.media.clients.ellingtoncms.com
3	fastlane.rubiconproject.com	wehco.media.clients.ellingtoncms.com
3	securepubads.g.doubleclick.net	wehco.media.clients.ellingtoncms.com securepubads.g.doubleclick.net
3	t.teads.tv	www.nwaonline.com
3	use.fontawesome.com	wehco.media.clients.ellingtoncms.com use.fontawesome.com
3	a.teads.tv	www.nwaonline.com a.teads.tv
3	wehco-bi.appspot.com	www.nwaonline.com ajax.googleapis.com
2	d5p.de17a.com	2 redirects
2	sync.mathtag.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	px.ads.linkedin.com	eb2.3lift.com www.nwaonline.com
2	a.sportradarserving.com	2 redirects
2	eus.rubiconproject.com	wehco.media.clients.ellingtoncms.com eus.rubiconproject.com
2	ads.pubmatic.com	wehco.media.clients.ellingtoncms.com www.nwaonline.com
2	magnetrack.klangoo.com	www.nwaonline.com
2	magnetapi2.klangoo.com	cdn.klangoo.com
2	images.outbrainimg.com	www.nwaonline.com
2	log.outbrainimg.com	widgets.outbrain.com
2	obs.cheqzone.com	ob.cheqzone.com www.nwaonline.com
2	www.youtube.com	www.nwaonline.com www.youtube.com
2	magnetapi.klangoo.com	www.nwaonline.com magnetapi.klangoo.com
2	www.googletagmanager.com	www.nwaonline.com www.googletagmanager.com
2	fonts.googleapis.com	wehco.media.clients.ellingtoncms.com
2	www.nwaonline.com	1 redirects
1	simage4.pubmatic.com	ads.pubmatic.com
1	id.rlcdn.com	www.nwaonline.com
1	ads.yahoo.com	www.nwaonline.com
1	um.simpli.fi	www.nwaonline.com
1	mwzeom.zeotap.com	www.nwaonline.com
1	spl.zeotap.com	1 redirects
1	pixel.onaudience.com	1 redirects
1	image4.pubmatic.com	www.nwaonline.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ad.turn.com	1 redirects
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	acdn.adnxs.com	wehco.media.clients.ellingtoncms.com
1	u.openx.net	wehco.media.clients.ellingtoncms.com
1	b1t-nydc1.zemanta.com	widgets.outbrain.com
1	b1-nydc1.zemanta.com	widgets.outbrain.com
1	amplify-imp.outbrain.com	widgets.outbrain.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	zem.outbrainimg.com	www.nwaonline.com
1	odb.outbrain.com	widgets.outbrain.com
1	cdn.klangoo.com	magnetapi.klangoo.com
1	www.google-analytics.com	www.googletagmanager.com
1	grid.bidswitch.net	wehco.media.clients.ellingtoncms.com
1	hbopenbid.pubmatic.com	wehco.media.clients.ellingtoncms.com
1	tlx.3lift.com	wehco.media.clients.ellingtoncms.com
1	ascendeum-d.openx.net	wehco.media.clients.ellingtoncms.com
1	cdn.connatix.com	a.teads.tv
1	cdn.resonate.com	www.nwaonline.com
1	ob.cheqzone.com	widgets.outbrain.com
1	z.moatads.com	s7.addthis.com
1	widget-pixels.outbrain.com	www.nwaonline.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	cdn.permutive.com	32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app
1	32486ac9-2d2f-4adf-abee-f255f399471e.prmutv.co	32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app
1	ajax.googleapis.com	wehco-bi.appspot.com
1	cdn.jsdelivr.net	wehco.media.clients.ellingtoncms.com
1	s7.addthis.com	www.nwaonline.com
1	s.ntv.io	www.nwaonline.com
1	s336.nwaonline.com	www.nwaonline.com
1	32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app	www.nwaonline.com
0	s.amazon-adsystem.com Failed	eb2.3lift.com
0	jadserve.postrelease.com Failed	s.ntv.io
0	wehco.blueconic.net Failed	s336.nwaonline.com
160	87

This site contains links to these domains. Also see Links.

Domain
nwamedia.photoshelter.com
www.getoutintheozarks.com
celebrations.nwaonline.com
marketplace.nwaonline.com
www.nwajobfinder.com
www.jobsarkansas.com
www.nwahomes.com
www.autosarkansas.com
www.nwadealpiggy.com
promotions.nwadg.com
texttaponit.com
www.nwadgrewards.com
www.facebook.com
twitter.com
www.instagram.com
www.bleacherbreaker.com
r1-usc1.zemanta.com
www.outbrain.com
wholehogsports.com
bvwv.nwaonline.com
www.eagleobserver.com
freeweekly.com
mdcp.nwaonline.com
www.laprensanwa.com
hl.nwaonline.com
tnebc.nwaonline.com
wcel.nwaonline.com
northwest.jobsarkansas.com
www.nwadg.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-27` - `2022-06-26`	a year	crt.sh
*.media.clients.ellingtoncms.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-31` - `2022-06-11`	a year	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
*.appspot.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
v446.timesfreepress.com Amazon	`2021-11-30` - `2022-12-29`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-12-04` - `2022-12-06`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.prmutv.co R3	`2022-01-19` - `2022-04-19`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2022-02-26` - `2023-02-25`	a year	crt.sh
api.permutive.com R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
*.klangoo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-12` - `2022-03-30`	a year	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.cheqzone.com Amazon	`2022-01-22` - `2023-02-20`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2021-08-20` - `2022-09-21`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-29` - `2022-08-29`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2022-09-01`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Frame ID: 7D0C9430EB2DBF692AB9709B26A37E61
Requests: 109 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: B57A82D511BAAA268AB1D9E93C960EFA
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: C40CDAF1DF940BDD68B8D6AAD4CDAC1F
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: A661AC5191313D7222FECC51ED458EE0
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: A1E18ED673877054A24EE94287E723CB
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158314
Frame ID: 9A641970444947781CBAE2F57770C8C0
Requests: 12 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E134A5BBCAF921D2908C158A918D9D04
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 259D2D2EAA85593D020D9D4FF82545F7
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5BD1897C3DBA202161A935C8E2D9F068
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B1AFFC54-324C-433E-80D6-13A61D5FAAD2
Frame ID: 580A385442B62DAA1C471654CAA4A9A5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:62616223-70a4-4600-a455-746d69a6f15d&gdpr=0&gdpr_consent=
Frame ID: 65BF6BBE9492307BC4CF810D1FAA5B3B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8671275517256877988
Frame ID: 2CFF11347266460E8F7F5EF7DFBA5AD1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A0CDE013440E0D92B602C0AA53807090
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7071619689582229650
Frame ID: 4731788F5B7538E24CECA325C99389B1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Arvest acts on breach reports

Page URL History Show full URLs

https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118 HTTP 301
https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/ Page URL

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

160
Requests

84 %
HTTPS

28 %
IPv6

51
Domains

87
Subdomains

63
IPs

10
Countries

2171 kB
Transfer

5387 kB
Size

61
Cookies

33 Outgoing links

These are links going to different origins than the main page.

URL: http://nwamedia.photoshelter.com/
Title: Photos

Search URL Search Domain Scan URL

URL: http://nwamedia.photoshelter.com/gallery-collection/Society/C0000CChWcp2.h7o
Title: Society galleries

Search URL Search Domain Scan URL

URL: http://nwamedia.photoshelter.com/gallery-collection/High-School-Sports/C000037iUYrvFc_Q
Title: Prep Galleries

Search URL Search Domain Scan URL

URL: http://nwamedia.photoshelter.com/gallery-collection/Razorback-Sports/C0000iQzyYYlYP.Q
Title: Razorbacks Galleries

Search URL Search Domain Scan URL

URL: https://www.getoutintheozarks.com/
Title: Get Out in the Ozarks

Search URL Search Domain Scan URL

URL: https://celebrations.nwaonline.com/
Title: Celebrations

Search URL Search Domain Scan URL

URL: http://marketplace.nwaonline.com/marketplace/
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://www.nwajobfinder.com/
Title: NWA Job Finder

Search URL Search Domain Scan URL

URL: https://www.jobsarkansas.com/
Title: Jobs Arkansas

Search URL Search Domain Scan URL

URL: http://www.nwahomes.com/
Title: Homes

Search URL Search Domain Scan URL

URL: http://www.autosarkansas.com/
Title: Autos

Search URL Search Domain Scan URL

URL: https://www.nwadealpiggy.com/
Title: Deal Piggy

Search URL Search Domain Scan URL

URL: https://promotions.nwadg.com/
Title: Contests

Search URL Search Domain Scan URL

URL: https://texttaponit.com/nwarkansas?utm_source=wehco&utm_medium=email
Title: TapOnIt Mobile Deals

Search URL Search Domain Scan URL

URL: https://www.nwadgrewards.com/
Title: Reader Rewards

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nwademgaz/

Search URL Search Domain Scan URL

URL: https://twitter.com/nwademgaz/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nwademgaz/

Search URL Search Domain Scan URL

URL: https://www.bleacherbreaker.com/celebrity/das-sind-die-jungsten-milliardarinnen-der-welt/?utm_campaign=ybf-d-de-c-0-0-211113-bb-ob-0&utm_source=ob&utm_medium=$section_id$-ob&utm_content=007eacedc54a12be60e2fc8f4288101379&utm_cpc=$cpc$&obOrigUrl=true
Title: 60 der schönsten weiblichen Milliardäre BleacherBreaker

Search URL Search Domain Scan URL

URL: https://r1-usc1.zemanta.com/rp2/b1_outbrainrtb/14856159/63557061/NQQLMJN7D7DJLNTPKQ37Z5GGUCQG5JM4IH2NB4C4XPJZSRB7LI2QSDRRBRXWO2VCK7DH34TANFK7XCNN366VRG6PUNUSLSRL367O6SY4NQXMX3OR5PS4IHVZJOWJ4IHN5VC33H4S4NEQIULACB3UWZ7TA4QNXIUVUB2S3JGC7AV4FCWK4LOGAMQ3QJE3EONE6HETRTEBHUFEH7J67LYORUAFE5I2TFPGTDRGLJDC3RCUR2233AON4BSK5PGFQMNMSG54QOYL3VQTUETPUP45WWM2RS4JCGFNLR22EUVBIGOZUEHP6LML4NG6CNIN2RTAQKP4WRYIQTQJ6SWBOVGIWDVXCQCPKKDSOX4EG43A6NMBVLO6YTH4FQOD5EYGRMBJWPQQDNZTKIQFP3XGKLPW7LRSBJ6C5HHY3WESI5VD5MD4KRV7D2QFU5PB6SN6ZK4GJGAWA5RU5FSMMWDWUMJ34IHB3CHCOUN6CITR3JLQXMNIFCOATANE37BZM76FQF6JOFDRFTRPZE6NY7VKFZZDW5FBCEQUDTMBLKDWMIOVWXEKR2V3KUGKUPERCKAWOCA4LO2DPAMIRWBL2NKUKVEBZWIS6OOLM7U6MMGCW2L6OMWYY5WRC7N576V6P3OLNEECTUXV2M7UQ6GDO3NO3R63EBHWEILGA2YJZYYDSUKY3SP6J5CDC5A4MDSA4RJJWBPL4R3VHJZOC5P7AYJDCYEH2DXQTH72PYTLZPRGEIU7LCAX7CGQK5QIGJQEMT6IOVMS7HQRG2DHRCTGZPZVFL27TZ6SVI/?obOrigUrl=true
Title: [Bilder]Steffi Grafs Tochter ist erwachsen geworden Read More SmartTelly

Search URL Search Domain Scan URL

URL: https://www.bleacherbreaker.com/trending/schwindelerregenden-fotos/?utm_campaign=ywb-d-de-n-0-0-220225-bb-ob-0&utm_source=ob&utm_medium=$section_id$-ob&utm_content=00fc4da343a9427b3115439ac348171a1b&utm_cpc=$cpc$&obOrigUrl=true
Title: 16 Fotos, die nicht gestellt sind – aber so aussehen! BleacherBreaker

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: http://wholehogsports.com/
Title: Whole Hog Sports

Search URL Search Domain Scan URL

URL: http://bvwv.nwaonline.com/
Title: Bella Vista Weekly Vista

Search URL Search Domain Scan URL

URL: http://www.eagleobserver.com/
Title: Westside Eagle Observer

Search URL Search Domain Scan URL

URL: http://freeweekly.com/
Title: The Free Weekly

Search URL Search Domain Scan URL

URL: http://mdcp.nwaonline.com/
Title: McDonald County Press

Search URL Search Domain Scan URL

URL: http://www.laprensanwa.com/
Title: La Prensa Libre

Search URL Search Domain Scan URL

URL: http://hl.nwaonline.com/
Title: The Herald-Leader

Search URL Search Domain Scan URL

URL: http://tnebc.nwaonline.com/
Title: Pea Ridge Times

Search URL Search Domain Scan URL

URL: http://wcel.nwaonline.com/
Title: Wash Co Enterprise Leader

Search URL Search Domain Scan URL

URL: https://northwest.jobsarkansas.com/
Title: NWA Job Finder

Search URL Search Domain Scan URL

URL: https://www.nwadg.com/staff/
Title: contact us.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118 HTTP 301
https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://match.adsrvr.org/track/cmf/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=79f73579-173c-4ac9-aef4-7d0cb40f0b84,7cd93580-99f1-47d3-aed8-baf5dd90f8c6 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=79f73579-173c-4ac9-aef4-7d0cb40f0b84,7cd93580-99f1-47d3-aed8-baf5dd90f8c6 HTTP 302
https://api.permutive.com/v2.0/px/sync?ku=79f73579-173c-4ac9-aef4-7d0cb40f0b84,7cd93580-99f1-47d3-aed8-baf5dd90f8c6&alias=d6623602-8f12-4749-aa36-8c3bfe2e2396&type=tradedesk

Request Chain 116

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 121

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a6d9bc97-50ab-49ed-ba02-d83f553a72cf&ssp=themediagrid

Request Chain 124

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk5NzM4MzgyOTIzNDM0OTQwMjUw

Request Chain 126

https://pr-bh.ybp.yahoo.com/sync/triplelift/399738382923434940250?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-TuaTCfhE2oQl10wvs0f2vxgvvvVCObAcoiaXZZm79A--~A&dongle=0883

Request Chain 130

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 131

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=3104886536572414942&dongle=d407

Request Chain 135

https://c1.adform.net/serving/cookie/match?party=14&cid=B1AFFC54-324C-433E-80D6-13A61D5FAAD2 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B1AFFC54-324C-433E-80D6-13A61D5FAAD2

Request Chain 136

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:62616223-70a4-4600-a455-746d69a6f15d&gdpr=0&gdpr_consent=

Request Chain 137

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8671275517256877988

Request Chain 139

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7071619689582229650

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sa_8VDJMQz6A1hOmHV-q0g%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sa_8VDJMQz6A1hOmHV-q0g%3D%3D&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 141

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e5166223-70a4-4600-9b10-d89978bcb8a1

Request Chain 142

https://pixel.onaudience.com/?partner=214&mapped=B1AFFC54-324C-433E-80D6-13A61D5FAAD2 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=c6b148f906477722 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=74c00f14-10cd-4e98-53d0-e2dbd2a2e608&reqId=2cdf29c9-9266-471a-5785-94816519f6ed&zcluid=c6b148f906477722&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESED7quEL27anqEtBZJT6Rf30&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=74c00f14-10cd-4e98-53d0-e2dbd2a2e608&reqId=2cdf29c9-9266-471a-5785-94816519f6ed&zcluid=c6b148f906477722&zdid=1332

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjFBRkZDNTQtMzI0Qy00MzNFLTgwRDYtMTNBNjFENUZBQUQy&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjFBRkZDNTQtMzI0Qy00MzNFLTgwRDYtMTNBNjFENUZBQUQy&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPnVpJ6oArG4bR2lmjKuNHg&google_cver=1

Request Chain 146

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2307799097925015183

Request Chain 147

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d6623602-8f12-4749-aa36-8c3bfe2e2396

Request Chain 148

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2989019449780359481&gdpr=0&gdpr_consent=

Request Chain 149

https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0DXHQ5F-L-BPNH&sigv=1&esig=2~416c2f38375dc3eb9497c7faf72a09a4c50080c2&us_privacy=1---

Request Chain 150

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/TRG05vT81wrwazVSnublFw?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3614813532054188472

Request Chain 151

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_sVWXW4fS3y5MlMdMUYxRA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_sVWXW4fS3y5MlMdMUYxRA

Request Chain 152

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTIxODQxNWQwMGM4ODE3NGNjNjZlY2E5NTExYzY5YTExYTI3NmQzMA&us_privacy=1---

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGl13QW3LwugcziPcVBsQAE&google_cver=1

Request Chain 155

https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0DXHQ5F-L-BPNH&us_privacy=1---

160 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Redirect Chain

https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118
https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

34 KB
10 KB

618ms
618ms

Document
text/html

2606:4700:20::ac43:4735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4735 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f101503eee703c16c4256e003cffec0e78643c84806ec36739b4e66bac87ed5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 05 Mar 2022 14:15:58 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Cookie
x-object-type: news.story
x-object-id: 629912
expires: Sat, 05 Mar 2022 14:16:58 GMT
cache-control: max-age=60
x-beatles: ellington4-app-12
x-varnish: 1382404322
age: 0
via: 1.1 varnish
x-frame-options: SAMEORIGIN
x-cache: MISS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LrevnzZ3SJAyig6d6GHIDMHOeQiVWRmtBTJDlJUkIW%2BVDoYEmLXtPzrwdvIPdTHVoTW1fkEaoh%2F6jedm%2F%2BiSTi13PmCYiBB5WLNVddhq2iu3OQjeDLZkpaszKHrEyewIwS13SNyMfRnImrSWClvY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 6e73777abf3d9ba0-FRA
content-encoding: br

Redirect headers

date: Sat, 05 Mar 2022 14:15:57 GMT
content-type: text/html; charset=utf-8
location: /news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
x-beatles: ellington4-app-5
accept-ranges: bytes
x-varnish: 1382403362
age: 0
via: 1.1 varnish
x-frame-options: SAMEORIGIN
x-cache: MISS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzeKCwYyKhIzF08txfawigC7svbKRXK31qxQzQk2wwsdpFcmPi1sIMB%2FALsmuB0rHU4ZAxIkRjXJpl8xQhKk8%2FG59uHS6%2FdvlFhxIs98YHNVpLhW%2F%2FPgk819JnIWhkxrpQabCJjCC229mrKQuz6P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
server: cloudflare
cf-ray: 6e737730ca0f9ba0-FRA

GET
H/1.1 200
OK styles.css
wehco.media.clients.ellingtoncms.com/static-4/css/ 57 KB
9 KB 712ms
169ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: https://wehco.media.clients.ellingtoncms.com/static-4/css/styles.css
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS
Software: nginx /
Resource Hash: 824043c5d884d7a8d3aaf975c9462240670fc3d97be8c0bbe46327b01a53a8d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:15:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Oct 2021 16:13:43 GMT
Server: nginx
Age: 0
ETag: W/"881040031"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: MISS
Content-Type: text/css
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
X-Cache-Hits: 0

GET
H/1.1 200
OK newseditor.css
wehco.media.clients.ellingtoncms.com/static-4/nwa_redesign/dist/css/ 26 KB
5 KB 715ms
171ms Stylesheet
text/css 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: https://wehco.media.clients.ellingtoncms.com/static-4/nwa_redesign/dist/css/newseditor.css
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS
Software: nginx /
Resource Hash: 501d697b0aac4c8b7a7b993801dc41e15600042be5fb178c59aa788a3a711b7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:15:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Nov 2021 16:30:58 GMT
Server: nginx
Age: 0
ETag: W/"300204444"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: MISS
Content-Type: text/css
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
X-Cache-Hits: 0

GET
H2 200 32486ac9-2d2f-4adf-abee-f255f399471e-web.js Show response
32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app/ 275 KB
75 KB 724ms
31ms Script
application/javascript 2606:4700::6812:551
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app/32486ac9-2d2f-4adf-abee-f255f399471e-web.js
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:551 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba0c6f678bcf2407d62a232bc2841aa3b9c6281ed0adceaf8caeeb38328378c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 32486ac9-2d2f-4adf-abee-f255f399471e
age: 167
x-guploader-uploadid: ADPycdsIlDzcv0RXGLkDdIgtOankULEAovUM6ezw4mPkehy5wmCUU791-QGijnsywUbGwMYn3jSIx3RUUO-uEbFwd4A
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/javascript
last-modified: Thu, 03 Mar 2022 16:42:04 GMT
server: cloudflare
etag: W/"1fc93542321716501d0d075b20ff453b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=ifP91A==, md5=H8k1QjIXFlAdDQdbIP9FOw==
x-goog-generation: 1646325724963316
cache-control: public, max-age=900
x-goog-stored-content-length: 78458
cf-ray: 6e737788bb1b9bb8-FRA
expires: Sat, 05 Mar 2022 14:31:00 GMT

GET
H/1.1 200
OK prebid.js Show response
wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/ 283 KB
84 KB 122ms
122ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS
Software: nginx /
Resource Hash: 409b4627c5ef5cd5dd4a9c09a29b7ec881970d109b084f275a9b3b4dc99f038d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Feb 2022 20:40:57 GMT
Server: nginx
Age: 0
ETag: W/"1217682687"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: MISS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
X-Cache-Hits: 0

GET
H2 200 google-natural-language-v1-min.js Show response
wehco-bi.appspot.com/static/js/ 2 KB
1 KB 137ms
36ms Script
application/javascript 2a00:1450:4001:82f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://wehco-bi.appspot.com/static/js/google-natural-language-v1-min.js
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e4eda306f2139535f80071029f8e6f6defa8230902ecfb4adda331dd0ddc1ed0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:15:57 GMT
content-encoding: gzip
server: Google Frontend
age: 1
etag: "RqjrNw"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 78294c622a6c21b7bff9a3537f80a329
cache-control: public, max-age=10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 983
expires: Sat, 05 Mar 2022 14:16:07 GMT

GET
H2 200 script.js Show response
s336.nwaonline.com/ 147 KB
43 KB 46ms
11ms Script
text/javascript 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s336.nwaonline.com/script.js

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-65.fra50.r.cloudfront.net

Software

- /

Resource Hash

b0b21fec8e4fcab31246cab94399945c95b0e2858a03c03af518459fda2e2cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:13:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 288
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 43694
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Mar 2022 05:09:23 GMT
server: -
etag: 4247404f0c0d881f148aec355b03e345
content-type: text/javascript; charset=utf-8
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=600
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: c5IBTXU3YhQTjFKJNI5CPnBgdaH4bf8XuGuKzkzb5S2l6Bd3aXUzRg==
expires: Sat, 05 Mar 2022 14:21:12 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 392 KB
115 KB 59ms
24ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 36a588822bfb9e3d351da79c492ed62f9d98275d59f611a50b0f37ae11731a34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:00 GMT
Content-Encoding: gzip
x-amz-request-id: Z0CM2CQ8ZKF580NM
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: xO0476HKDo2I2bzrkOt82TIHn1NDM5mgQ+gUqQ9cf8Psk5spTqpqXoQy57zz0TFOHhRx62B7mxo=
Last-Modified: Thu, 10 Feb 2022 22:27:22 GMT
Server: AmazonS3
ETag: "93a3fdf08b1a28e64ac925822f0cc789"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 197 KB
68 KB 44ms
8ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e61bded631c76e734bedf448d8a3517fdcd323b1a158f2901cfa989ff01f2ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 13:04:55 GMT
etag: "16-OloL2QVVqPIjb0sygZzITasm+j0"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 622eb98ddb1e85f531112fb387710132
timing-allow-origin: *, *
content-length: 69349

GET
H2 200 tag Show response
a.teads.tv/page/67246/ 1 KB
898 B 66ms
16ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/67246/tag
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3ef2ab34d9864136d4d79b4f583cc4967f39ae8fde03e7e354ba468cc60c8168

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 698
expires: Sat, 05 Mar 2022 15:16:00 GMT

GET
H/1.1 200
OK nwadg-logo.svg
wehco.media.clients.ellingtoncms.com/static-4/nwa_redesign/dist/img/ 35 KB
35 KB 196ms
195ms Image
image/svg+xml 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wehco.media.clients.ellingtoncms.com/static-4/nwa_redesign/dist/img/nwadg-logo.svg
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS
Software: nginx /
Resource Hash: e73e0542029c2df6b0aa28ef20ef60d2e7aace5d8905400fefc243f0c0d37da7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:00 GMT
Last-Modified: Fri, 05 Nov 2021 16:30:59 GMT
Server: nginx
Age: 0
ETag: "3534014813"
X-Cache: MISS
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35761
X-Cache-Hits: 0

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 57ms
10ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sat, 05 Mar 2022 14:16:00 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK nwa-logo.png
wehco.media.clients.ellingtoncms.com/static-4/nwa_redesign/dist/img/ 13 KB
13 KB 315ms
314ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wehco.media.clients.ellingtoncms.com/static-4/nwa_redesign/dist/img/nwa-logo.png
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS
Software: nginx /
Resource Hash: e833be0e7f6978ffda6f94acd914dd1a84fe1545445c352d71be1f13f5f8f4d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:00 GMT
Last-Modified: Fri, 05 Nov 2021 16:30:59 GMT
Server: nginx
Age: 0
ETag: "990173397"
X-Cache: MISS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13388
X-Cache-Hits: 0

GET
H/1.1 200
OK all.js Show response
wehco.media.clients.ellingtoncms.com/static-4/scripts/ 157 KB
52 KB 104ms
104ms Script
text/javascript 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to

Full URL: https://wehco.media.clients.ellingtoncms.com/static-4/scripts/all.js
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS
Software: nginx /
Resource Hash: c6fef49f2d9458e2b8f43e0834aea5fa82c16be9c9b5db1c5443386310f7c8ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:15:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Nov 2021 15:11:06 GMT
Server: nginx
Age: 0
ETag: W/"1411137156"
Vary: Accept-Encoding, Accept-Encoding
X-Cache: MISS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive
X-Cache-Hits: 0

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 942ms
49ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i|Roboto:400,500,700

Requested by

Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b98964cf8fe02bd4be23245c2a901a360fb04025e4c461d5d4564b01d394db2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wehco.media.clients.ellingtoncms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Mar 2022 14:16:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 05 Mar 2022 14:16:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Mar 2022 14:16:00 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.8/css/ 35 KB
8 KB 62ms
22ms Stylesheet
text/css 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.8/css/all.css
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/css/styles.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wehco.media.clients.ellingtoncms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:15:59 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16720895
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 59A6EQQK52C3R2FC
x-amz-id-2: xPAz5qsfxNjD+y/87YKIDKvixXuM+528+RzVthGYlF2nX1MvhZHHZLd2P5NV44rO5FW07DWkGUI=
last-modified: Wed, 30 Jun 2021 15:28:03 GMT
server: cloudflare
etag: W/"265a36ec650d63e307e611cdf14d9b89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AhdCeMiXt47ce4KeMlGJsvRwYuNPkzuPrjLF71684cwJTWgwVBtRb%2B1k%2F1A4Yis6dDmqQaPn8bZyloef6MDFTCKOzD2%2FSjR3GtR%2FpKWWVIhDt6vS9rGuQuLm4tC0NPXbbEo6lrthB%2B%2BPaRg3eHHH3gOb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6e7377836a285c14-FRA

GET
H2 200 jquery.fancybox.min.css
cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/ 12 KB
4 KB 52ms
22ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/fancyapps/fancybox@3.5.7/dist/jquery.fancybox.min.css

Requested by

Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://wehco.media.clients.ellingtoncms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 424851
x-jsd-version: 3.5.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19128-FRA, cache-hhn4026-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6e73778358999bfb-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 202 KB
63 KB 149ms
61ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KXMHKG

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ecb1a5a62f6090f2d77ebc71750977933b6fcb1b3b46b23d8791ad8d4570b07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64238
x-xss-protection: 0
last-modified: Sat, 05 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 05 Mar 2022 14:16:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
87 KB 120ms
36ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: wehco-bi.appspot.com
URL: https://wehco-bi.appspot.com/static/js/google-natural-language-v1-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 12:03:54 GMT
x-content-type-options: nosniff
age: 353526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88145
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 12:03:54 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 177ms
90ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i|Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nwaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 240305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:30:55 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.8/webfonts/ 39 KB
40 KB 40ms
23ms Font
font/woff2 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.8/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.8/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3

Request headers

Referer: https://use.fontawesome.com/releases/v5.0.8/css/all.css
Origin: https://www.nwaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3375871
cf-ray: 6e7377893eb09010-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40148
x-amz-id-2: K60YV1Mdl/ZrxDsh0ffWpYPSPllOt4ej426A1iPcKxn7N8dLkHj4L3M60ZzI4JAFMA6MdVE83uk=
last-modified: Wed, 30 Jun 2021 15:28:16 GMT
server: cloudflare
etag: "0ab54153eeeca0ce03978cc463b257f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvEeKDSMAc%2FoUpEZS8YoE1sJwTooXZbS%2FBWXYz0qsKF7bNKNyzMRTPb%2FlfYJoDOzp%2FPw5rCAJvPPb5juCsOEiTG%2BHqhQ5Lhe8b0gWhnipZYnWY1A6xpnHRSxaQ0rWe1Wfn1lJZVb7du7Ilw6WZwccyxw"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 3PC8VWFZ7Y7KSTSE
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 pxid Show response
32486ac9-2d2f-4adf-abee-f255f399471e.prmutv.co/v2.0/ 46 B
489 B 74ms
19ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://32486ac9-2d2f-4adf-abee-f255f399471e.prmutv.co/v2.0/pxid?k=79f73579-173c-4ac9-aef4-7d0cb40f0b84
Requested by: Host: 32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app
URL: https://32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app/32486ac9-2d2f-4adf-abee-f255f399471e-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 814e0a77dd63313cabae0f4d6e6f88c510b0c8b67b5412edf022b48a1d0a956e

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.nwaonline.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
via: 1.1 google

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
707 B 51ms
16ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: 32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app
URL: https://32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app/32486ac9-2d2f-4adf-abee-f255f399471e-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Mar 2022 14:16:00 GMT
X-Proxy-Origin: 185.213.155.177; 185.213.155.177; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: abce7856-d24c-4f91-8e7a-f33f6791ce24
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.nwaonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 32486ac9-2d2f-4adf-abee-f255f399471e-models.bin Show response
cdn.permutive.com/models/v2/ 1 KB
2 KB 66ms
28ms XHR
application/x-binary 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/32486ac9-2d2f-4adf-abee-f255f399471e-models.bin
Requested by: Host: 32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app
URL: https://32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app/32486ac9-2d2f-4adf-abee-f255f399471e-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a0b51885852e8a21abc963f5325695bc6e3955f8ab1735b0a72f2079f6e1db

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-oid: 32486ac9-2d2f-4adf-abee-f255f399471e
age: 18
x-guploader-uploadid: ADPycduDVXWhQCi1_ucxJnuXnhaEKgXmdU9H5vblteFp2rVeRXjFeWrsF5KYEHQA33smopFQaTCrdkzg_QxPCipYA0hMGR8LZw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-type: application/x-binary
content-length: 846
last-modified: Sat, 05 Mar 2022 06:05:18 GMT
server: cloudflare
etag: "3a5132ddb65108bb857fc2efeba3641f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=fa+sdw==, md5=OlEy3bZRCLuFf8Lv66NkHw==
x-goog-generation: 1646460318245853
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 846
accept-ranges: bytes
cf-ray: 6e7377898b745c2c-FRA
expires: Sat, 05 Mar 2022 14:15:42 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 261 B
464 B 55ms
19ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=79f73579-173c-4ac9-aef4-7d0cb40f0b84
Requested by: Host: 32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app
URL: https://32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app/32486ac9-2d2f-4adf-abee-f255f399471e-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 39c5031fa5e04352d50fff0f766f4c5f77f2e30a45fcf73d0470bd41cd041394

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.nwaonline.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174
via: 1.1 google

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 2 B
96 B 62ms
26ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=79f73579-173c-4ac9-aef4-7d0cb40f0b84
Requested by: Host: 32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app
URL: https://32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app/32486ac9-2d2f-4adf-abee-f255f399471e-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.nwaonline.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
via: 1.1 google

GET
BLOB 200
OK 9fb48189-a569-4a06-b83f-86be530b249e
https://www.nwaonline.com/ 69 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.nwaonline.com/9fb48189-a569-4a06-b83f-86be530b249e
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 773b9ab702988e1f267e00341e5dab91ea4ff52301916ed0bbc2eabcfb8bd339

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 70416

GET
BLOB 200
OK 727d7656-ac20-490d-8b45-67574b639f3a
https://www.nwaonline.com/ 19 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.nwaonline.com/727d7656-ac20-490d-8b45-67574b639f3a
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e47f26aae345081dea62da35197fa79c79decf1010a9ff176d49a5595ed9b709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 19525

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 144ms
107ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i|Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nwaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 240282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:31:18 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 113ms
76ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i|Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nwaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 05:33:18 GMT
x-content-type-options: nosniff
age: 290562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 05:33:18 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 72ms
36ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i|Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nwaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 328571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 18:59:49 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v22/ 24 KB
24 KB 166ms
129ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i|Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nwaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:47:23 GMT
x-content-type-options: nosniff
age: 239317
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24408
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:13:08 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:47:23 GMT

GET
H2 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v22/ 24 KB
24 KB 154ms
118ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i|Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nwaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:52:16 GMT
x-content-type-options: nosniff
age: 239024
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24448
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:12:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:52:16 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 83ms
47ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,400i,700,700i,900,900i|Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nwaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 324485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 20:07:55 GMT

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.8/webfonts/ 53 KB
54 KB 21ms
21ms Font
font/woff2 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.8/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.8/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d4d5340bbe57a01d8f7992142e2763d438d5783890c76748306eebfa056a69

Request headers

Referer: https://use.fontawesome.com/releases/v5.0.8/css/all.css
Origin: https://www.nwaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3375871
cf-ray: 6e7377896f059010-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54488
x-amz-id-2: ry6ueNrou38FgYinE3G6S9Nn5bCyqTuFoBZBLqZjbgc1FmEUYjr6rH05ydYdpxPxZ8T7j4+UNF8=
last-modified: Wed, 30 Jun 2021 15:28:16 GMT
server: cloudflare
etag: "e8c322de9658cbeb8a774b6624167c2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QjLNfFQptTeg6uLIHlH2%2FUAIdwVW6s5f3uhCmp8TtoL1AnursmtyXhyx7RSwhwdEJGtjfubIVd2rvSBQxSXLeG2hZLcTihQjXelQgmhU%2BnO2ERtzJ6H58524XlyeNThjfSCdJ8AAuOrLX07nx9U6E5w"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 3PC9XV8DR4H8KA1J
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H/1.1 200
OK Widgets_324.js Show response
magnetapi.klangoo.com/w/ 7 KB
3 KB 548ms
135ms Script
application/javascript 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL

https://magnetapi.klangoo.com/w/Widgets_324.js

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

10403f32e61a3c952928b9b3cfed128c14576bbc52ddcadbcd9997a655a7b95c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:06 GMT
Content-Encoding: gzip
ETag: "801fea45e2d81:0"
Last-Modified: Wed, 05 Jan 2022 18:04:11 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2247

GET cs
wehco.blueconic.net/DG/DEFAULT/ 0
0

GET
H/1.1 200
OK d3d3Lm53YW9ubGluZS5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 45ms
8ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3Lm53YW9ubGluZS5jb20=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:00 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=23494
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 42dbcb8f6d227217d5ed8b2c2f79115d
Content-Length: 15
Expires: Sat, 05 Mar 2022 20:47:34 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 29ms
22ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=8.64296346727121
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Mon, 04 Apr 2022 14:16:00 GMT

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
91 B 42ms
25ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=79f73579-173c-4ac9-aef4-7d0cb40f0b84
Requested by: Host: 32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app
URL: https://32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app/32486ac9-2d2f-4adf-abee-f255f399471e-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 20d821160a5c05ea1eade5b72131cd2bb4680d039a60931ef6ff87a8d5741682

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.nwaonline.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
via: 1.1 google

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 600 KB
132 KB 7ms
7ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/67246/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e8653e8f23f19deea7c7252796520826bf80a333f6a78fb16e29a783d785701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: br
last-modified: Thu, 24 Feb 2022 15:26:29 GMT
x-amz-request-id: NVPEP4BRBEN52PCQ
etag: "b04207cfe4e924d2091d5eece3fe768c"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: f
accept-ranges: bytes
content-length: 134137
x-amz-id-2: bd4+QuIFd5N7usCQcMMyUmsG+qHV/TvETMLdAbyBlku1Bywj9MvBcgGkkMPyWLfbJGWBjv/Y+rA=
expires: Sat, 05 Mar 2022 14:46:00 GMT

GET t
jadserve.postrelease.com/ 0
0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 41ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=62124
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 48 KB
18 KB 54ms
10ms Script
text/javascript 143.204.98.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-38.fra50.r.cloudfront.net
Software: Caddy /
Resource Hash: 55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 10:59:25 GMT
content-encoding: gzip
server: Caddy
age: 11796
etag: "bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA50-C1
content-length: 18458
x-amz-cf-id: 4OCLgYa5Bu_P7ZsiBG-G02X-Oh3YR0WFBSs-V06cu28ElSRrQFv3IQ==
expires: Sat, 05 Mar 2022 22:59:24 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 74ms
47ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=c735ef3f-ee4c-4678-adf8-9517b8d4723e&pageId=67246&pid=72153&debug_metadata=AXZLJlcnrM&fv=999&ts=1646489760434&f=1&referer=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 74ms
48ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=c735ef3f-ee4c-4678-adf8-9517b8d4723e&pageId=67246&pid=72153&slot=polymorph&fv=999&ts=1646489760443&f=1&referer=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 ad Show response
a.teads.tv/page/67246/ 538 B
575 B 46ms
46ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/67246/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F&page=%7B%22id%22%3A67246%2C%22placements%22%3A%5B%7B%22id%22%3A72153%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A780%2C%22height%22%3A439%7D%2C%22slotType%22%3A%22polymorph%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=c735ef3f-ee4c-4678-adf8-9517b8d4723e&formatVersion=999&env=js-web&netBw=10&ttfb=618
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2039b4b8fbdc55ee9d1e99e4ef3c6467439a0987ec49f48c13bb8ffc10a059c7

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.nwaonline.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 366
expires: Sat, 05 Mar 2022 14:16:00 GMT

POST
H3 200 nl-data-api.php Show response
wehco-bi.appspot.com/ 61 B
87 B 174ms
174ms XHR
text/html 2a00:1450:4001:82f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://wehco-bi.appspot.com/nl-data-api.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 2f3dfe5b454f4e65ec99fdb97911ed03ddeb7d0205051b078333ba1f6386fa91

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
server: Google Frontend
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.nwaonline.com
x-cloud-trace-context: d5b39ae61b789f8a868d2c6effa6372d
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67

OPTIONS
H3 200 nl-data-api.php
wehco-bi.appspot.com/ Frame 0
0 199ms
152ms Preflight
text/html 2a00:1450:4001:82f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://wehco-bi.appspot.com/nl-data-api.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.nwaonline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://www.nwaonline.com
access-control-allow-methods: GET, POST
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-encoding: gzip
x-cloud-trace-context: 707007a62eaf5d365b2181b748e7db07
date: Sat, 05 Mar 2022 14:16:00 GMT
server: Google Frontend
cache-control: private
content-length: 20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 171 KB
63 KB 103ms
57ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L2LEJNK6NX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KXMHKG

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6912ff1547a3c02949c8e299e0a1477eba73271e0cc1bcddab436c9d1396938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64492
x-xss-protection: 0
expires: Sat, 05 Mar 2022 14:16:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 153ms
56ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59b075c7c91ff7b85bbdae7d07308e3a41169aa0d1c876357e45b2bde536cf37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires: Sat, 05 Mar 2022 14:16:00 GMT

GET
H2 204 analytics.min.js Show response
cdn.resonate.com/analytics.js/v1/100286544/ 0
169 B 71ms
20ms Script
text/plain 104.18.12.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.resonate.com/analytics.js/v1/100286544/analytics.min.js

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 6e73778b6e369158-FRA
date: Sat, 05 Mar 2022 14:16:00 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 3 KB
2 KB 315ms
109ms Script
text/javascript 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=53296171921282911622911536109362840227502121670082062200996264152001&nc=0&tsf=0&tsfmi=&pv=0&cb=1646489760550&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=437199853&at=&bid=e30%3D&di=W1siZWYiLDkyMTNdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyLTUu%0D%0AMC4wKVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMu%0D%0AMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1%0D%0AbSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6NixcIndnbFwiOjEsXCJncmVuXCI6XCJ3%0D%0AZWJraXQgd2ViZ2xcIixcInNlZlwiOjE3NTUyMzM3NTUsXCJzZWNcIjpcIlwifSJdLFsyOCwiPGRp%0D%0AdiBjbGFzcz1cImFydGljbGUtaW1hZ2UtZ3JvdXBcIj4iXSxbLTEsIi0iXSxbLTIsIjgsZVlHOVgx%0D%0AL1gxdFpsUzIyZDUxeDhZTlk5TXhKUUVNQ2RVQkhKTDg2TDIzQUNHVWhCSXdJU1NFRUFjSUpmUmVB%0D%0AZ1FJRUZvSW5kQ3h3UVhqaG8yNzE5Nm1Nak92L3I4NzB1eHFGeCJdLFstMywiW1wiaW50ZXJuYWwt%0D%0AcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBhZW9qb2ZvaG9lZmdpZWhqYWlcIixcImludGVy%0D%0AbmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwi%0D%0ALFwiY2hyb21lXCIsXCJwZXJtdXRpdmVcIixcImRmcEFkdW5pdFwiLFwiZGF0YUxheWVyXCIsXCJq%0D%0AUXVlcnlFbGVtZW50XCIsXCJzdWJzY3JpYmVUb0JjRXZlbnRzXCIsXCJiY1RhZ2dlZFwiLFwiY29u%0D%0AdGVudE1ldGVyXCIsXCJnZXRDb29raWVWYWx1ZVwiLFwiX3NmX2FzeW5jX2NvbmZpZ1wiLFwiX2Ni%0D%0AcVwiLFwiZ29vZ2xldGFnXCIsXCJhZGR0aGlzX2NvbmZpZ1wiLFwiX3R5cGVvZlwiLFwiJFwiLFwi%0D%0AalF1ZXJ5XCIsXCJibHVlQ29uaWNQcmVMaXN0ZW5lcnNcIixcIkJDQ2xhc3NcIixcImJsdWVDb25p%0D%0AY0NsaWVudFwiLFwiYmNfanNvbjUwNlwiLFwiT0JSXCIsXCJPQl9yZWxlYXNlVmVyXCIsXCJPQlIk%0D%0AXCIsXCJPQl9QUk9YWVwiLFwib3V0YnJhaW5cIixcIm91dGJyYWluX3JhdGVyXCIsXCJqUXVlcnkz%0D%0ANTEwMTY2NjIzOTI2NzY2OTQzODIxXCIsXCJ0ZWFkc3NjcmlwdFwiLFwiblF1ZXJ5XCIsXCJudHZM%0D%0Ab2FkU3RhcnRcIixcIm50dlwiLFwicHJkb21cIixcIm9uRm9jdXNFdmVudHNcIixcIm50dmpRdWVy%0D%0AeUluaXRcIixcIm50dkV4dGVuZHNcIixcIm50dkFwcGVuZFN0eWxlc2hlZXRcIixcIm50dkFwcGVu%0D%0AZFNjcmlwdFwiLFwibnR2QXJ0aWNsZVRyYWNrZXJcIixcIm50dkdldEVsZW1lbnRWaWV3YWJpbGl0%0D%0AeVwiLFwibnR2Vmlld2FibGVJbXByZXNzaW9uVHJhY2tlclwiLFwiUG9zdFJlbGVhc2VcIixcIm50%0D%0AdlRvdXRBZHNcIixcIm9uRm9jdXNcIixcIm5RdWVyeTIxMTA5MTg3NTM3MjQyODM0ODM4MC40NjE1%0D%0ANDk2NzYxMzE0NjQ2XCIsXCJhdHdwanBcIixcIl9hdGRcIixcIl9ldWNcIixcIl9kdWNcIixcIl9h%0D%0AdGNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0x%0D%0AMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0aW9uXCIsXCJhcHBsZS1t%0D%0Ab2JpbGUtd2ViLWFwcC10aXRsZVwiLFwidHdpdHRlcjpkZXNjcmlwdGlvblwiLFwidHdpdHRlcjp0%0D%0AaXRsZVwiLFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxb%0D%0ALTEzLCItIl0sWy0xNCwie1wib1wiOjAuMDMwMzAzMDMwMzAzMDMwMzA0fSJdLFstMTUsIi0iXSxb%0D%0ALTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwx%0D%0ALDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAs%0D%0AMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIi0iXSxbLTIxLCJCT3ZRSlRuRCJdLFstMjIsIltcIm5c%0D%0AIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wi%0D%0AOjE4MjAwMDAwLFwidWpoc1wiOjE1MjAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywi%0D%0AWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyJdLFstMjksIntcInZcIjpbMiwyLDIs%0D%0AMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0z%0D%0AMSwiZmFsc2UiXSxbLTMyLCIyIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY0NjQ4OTc2%0D%0AMDUzOCwwXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0s%0D%0AWy0zOCwiaSwtMSwtMSwxMTg3NSwxMTg3NSwwLDAsMCwwLDYxOSwxNzgyLDAsMTQxODkuMiwxNDE4%0D%0AOS4yLDE0NTQxLDE0NTQyIl0sWy0zOSwiW1wiMjAwMzAxMDdcIiwwLFwiR2Vja29cIixcIk5ldHNj%0D%0AYXBlXCIsXCJNb3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDBdIl0sWy00MCwi%0D%0AMzMiXSxbLTQxLCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDEwMDAwMDEw%0D%0AMDExMTAxMTAwIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIi0iXSxbLTQ2LCIwIl0sWy00NywiRXRj%0D%0AL1Vua25vd24sZW4tVVMsbGF0bixncmVnb3J5Il0sWy00OCwiMCwwIl0sWy00OSwiLSJdLFsiYm5j%0D%0AaCIsNTJdXQ%3D%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A200%2C%22y%22%3A1289%2C%22w%22%3A780%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=euxw9E89cb&sdd=%7B%7D&pto=14554
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 742f5bf956962f640df73129426612d155be6aec9fb8e542374f111f9da1362e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1567
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 45ms
8ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding: gzip
etag: c1da564f59b83b9805e8df92eca012f5
age: 541
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1QVHGFAHAMBVC55QB5DY
date: Sat, 05 Mar 2022 14:07:05 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: yl7gZGoXGQj8hoWOq1OM1SRcMabrlZIcg8kuNrLzwmATNTa75cfcgA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 154ms
54ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

1a1ceef0848eb5ea2c816e56c35b6be9fcee9295c976ac5b0da03d4552d9ac4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
server: sffe
etag: "1150 / 840 of 1000 / last-modified: 1646414401"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 05 Mar 2022 14:16:00 GMT

GET
H2 500 connatix.renderer.infeed.min.js
cdn.connatix.com/min/ 0
0 36ms
6ms Script
text/html 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/67246/tag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 track
t.teads.tv/ 23 B
143 B 82ms
82ms Image
image/gif 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=passback-noAd&env=js-web&auctid=c735ef3f-ee4c-4678-adf8-9517b8d4723e&pageId=67246&pid=72153&slot=polymorph&vid=00000000-0000-0000-0000-000000000001&fv=999&ts=1646489760569&f=1&referer=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 285ms
199ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17126&site_id=159432&zone_id=764646&size_id=10&rp_schain=1.0,1!ascendeum.com,asc91728,1,,,&rf=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=e7d0eae6-5699-42d4-bcaf-f4f62407ec59&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.39654854007117657
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 969c16408cd487874d2d1a3b68c7991b6f479bfcea609eccb1f47a813a5e1491

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Mar 2022 14:16:00 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.nwaonline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 173ms
86ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17126&site_id=159432&zone_id=764642&size_id=15&rp_schain=1.0,1!ascendeum.com,asc91728,1,,,&rf=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=071cde1f-5611-4041-8f69-8c1c690a5c1b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8440325190089526
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0985b35e11632f31f38b689cfc8a2fb40469925b22306089ea494744c55a0d64

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Mar 2022 14:16:00 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.nwaonline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 262 B
1 KB 315ms
229ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17126&site_id=159432&zone_id=825022&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!ascendeum.com,asc91728,1,,,&rf=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=7953d836-5b30-4983-b4a8-339a8b841cba&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.08187528391714793
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 6d70e027910b3498b0ae48b0859c643115fa4a272786d0c5fde05f423803d8ec

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 05 Mar 2022 14:16:00 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.nwaonline.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 262
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 24 KB
7 KB 177ms
177ms XHR
application/json 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

13bbe8ec2034ac5993a42c6035f93895a5a5968044e182f920f2312e92a7e9fd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 05 Mar 2022 14:16:00 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.177; 185.213.155.177; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1f59132a-f757-491e-a7c8-b4616ecbbf23
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.nwaonline.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
ascendeum-d.openx.net/w/1.0/ 73 B
381 B 70ms
24ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ascendeum-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e7d0eae6-5699-42d4-bcaf-f4f62407ec59%2C071cde1f-5611-4041-8f69-8c1c690a5c1b%2C7953d836-5b30-4983-b4a8-339a8b841cba&nocache=1646489760585&schain=1.0%2C1!ascendeum.com%2Casc91728%2C1%2C%2C%2C&aus=300x600%7C300x250%7C970x90%2C970x250%2C728x90&divids=div-gpt-ad-300x600_8381%2Cdiv-gpt-ad-300x250_2371%2Cdiv-gpt-ad-flex_5709&aucs=%2C%2C&auid=540244439%2C540244436%2C540244437
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 303c5f6f3b03136852e547151cc8e82ef4b9f1f90132a7271892eb912daa44e2

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
server: OXGW/17.2.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.nwaonline.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 116ms
78ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c7017474db0327dbc824e5012e&pos=8a9694c7017474db0327dbccfa760149&cmd=bid&secure=1
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 97ea80c5078bc96b9258698f850d13275350bed0e0a81001cd384e19485af180

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.nwaonline.com
access-control-allow-credentials: true
content-length: 4770

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 226ms
188ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c7017474db0327dbc824e5012e&pos=8a9694c7017474db0327dbccfb86014a&cmd=bid&secure=1
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 69a3b2b3625c5b1ef37f59ebcd787c3b2e5b1379f3cf45a4763e6e12525e02fa

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.nwaonline.com
access-control-allow-credentials: true
content-length: 4766

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
294 B 111ms
73ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c7017474db0327dbc824e5012e&pos=8a9694c7017474db0327dbccf9650148&cmd=bid&secure=1
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 05d57a314c71c845e1b78bcf291cd71e2e8f1135b32cbd084b6aaeee590920d4

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.nwaonline.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
115 B 152ms
122ms XHR
text/plain 18.184.249.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.nwaonline.com
date: Sat, 05 Mar 2022 14:16:00 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
116 B 79ms
49ms XHR
text/plain 18.184.249.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.nwaonline.com
date: Sat, 05 Mar 2022 14:16:00 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
115 B 155ms
126ms XHR
text/plain 18.184.249.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.249.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-249-62.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.nwaonline.com
date: Sat, 05 Mar 2022 14:16:00 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 200 auction Show response
tlx.3lift.com/header/ 7 KB
2 KB 116ms
88ms XHR
application/json 52.28.154.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.7.0-pre&referrer=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F&tmax=2000

Requested by

Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.154.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-154-195.eu-central-1.compute.amazonaws.com

Software

Resource Hash

4690497edbba8208ca3335192210c452506e3c01f4feb7cc4c3f41ae547d3b39

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nwaonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1865
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
118 B 141ms
95ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.nwaonline.com
date: Sat, 05 Mar 2022 14:15:59 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ 24 B
368 B 349ms
120ms XHR
application/json 35.211.165.199
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 199.165.211.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9b6ca73ab50c02b75d1f8014cf8fd28e7aca9a493ee4bcd6615015aadea71270

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 05 Mar 2022 14:16:00 GMT
Content-Encoding: gzip
Server: nginx
Content-Type: application/json
access-control-allow-origin: https://www.nwaonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 49

POST
H3 201 events Show response
api.permutive.com/v2.0/ 1 KB
705 B 50ms
34ms XHR
application/json 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/events?enrich=true&sdkp=true&k=79f73579-173c-4ac9-aef4-7d0cb40f0b84
Requested by: Host: 32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app
URL: https://32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app/32486ac9-2d2f-4adf-abee-f255f399471e-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 91b4d5ccad9a637949a9d1966fc68ad5cccada4f05e9e8069356de68732d0746

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
server: Permutive
vary: Origin,Access-Control-Request-Method
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://www.nwaonline.com
access-control-expose-headers: *
access-control-allow-credentials: true
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 684
via: 1.1 google

GET
H3

201

sync
api.permutive.com/v2.0/px/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=79f73579-173c-4ac9-aef4-7d0cb40f0b84,7cd93580-99f1-47d3-aed8-baf5dd90f8c6
https://match.adsrvr.org/track/cmb/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=79f73579-173c-4ac9-aef4-7d0cb40f0b84,7cd93580-99f1-47d3-aed8-baf5dd90f8c6
https://api.permutive.com/v2.0/px/sync?ku=79f73579-173c-4ac9-aef4-7d0cb40f0b84,7cd93580-99f1-47d3-aed8-baf5dd90f8c6&alias=d6623602-8f12-4749-aa36-8c3bfe2e2396&type=tradedesk

35 B
48 B

20ms
20ms

Image
image/gif

34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.permutive.com/v2.0/px/sync?ku=79f73579-173c-4ac9-aef4-7d0cb40f0b84,7cd93580-99f1-47d3-aed8-baf5dd90f8c6&alias=d6623602-8f12-4749-aa36-8c3bfe2e2396&type=tradedesk
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H3
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:00 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://api.permutive.com/v2.0/px/sync?ku=79f73579-173c-4ac9-aef4-7d0cb40f0b84,7cd93580-99f1-47d3-aed8-baf5dd90f8c6&alias=d6623602-8f12-4749-aa36-8c3bfe2e2396&type=tradedesk
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 377

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
313 B 15ms
15ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.nwaonline.com&pubid=64080954-a1fc-4a74-857c-f41e88061765
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:15:43 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
server: Server
age: 17
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.nwaonline.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: PIGPJhvX8kj3CSrBKw8qVUf1FqPEISig08UdPhKym6SXBMgXEFt7dw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 52ms
51ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F&pid=DYYMfL2f2CGaD&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-300x600_8381%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F27879627%2Fnwa%2Fnwadg%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-300x250_2371%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F27879627%2Fnwa%2Fnwadg%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-flex_5709%22%2C%22s%22%3A%5B%22970x90%22%2C%22970x250%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F27879627%2Fnwa%2Fnwadg%22%7D%5D&pubid=64080954-a1fc-4a74-857c-f41e88061765&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:00 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: RG83R5Y03VQQ14F0VQ5M
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.nwaonline.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: sSDaAzy0UFnnuyUyd1Pb4xb2EYtcgAeEO0q8iI9_1E69YPArDtS1hg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 29ms
13ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 06:58:02 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 26279
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 02 Mar 2022 02:09:50 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: TCCsK1OZcnnFr3r9fz244BHZLXkGBe_ExoUH3mTfbQhqg9qOjrI_-w==

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/0abde7de/www-widgetapi.vflset/ 152 KB
49 KB 86ms
39ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0abde7de/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6654cdce4772c6e6d896c5ff548af91be2430caa8b1a8f6d60345fc15738bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 12:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50321
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 04:20:53 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 05 Mar 2023 12:10:33 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
349 B 130ms
46ms Ping
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-L2LEJNK6NX&gtm=2oe320&_p=858126926&_z=ccd.B&cid=1443651117.1646489761&ul=en-us&sr=1600x1200&_s=1&sid=1646489760&sct=1&seg=0&dl=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F&dt=Arvest%20acts%20on%20breach%20reports&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L2LEJNK6NX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nwaonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022030101.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
122 KB 86ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 11:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124868
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 09:35:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 05 Mar 2023 11:35:23 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 250 B
164 B 95ms
48ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nwaonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

04c504d2e7bd10a6b2ddaacc904a3aba785c70bad1f19c2d19d60ddbcb99107e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 05 Mar 2022 14:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
expires: Sat, 05 Mar 2022 14:16:00 GMT

GET
H/1.1 200
OK Widgets_324.css
magnetapi.klangoo.com/w/ 13 KB
2 KB 129ms
128ms Stylesheet
text/css 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL

https://magnetapi.klangoo.com/w/Widgets_324.css

Requested by

Host: magnetapi.klangoo.com
URL: https://magnetapi.klangoo.com/w/Widgets_324.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

6c49b6b8133215ab8f6098916fa9b31444e6088d7865995295ac8b82a16edb42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:06 GMT
Content-Encoding: gzip
ETag: "801fea45e2d81:0"
Last-Modified: Wed, 05 Jan 2022 18:04:11 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1586

GET
H/1.1 200
OK magnet.min.js Show response
cdn.klangoo.com/wgt/ 117 KB
36 KB 656ms
248ms Script
application/javascript 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.klangoo.com/wgt/magnet.min.js
Requested by: Host: magnetapi.klangoo.com
URL: https://magnetapi.klangoo.com/w/Widgets_324.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS: 162-244-66-114.dedicated.codero.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a0734210780de6fc8b51c718b1f70bd8076f72fa13368eb67c1bbf61f7051356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:07 GMT
Content-Encoding: gzip
ETag: "80da53baa91fd61:0"
Last-Modified: Fri, 01 May 2020 11:14:49 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 36418

GET cs
wehco.blueconic.net/DG/DEFAULT/ 0
0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 387ms
92ms XHR
application/json 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1646489760863&sessionId=05fb6066-a4af-c5eb-c988-1c0faee0e66c&url=www.nwaonline.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Mar 2022 14:16:01 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 49d7b0f4ad72c0e8d684a69a8911ec9d
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 31 KB
13 KB 292ms
259ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=%20&idx=0&rand=60301&key=NANOWDGT01&widgetJSId=GS_4&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=05fb6066-a4af-c5eb-c988-1c0faee0e66c&fdu=www.nwaonline.com&px=200&py=1289&vpd=89&cw=780&activeTab=true&darkMode=false&settings=true&recs=true&version=2000617&sig=BOvQJTnD&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6bec6a132d4d9a947733747cee86caf4c20cf682293bc59bf55a1e5632528170

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:01 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1646489761.900454,VS0,VE253
accept-ranges: bytes
x-served-by: cache-lga21952-LGA, cache-fra19135-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 89318af28d87ed1b81f21b41f11394dd
content-encoding: gzip
content-length: 12500
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 414ms
103ms XHR
application/json 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1646489760877&sessionId=05fb6066-a4af-c5eb-c988-1c0faee0e66c&url=www.nwaonline.com&cheqSource=1&cheqEvent=2&responseTime=515
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Mar 2022 14:16:01 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: a78b7cb5cdebc59d5117b3ba6a2b7b40
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
79 B 98ms
97ms Image
image/gif 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136ee8c33de3408c9d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714793d75066f578afe6d6e54719bd488ebd39e821da61c45085052aae2d05f91e46042b9e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c0250616e96567ac940a61efc89825d957bd1fad811bc551c8c96dd82a77c3d835d27794d7e0f1dbe6e01e2ca52bbebeaf2e0233bad736c1b513b2431209df5e528181c38681eb923bce6a88de93a349cd5c5513a23771ce939018768aba28ab01b3c04cc570fd29111d04c836eb5e869df979ed863b8752a798ccd527d6195178e81218467d4472c9a76fb309d5c18869a99970ecdd7c88d1bfb37182a4aa0c3c338bf94a43caa1465903e2fdad39fa27c8a809beb376af3ef571ca119057caaa3cc61e26e5af9a792d2372577f195616b6f3ce398341e81b5c4928e4a60d838a1267e3bcdebaa06ddeeee4f59afbadf7574c39f35b85b75a729e45651acb7e5b7168ea66ac7019def6c763880dcb37d8b926dfcc788b671d7332087d0f8e85b5c9367f49885b10d7958cf9c395165bdae9e32a84c537399d870e2e2ab983d3566c&cb=1646489760877&cri=euxw9E89cb
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:00 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H2 200 27879627 Show response
fundingchoicesmessages.google.com/i/ 89 KB
32 KB 193ms
93ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/27879627?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05e729cdebb13980a99941445ee74fe1eae6c194731e7f4fdd60281c3fd0e5f4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d3Avnb37nn2vU0VfP9U9yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-d3Avnb37nn2vU0VfP9U9yA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-d3Avnb37nn2vU0VfP9U9yA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-d3Avnb37nn2vU0VfP9U9yA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
date: Sat, 05 Mar 2022 14:16:01 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 53f79fb2ad511df47bbd706dd94f837a88.jpg
zem.outbrainimg.com/p/srv/sha/05/b9/e9/ 19 KB
20 KB 29ms
7ms Image
image/jpeg 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/05/b9/e9/53f79fb2ad511df47bbd706dd94f837a88.jpg?w=286&h=215&fit=crop&crop=faces&fm=jpg

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

0977c46182dd47e285e6d06417983b89710fb9611854b0667774eb1adf28eb47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:01 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 423667
x-cache: HIT, MISS, HIT
x-imgix-id: a0fe8f2e9ce11867f9671b9e7f2d44d6eabbfc83
content-length: 19848
x-served-by: cache-sjc10031-SJC, cache-fra19167-FRA, cache-fra19178-FRA
last-modified: Mon, 28 Feb 2022 16:34:54 GMT
server: imgix
x-timer: S1646489761.188638,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
x-cache-hits: 1

GET
H2 200 disclosure.png
widgets.outbrain.com/external/vendors/ 476 B
776 B 7ms
7ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/external/vendors/disclosure.png
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:01 GMT
last-modified: Wed, 16 Feb 2022 08:29:06 GMT
server: AkamaiNetStorage
etag: "4d39e26ad7c27bebbc022d353bf4bbb6:1645014623.324673"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 476
expires: Mon, 04 Apr 2022 14:16:01 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 8ms
8ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:01 GMT
last-modified: Mon, 20 Dec 2021 10:37:08 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1639997226.754678"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Mon, 04 Apr 2022 14:16:01 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 9ms
9ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:01 GMT
last-modified: Mon, 20 Dec 2021 10:37:08 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Mon, 04 Apr 2022 14:16:01 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 402ms
102ms Fetch
text/plain 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=886e05d0a98e97566a1bc30bd2d1a2ad_29039_1646489761074&tm=873&eT=0&widgetWidth=780&widgetHeight=275&widgetX=200&widgetY=1289&wRV=2000617&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=295&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sat, 05 Mar 2022 14:16:01 GMT
content-encoding: gzip
X-TraceId: 04eb471fce6a5f6df9aea424ded52ac7
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame B57A 361 B
654 B 8ms
6ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 05 Mar 2022 18:16:01 GMT
date: Sat, 05 Mar 2022 14:16:01 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C40C 361 B
654 B 9ms
7ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 05 Mar 2022 18:16:01 GMT
date: Sat, 05 Mar 2022 14:16:01 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame A661 361 B
654 B 9ms
8ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
content-length: 361
cache-control: max-age=14400
expires: Sat, 05 Mar 2022 18:16:01 GMT
date: Sat, 05 Mar 2022 14:16:01 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *

GET
H2 200 eyJpdSI6IjgzYmZjOTFhYWI4NzRmYjY3ZjAwYzQwOGRmN2YzZjIzNmJlYTJlZTVhYmIxYjk0ZTQwYTc3YjVkYTlkY2VlYTYiLCJ3IjoyODYsImgiOjIxNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 20 KB
20 KB 32ms
10ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjgzYmZjOTFhYWI4NzRmYjY3ZjAwYzQwOGRmN2YzZjIzNmJlYTJlZTVhYmIxYjk0ZTQwYTc3YjVkYTlkY2VlYTYiLCJ3IjoyODYsImgiOjIxNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 93e3ed68f984276f940bc09c116bd39cebedf21b1f4f15b5044fe7688846f885

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:01 GMT
cache-control: max-age=1124649
last-modified: Wed, 05 Jan 2022 21:34:32 GMT
x-traceid: 653db1b9e00ff388ba0fd248741c5cbb
timing-allow-origin: *
content-length: 20540
content-type: image/webp

GET
H2 200 eyJpdSI6ImQ5NjMzYjcyZDRjNGY0ODc4OGRmNTMyN2ViYWU4MDhjZTNlYmJkOGMwZmY0YzE5MjYxYzk1OTdiY2ExNWI5NWMiLCJ3IjoyODYsImgiOjIxNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 30 KB
30 KB 37ms
14ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQ5NjMzYjcyZDRjNGY0ODc4OGRmNTMyN2ViYWU4MDhjZTNlYmJkOGMwZmY0YzE5MjYxYzk1OTdiY2ExNWI5NWMiLCJ3IjoyODYsImgiOjIxNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5d3485c761640d33d61a6c8eba8d4bbb3455a1cee7a1e4b7f80b92f182169b38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:01 GMT
cache-control: max-age=1757060
last-modified: Fri, 25 Feb 2022 10:19:29 GMT
x-traceid: c5bb002ef8f912d3d27de7ab8ef04394
timing-allow-origin: *
content-length: 30546
content-type: image/webp

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame B57A 2 KB
1 KB 13ms
13ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:01 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 13:04:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1646227706.584415"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sat, 05 Mar 2022 18:16:01 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame C40C 2 KB
1 KB 14ms
14ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:01 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 13:04:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1646227706.584415"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sat, 05 Mar 2022 18:16:01 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame A661 2 KB
1 KB 16ms
16ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:01 GMT
content-encoding: gzip
last-modified: Wed, 02 Mar 2022 13:04:24 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1646227706.584415"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 778
expires: Sat, 05 Mar 2022 18:16:01 GMT

POST
H3 204 AGSKWxVB1qFEC-hPJ-V1IteDJQqidZuW2cPH9dy9QAOGnti8DS8uqzzgQR9zu5BCrPrgvEjTK4cViTzp5t82UTgSMvQ= Show response
fundingchoicesmessages.google.com/el/ 0
25 B 107ms
60ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVB1qFEC-hPJ-V1IteDJQqidZuW2cPH9dy9QAOGnti8DS8uqzzgQR9zu5BCrPrgvEjTK4cViTzp5t82UTgSMvQ=?pvid=7D077A73-C5D5-4DCB-AB58-19757C6FF420&anonid=691553D5-A76A-4ED5-B6CB-DB3A82782E1B

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de._jhGZp0rcfY.es5.O/d=1/rs=AJlcJMx4QdgtF7jSJkU9oDh9XV5PwOrL-g/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6zDI4l5MlHR5vVRMQThc8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6zDI4l5MlHR5vVRMQThc8w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Mar 2022 14:16:01 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.nwaonline.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6zDI4l5MlHR5vVRMQThc8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6zDI4l5MlHR5vVRMQThc8w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXb-NTzf5p35OgdQG4RpYRuU69rFowWdKSHHcKnkpU1kZH2XwqwI7AK4OjuGHfa9hHqZE4huGBYstNsi0pwfT0= Show response
fundingchoicesmessages.google.com/f/ 251 KB
52 KB 136ms
89ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXb-NTzf5p35OgdQG4RpYRuU69rFowWdKSHHcKnkpU1kZH2XwqwI7AK4OjuGHfa9hHqZE4huGBYstNsi0pwfT0=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQ2NDg5NzYxLDI0MTAwMDAwMF0sIjdEMDc3QTczLUM1RDUtNERDQi1BQjU4LTE5NzU3QzZGRjQyMCIsIjY5MTU1M0Q1LUE3NkEtNEVENS1CNkNCLURCM0E4Mjc4MkUxQiIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5ud2FvbmxpbmUuY29tL25ld3MvMjAxNC9ub3YvMTgvYXJ2ZXN0LWFjdHMtb24tYnJlYWNoLXJlcG9ydHMtMjAxNDExMTgvIixudWxsLFtdXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b52e3d6c7bab000af13e140fead5be1fcf8639009d6466ba87d6e75138679ed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D5KkN8FJ9+9/qGy9IyNDlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-D5KkN8FJ9+9/qGy9IyNDlg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-D5KkN8FJ9+9/qGy9IyNDlg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-D5KkN8FJ9+9/qGy9IyNDlg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame B57A 43 B
256 B 371ms
90ms Image
image/gif 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-VyBV9aNBz_siIuaCjHYKHADpc6hNp_wqsYQLKormuuqwVxfFJ2jDJIuEJnaETfqDrq0orM2M89x-HwmGo4wCCr7WLUQ2itKDLHr2nzrp5_mJqtLF7RN9yLe97RYVs8Iu2h7LA_uANSx9GeS5ABUZGj4SC8jEzp2MHKyG52M86V0y7pGNkr4QNzUsczMBgbs0EmA2M_Foy1FVS8zQxx6E_jB9WB1bb4aqJmV2TvUArWBGwUo4UsnCjKjOeULQBvK_vyis0PPrt-bRWLa2OI8RMv95YvmOygiP2sRt-Ah5qp7cEpYY5TOeI8p6RZe02HwaAW0Ng0EZsrnR1GkCOrLytsGtSq94oze5kgE4YH8qVudE5WWGjYEh7qtQZc28P_CjGLAjURfNEW0qCZFcN26Cb_aZfzYaJLKmrd_1yILTnQmwCRIsJBKvdvaJn2fa87xXbg8m4ZjSQVU5Gb5umP-YWs0G1auwH5rjUS-K_NiYnVOw9SFAi6o2Rd7lMrQgFjmo7K_Ze0ZaXwIaAGGI5e8OfLumWOkWjz_P4fEJ3hX7kpEyfp_3Nayx_OATvNwri_xFfecinIfnLyE7pnmZNQzpMSgUDq4b9ukRQwwM2jeucjV5WqeW-4g854FY_Q47yoGkTm_DHTl1D0g85FNVshL8coE3jzH3IIBJnOOfKES7x24vol46N-ryizUwsUsOs3l8rF3qIKk2vdF9HvNR66FXr-sqDUQ5F7q7LIQUnO3OUE0P2plU1YWiwbv9Z4GzzqNwQit75qHDo0THN9SXfPy-M28Mkw6s_5sAZ1zQLtNxBgZVxxDFzMEc6ALJKE-_QATKDEm0XPELWjEcpeCvfgSd_3XObfY4hmqYi5LZPvr2hz3bLhnVjxcNP121mv00TIOc1duJuTD7jYMCfjRfl41vWYii7IQ7EQ4IJIHO0CM2EQ8qsvZE3fvl-IGdO--pn4PUTSCJcu3dCkZBYwjw4wYwRkwKVOQNvZ6KFNcSYu5Nnu4xpWnFrRK1scZUSsVH-Ls0Wu3kb4CGoe6Y_--SEqNCN6_Z72lvBGe4TLVe7USqoB8HUwum_CU7AZI2XsEIGuG9odFJK4mMOHub4mnyOnAH_2EkemgeHpl2KTNHYz5x1xHF9Ly73yu5ihPaLQXpn1pe0YxlH6t_sJrxvEYrTvrReG1l1GKu3UgrMAJvWOcivHrmcyIM36x9bAI7T4IYRN7aKYPyOJGMGK5oWWyw6MmAChiqoYKfNwNHROFnlbnImT1OZwjzrzb2w_UTRc0mP-I7BeY2_IesJua94tltV7X3pSu3qh15dwr3sNDZlZmXqLuYa1_56qcjDiPMz7Dy-bIs_3PRMSL38uacgWyiGuycWexpVgMm6eLfoOzYvfs-lUNGzmlJ6wIE62JF6vYEZamKNMBJM2gN2UyiotxxQ1ilD4-Nu4J8KigmVvCrbm3WgK4m8W9-FqaLmm3VZ490pIqXpBSOqgwQ5nDoU4eKLWS-fiSnouYV_LaSQJbNvLN2k0b6&c=f3c67eb4&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:01 GMT
Cache-Control: no-cache
X-TraceId: 25883e97f327bd6e65fbf39e66cdc9df
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK /
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/c8cc1036-9c8e-11ec-9722-ced78380fdbd/0.075478/W36W5EXUTOI763PNRLA7G2AR3P4OYRWH7UCDSYSQQN5JUT4VKUDZZV62WCZ7OLPXSN44VENBW645PWQXYE6H2A7REHONHLVKECMAQ462F6Z... Frame C40C 26 B
127 B 372ms
91ms Image
image/gif 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/c8cc1036-9c8e-11ec-9722-ced78380fdbd/0.075478/W36W5EXUTOI763PNRLA7G2AR3P4OYRWH7UCDSYSQQN5JUT4VKUDZZV62WCZ7OLPXSN44VENBW645PWQXYE6H2A7REHONHLVKECMAQ462F6Z4KEZQU2JA4KEWVYXFMGXLRHZ6ZCU27ASQJUXTJLAWZ74D6VILGHJ23X6ESEWCCGANKWPI3WM5LNMABW3SRIKWB2322NK4LW2RNNENYEH57IBBFVWHSAEDHXYRUIZSDKB5JM3LQ4YZNR4LNA6EC2MUUA7RQZAJNJWQUOQ7AERVWX2J2Y47TNSNGRHCIR52XEIKL374F7KGWROZFSASYSUYLUZKFPPIDKY62RBB5IAX53NBCK7FC2HDEJLT7W5IRUQHZCVVAU45ZJF6VTMUPS5ZO4CAGK34CHDTPOAFCJASHADPP2NATJZVRKIW2FCI5NWPV434OYR2G6MIAEMEM6ZSIM36U4PZ3ZYFGOBM6NXEMYLC6ZLRB5HUGCPI5LY/?wpos=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:01 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-nydc1.zemanta.com/t/imp/impression/TFXVF4VY244ZMNG3C4QJ3YTAOO2TNHWCGJVWJXOGTKUPE56GHHJQIWKSFK5EYGSTD6BSDNRFL3RENPMWGZF44HLHTAMBQQPILRDDBVDH5HHX6V3IAU5SVEOZKR7BM3NOSF74FY4TSUCVR42RAO26ZXYVUHABG4... Frame A661 26 B
127 B 366ms
90ms Image
image/gif 64.202.112.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-nydc1.zemanta.com/t/imp/impression/TFXVF4VY244ZMNG3C4QJ3YTAOO2TNHWCGJVWJXOGTKUPE56GHHJQIWKSFK5EYGSTD6BSDNRFL3RENPMWGZF44HLHTAMBQQPILRDDBVDH5HHX6V3IAU5SVEOZKR7BM3NOSF74FY4TSUCVR42RAO26ZXYVUHABG4BG6HI6DBYUUBMRL2E2J5WVFQ4HKNN77J3LEGBHJUH64D26AVSRFQLPYFNVCJNTMYXQQNXJANHBAPRSXTT5IB54G32J4RZVZ6VYKITGJPOFIDGMBIGABLGWVBWWSW6QPC4VU33IYOZDOH2U2R26XKOV7KAUARJ6KLY5GC6R5JVTNHUDRSIFG64HDXNFNXKUDPI7CMCMPBI/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:01 GMT
Content-Length: 26
Content-Type: image/gif

GET
H3 200 css
fonts.googleapis.com/ 60 KB
4 KB 101ms
54ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.LKLHGKnr3TY.es5.O/d=1/rs=AJlcJMx--vT_yq97shI_vbQYGznXrITu5Q/m=iabtcfv2wallscript

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e1117d6696a8fd5364b5bd1bccae6fca652fe8780e8875ad140c559f36afa034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 05 Mar 2022 14:16:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 05 Mar 2022 14:16:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 05 Mar 2022 14:16:01 GMT

POST
H3 204 AGSKWxWJLJg0_TtUaaD8rmbUJ3zD-0y4ixhDDab9isBUt_gaRofzyYCIVFnaQBAWMFtHTEXcn-IMevsy-x1KkRFACkU8Ip5y1xuI_ZBZ-ycwaJ5TzAm8RMY4sesfRZY4tgxOZI90wuqGNviVtNQqCwYswvnDV9coP59tInQodSzFbZU5GpceTVwLPCTfQ08w Show response
fundingchoicesmessages.google.com/el/ 0
26 B 52ms
52ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWJLJg0_TtUaaD8rmbUJ3zD-0y4ixhDDab9isBUt_gaRofzyYCIVFnaQBAWMFtHTEXcn-IMevsy-x1KkRFACkU8Ip5y1xuI_ZBZ-ycwaJ5TzAm8RMY4sesfRZY4tgxOZI90wuqGNviVtNQqCwYswvnDV9coP59tInQodSzFbZU5GpceTVwLPCTfQ08w?dmid=54064ac6fb36c412

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-F0173mhBsMPtPDMKtR9YOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-F0173mhBsMPtPDMKtR9YOA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Mar 2022 14:16:01 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.nwaonline.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-F0173mhBsMPtPDMKtR9YOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-F0173mhBsMPtPDMKtR9YOA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v125/ 121 KB
121 KB 102ms
55ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v125/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63b49d58e13f9edc496b9e239b5e5c08757d26551bd16628cf996d3af0b769f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nwaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 22:57:34 GMT
x-content-type-options: nosniff
age: 487107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123876
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 21:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Feb 2023 22:57:34 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 83ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nwaonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 315031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 22:45:30 GMT

GET
H/1.1 200
OK WidgetLoad Show response
magnetapi2.klangoo.com/NewsAgencyService.svc/ 120 B
646 B 518ms
126ms Script
text/javascript 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL

https://magnetapi2.klangoo.com/NewsAgencyService.svc/WidgetLoad?calk=abe2d920-bdeb-4687-88c0-1680eb8da4d3&request=%7B%22pt%22%3A1%2C%22id%22%3A%22629912%22%2C%22v%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F%22%2C%22dp%22%3A%222014-11-18T01%3A51%3A42%2B00%3A00%22%2C%22ws%22%3A%5B%7B%22id%22%3A%22ent_324-1%22%2C%22ty%22%3A2%2C%22ef%22%3A%22xk%22%2C%22rf%22%3A1%7D%2C%7B%22id%22%3A%22rel_324-1%22%2C%22ty%22%3A1%2C%22ob%22%3A1%2C%22lf%22%3A%22en%22%2C%22mr%22%3A3%2C%22fd%22%3A%223%20FEB%202022%22%2C%22rf%22%3A1%2C%22sd%22%3A3%7D%5D%7D&format=json&callback=__CB

Requested by

Host: cdn.klangoo.com
URL: https://cdn.klangoo.com/wgt/magnet.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

6471fb56b8dd8c4ce897564448db6a5b372fc7f95a6a57b5c7161c0910aa63e4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 224

GET
H/1.1 200
OK RecommendArticles_RuleBased Show response
magnetapi2.klangoo.com/NewsAgencyService.svc/ 5 KB
2 KB 539ms
134ms Script
text/javascript 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL

https://magnetapi2.klangoo.com/NewsAgencyService.svc/RecommendArticles_RuleBased?calk=abe2d920-bdeb-4687-88c0-1680eb8da4d3&articleUID=629912&langToShowOnly=en&userID=9ef86884-5e81-40f1-b53e-250d3bc292d8&rulesGroupID=667&format=json&callback=__CB&token=recom_324-2,recom_324-1&showDetails=3&maxReturnRows=8

Requested by

Host: cdn.klangoo.com
URL: https://cdn.klangoo.com/wgt/magnet.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

c4d42a379ac780de8aa3c004ae2df02738fe5674648d5d465c116c54029d3db6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:07 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 1649

GET
H/1.1 200
OK track.ashx
magnetrack.klangoo.com/v1.1/ 35 B
339 B 549ms
131ms Image
image/gif 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://magnetrack.klangoo.com/v1.1/track.ashx?e=A_PAGE_VIEW&p=629912&r=&c=abe2d920-bdeb-4687-88c0-1680eb8da4d3&u=9ef86884-5e81-40f1-b53e-250d3bc292d8&l=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F&ran=1646489761909984

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Mar 2022 14:16:08 GMT
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Length: 35

GET
H/1.1 200
OK Screen_Shot_2022-03-04_at_7.49.07_AM_t600.png
wehco.media.clients.ellingtoncms.com/img/photos/2022/03/04/ 110 KB
110 KB 190ms
190ms Image
image/png 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wehco.media.clients.ellingtoncms.com/img/photos/2022/03/04/Screen_Shot_2022-03-04_at_7.49.07_AM_t600.png?4326734cdb8e39baa3579048ef63ad7b451e7676
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS
Software: nginx /
Resource Hash: 7763f245a82f5f8a6ada073555d4c2016a611500b88e2bc62dfbc6823ac7d89d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:02 GMT
Last-Modified: Fri, 04 Mar 2022 13:51:18 GMT
Server: nginx
Age: 87735
ETag: "1521914573"
X-Cache: HIT
Content-Type: image/png
Access-Control-Allow-Origin: *
Expires: Sun, 03 Apr 2022 13:53:46 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 112156
X-Cache-Hits: 287

GET
H/1.1 200
OK 199697748_insideBsession_t600.jpg
wehco.media.clients.ellingtoncms.com/imports/adg/photos/ 68 KB
69 KB 192ms
192ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wehco.media.clients.ellingtoncms.com/imports/adg/photos/199697748_insideBsession_t600.jpg?4326734cdb8e39baa3579048ef63ad7b451e7676
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS
Software: nginx /
Resource Hash: 17a0d2f0d7b12116c3b87b3e8662ff59cb88682b5cb038fae9cc9df5a16f5b7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:02 GMT
Last-Modified: Thu, 21 Oct 2021 09:19:28 GMT
Server: nginx
Age: 0
ETag: "3156240451"
X-Cache: MISS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69881
X-Cache-Hits: 0

GET
H/1.1 200
OK 200801622_Wyman-Morgan_ORIG_dFFEYKF_t600.jpg
wehco.media.clients.ellingtoncms.com/img/photos/2022/03/04/ 27 KB
27 KB 200ms
199ms Image
image/jpeg 208.91.60.7
NSIHOSTING-EQX-VA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wehco.media.clients.ellingtoncms.com/img/photos/2022/03/04/200801622_Wyman-Morgan_ORIG_dFFEYKF_t600.jpg?4326734cdb8e39baa3579048ef63ad7b451e7676
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.91.60.7 , United States, ASN14244 (NSIHOSTING-EQX-VA, US),
Reverse DNS
Software: nginx /
Resource Hash: 5237c7063a1b19125fa64756bae3e02477f86b151d81fc4c26469c22b9ec993c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:02 GMT
Last-Modified: Fri, 04 Mar 2022 11:07:12 GMT
Server: nginx
Age: 0
ETag: "2569744216"
X-Cache: MISS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Expires: Mon, 04 Apr 2022 14:16:01 GMT
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27737
X-Cache-Hits: 0

GET
H/1.1 200
OK track.ashx
magnetrack.klangoo.com/v1.1/ 35 B
339 B 378ms
129ms Image
image/gif 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://magnetrack.klangoo.com/v1.1/track.ashx?e=WGTS_LOAD&p=629912&recA={%2211%22:1,%2219%22:1,%2220%22:4,%2221%22:2}&recAV=VAR_6&uids=1&uidn=1&vws=1&c=abe2d920-bdeb-4687-88c0-1680eb8da4d3&u=9ef86884-5e81-40f1-b53e-250d3bc292d8&l=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F&ran=1646489762210640

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Mar 2022 14:16:08 GMT
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Length: 35

GET
H2

200

sync Show response
eb2.3lift.com/ Frame A1E1
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

8ms
7ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 3b5500b51e4d9583e1d005a4df8a8567773d5a5bef3120ac1190bc5cfbb9c0cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/

Response headers

date: Sat, 05 Mar 2022 14:16:04 GMT
content-type: text/html; charset=utf-8
content-length: 464
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Sat, 05 Mar 2022 14:16:03 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 9A64 15 KB
6 KB 49ms
7ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158314
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=78949
expires: Sun, 06 Mar 2022 12:11:53 GMT
date: Sat, 05 Mar 2022 14:16:04 GMT
vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame E134 0
91 B 27ms
21ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.0
date: Sat, 05 Mar 2022 14:16:03 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 259D 281 B
554 B 49ms
8ms Document
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 05 Mar 2022 14:16:04 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5BD1 52 KB
17 KB 34ms
7ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: wehco.media.clients.ellingtoncms.com
URL: https://wehco.media.clients.ellingtoncms.com/static-4/prebid/nwaonline/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Fri, 04 Mar 2022 06:18:14 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 05 Mar 2022 14:16:04 GMT
Age: 28667
X-Served-By: cache-lga21953-LGA, cache-hhn4070-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 5, 456582
X-Timer: S1646489764.005726,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a6d9bc97-50ab-49ed-ba02-d83f553a72cf&ssp=themediagrid

43 B
220 B

12ms
12ms

Image
image/gif

18.193.253.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a6d9bc97-50ab-49ed-ba02-d83f553a72cf&ssp=themediagrid
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Server: 18.193.253.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-253-133.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.nwaonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=a6d9bc97-50ab-49ed-ba02-d83f553a72cf&ssp=themediagrid
Date: Sat, 05 Mar 2022 14:16:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame A1E1 70 B
264 B 30ms
29ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame A1E1 170 B
502 B 150ms
46ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A1E1
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk5NzM4MzgyOTIzNDM0OTQwMjUw

170 B
232 B

135ms
47ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk5NzM4MzgyOTIzNDM0OTQwMjUw

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mzk5NzM4MzgyOTIzNDM0OTQwMjUw
date: Sat, 05 Mar 2022 14:16:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame A1E1 0
708 B 145ms
121ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=399738382923434940250&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:03 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 648A094AFBDD4648B2B8366B3D5CBDA6 Ref B: FRAEDGE0908 Ref C: 2022-03-05T14:16:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZeUWD6Ii1CAKVTFliQg==

GET
H2

200

xuid
eb2.3lift.com/ Frame A1E1
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/399738382923434940250?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-TuaTCfhE2oQl10wvs0f2vxgvvvVCObAcoiaXZZm79A--~A&dongle=0883

37 B
354 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-TuaTCfhE2oQl10wvs0f2vxgvvvVCObAcoiaXZZm79A--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sat, 05 Mar 2022 14:16:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-TuaTCfhE2oQl10wvs0f2vxgvvvVCObAcoiaXZZm79A--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame A1E1 43 B
220 B 121ms
8ms Image
image/gif 18.193.253.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=399738382923434940250&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.253.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-253-133.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame A1E1 42 B
593 B 61ms
33ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=399738382923434940250&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:03 GMT
etag: "7c5ed6a6f22cd81:0"
last-modified: Mon, 28 Feb 2022 22:29:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EEF86C0A6A2648E69EA4782F0E097F39 Ref B: FRAEDGE1219 Ref C: 2022-03-05T14:16:04Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET 757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame A1E1 0
0

GET
H2

200

xuid
eb2.3lift.com/ Frame A1E1
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

8ms
7ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Sat, 05 Mar 2022 14:16:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame A1E1
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=3104886536572414942&dongle=d407

37 B
354 B

11ms
11ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=3104886536572414942&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=3104886536572414942&dongle=d407
pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 259D 32 KB
10 KB 8ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 31f905374457a5300e13a4c80dc5220d85c84a903b1da9d2562ac53c2ed6353a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 05 Mar 2022 14:16:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 02 Mar 2022 16:28:01 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=28151
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9535
Expires: Sat, 05 Mar 2022 22:05:15 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5BD1 0
747 B 14ms
13ms Script
text/html 185.33.221.14
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.14 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Mar 2022 14:16:04 GMT
X-Proxy-Origin: 185.213.155.177; 185.213.155.177; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1fb49c45-33e7-4c16-8782-ca6f9b2098e8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 9A64 2 KB
3 KB 76ms
15ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59609025&p=158314&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158314
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0dc4d239818b7855cdd48679083cc8b157b78271d494ba8fe20e861c53ae6e2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:02 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 580A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=B1AFFC54-324C-433E-80D6-13A61D5FAAD2
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B1AFFC54-324C-433E-80D6-13A61D5FAAD2

35 B
467 B

20ms
20ms

Document
image/gif

37.157.4.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B1AFFC54-324C-433E-80D6-13A61D5FAAD2

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158314

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 05 Mar 2022 14:16:04 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Sat, 05 Mar 2022 14:16:04 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=B1AFFC54-324C-433E-80D6-13A61D5FAAD2
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 65BF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:62616223-70a4-4600-a455-746d69a6f15d&gdpr=0&gdpr_consent=

42 B
341 B

60ms
16ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:62616223-70a4-4600-a455-746d69a6f15d&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158314
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 05 Mar 2022 14:16:04 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug030:0:702
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Sat, 05 Mar 2022 14:16:04 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4172 645ee8c master cdg-pixel-x31 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:62616223-70a4-4600-a455-746d69a6f15d&gdpr=0&gdpr_consent=
Expires: Sat, 05 Mar 2022 14:16:03 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2CFF
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8671275517256877988

42 B
366 B

14ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8671275517256877988
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158314
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 05 Mar 2022 14:16:03 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug008:0:430
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8671275517256877988
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame A0CD 43 B
362 B 47ms
15ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158314

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 05 Mar 2022 14:16:03 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Sat, 05 Mar 2022 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 588762
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4731
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7071619689582229650

42 B
520 B

66ms
15ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7071619689582229650
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158314
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 05 Mar 2022 14:16:04 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug014:0:382
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Sat, 05 Mar 2022 14:16:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7071619689582229650

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9A64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sa_8VDJMQz6A1hOmHV-q0g%3D%3D
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sa_8VDJMQz6A1hOmHV-q0g%3D%3D&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

7ms
7ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:04 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=78949
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Sun, 06 Mar 2022 12:11:53 GMT

Redirect headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 9A64
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e5166223-70a4-4600-9b10-d89978bcb8a1

0
260 B

63ms
15ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e5166223-70a4-4600-9b10-d89978bcb8a1
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:03 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 05 Mar 2022 14:16:04 GMT
Server: MT3 4172 645ee8c master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e5166223-70a4-4600-9b10-d89978bcb8a1
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 05 Mar 2022 14:16:03 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 9A64
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=B1AFFC54-324C-433E-80D6-13A61D5FAAD2
https://spl.zeotap.com/?zdid=1332&zcluid=c6b148f906477722
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=74c00f14-10cd-4e98-53d0-e2dbd2a2e608&reqId=2cdf29c9-9266-471a-5785-94816519f6ed&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESED7quEL27anqEtBZJT6Rf30&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=74c00f14-10cd-4e98-53d0-e2dbd2a2e608&reqId=2cdf29c9-9266-471a-5785-948...

95 B
164 B

40ms
30ms

Image
image/png

2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESED7quEL27anqEtBZJT6Rf30&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=74c00f14-10cd-4e98-53d0-e2dbd2a2e608&reqId=2cdf29c9-9266-471a-5785-94816519f6ed&zcluid=c6b148f906477722&zdid=1332
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6e7377a46b229b8c-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESED7quEL27anqEtBZJT6Rf30&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=74c00f14-10cd-4e98-53d0-e2dbd2a2e608&reqId=2cdf29c9-9266-471a-5785-94816519f6ed&zcluid=c6b148f906477722&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9A64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjFBRkZDNTQtMzI0Qy00MzNFLTgwRDYtMTNBNjFENUZBQUQy&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjFBRkZDNTQtMzI0Qy00MzNFLTgwRDYtMTNBNjFENUZBQUQy&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

14ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:02 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:631
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9A64
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPnVpJ6oArG4bR2lmjKuNHg&google_cver=1

42 B
437 B

14ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPnVpJ6oArG4bR2lmjKuNHg&google_cver=1
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 11:00:29 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0025:0:417
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPnVpJ6oArG4bR2lmjKuNHg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 9A64 43 B
610 B 65ms
14ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 04 Mar 2022 14:16:04 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9A64
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2307799097925015183

42 B
233 B

16ms
16ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2307799097925015183
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:04 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug018:0:471
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2307799097925015183
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 9A64
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d6623602-8f12-4749-aa36-8c3bfe2e2396

42 B
294 B

82ms
16ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d6623602-8f12-4749-aa36-8c3bfe2e2396
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:04 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug028:0:1191
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d6623602-8f12-4749-aa36-8c3bfe2e2396
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 9A64
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2989019449780359481&gdpr=0&gdpr_consent=

42 B
543 B

53ms
15ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2989019449780359481&gdpr=0&gdpr_consent=
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:02 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:659
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sat, 05 Mar 2022 14:16:04 GMT
X-Proxy-Origin: 185.213.155.177; 185.213.155.177; 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 10db47a4-ae78-4362-994b-7a4e592ec982
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2989019449780359481&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 259D
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0DXHQ5F-L-BPNH&sigv=1&esig=2~416c2f38375dc3eb9497c7faf72a09a4c50080c2&us_privacy=1---

0
194 B

71ms
20ms

Image
text/plain

2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0DXHQ5F-L-BPNH&sigv=1&esig=2~416c2f38375dc3eb9497c7faf72a09a4c50080c2&us_privacy=1---

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:04 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L0DXHQ5F-L-BPNH&sigv=1&esig=2~416c2f38375dc3eb9497c7faf72a09a4c50080c2&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 259D
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/TRG05vT81wrwazVSnublFw?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3614813532054188472

0
239 B

9ms
8ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3614813532054188472
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

date: Sat, 05 Mar 2022 14:16:04 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3614813532054188472
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 259D
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_sVWXW4fS3y5MlMdMUYxRA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_sVWXW4fS3y5MlMdMUYxRA

43 B
556 B

34ms
33ms

Image
image/gif

54.239.37.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_sVWXW4fS3y5MlMdMUYxRA

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

HTTP/1.1

Server

54.239.37.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 05 Mar 2022 14:16:04 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2S94B2Y4PCXK8G4HYZF6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_sVWXW4fS3y5MlMdMUYxRA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 259D
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTIxODQxNWQwMGM4ODE3NGNjNjZlY2E5NTExYzY5YTExYTI3NmQzMA&us_privacy=1---

170 B
188 B

49ms
49ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTIxODQxNWQwMGM4ODE3NGNjNjZlY2E5NTExYzY5YTExYTI3NmQzMA&us_privacy=1---

Requested by

Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/

Protocol

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTIxODQxNWQwMGM4ODE3NGNjNjZlY2E5NTExYzY5YTExYTI3NmQzMA&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 259D 0
0 59ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 259D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGl13QW3LwugcziPcVBsQAE&google_cver=1

0
239 B

37ms
8ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGl13QW3LwugcziPcVBsQAE&google_cver=1
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGl13QW3LwugcziPcVBsQAE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 259D
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0DXHQ5F-L-BPNH&us_privacy=1---

0
357 B

117ms
117ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0DXHQ5F-L-BPNH&us_privacy=1---
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:04 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C87C525D1DF54AB383A27828ABC7839F Ref B: FRAEDGE0908 Ref C: 2022-03-05T14:16:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXZeUWOBpXkn8K6kJ74tw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0DXHQ5F-L-BPNH&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 259D 70 B
264 B 30ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by: Host: www.nwaonline.com
URL: https://www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Mar 2022 14:16:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3 200 metrics Show response
api.permutive.com/v2.0/internal/ 2 B
37 B 20ms
20ms XHR
text/plain 34.107.254.252
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/internal/metrics?k=79f73579-173c-4ac9-aef4-7d0cb40f0b84
Requested by: Host: 32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app
URL: https://32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app/32486ac9-2d2f-4adf-abee-f255f399471e-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.nwaonline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 05 Mar 2022 14:16:05 GMT
content-encoding: gzip
server: Permutive
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
via: 1.1 google

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 9A64 0
260 B 64ms
16ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=158314&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158314
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 14:16:06 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wehco.blueconic.net
URL: https://wehco.blueconic.net/DG/DEFAULT/cs?&callback=bc_json506

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.nwaonline.com%2Fnews%2F2014%2Fnov%2F18%2Farvest-acts-on-breach-reports-20141118%2F&ntv_mvi

Domain: wehco.blueconic.net
URL: https://wehco.blueconic.net/DG/DEFAULT/cs?&callback=bc_json507

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=399738382923434940250

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

61 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.nwaonline.com/news/2014/nov/18/arvest-acts-on-breach-reports-20141118	1969-12-31 23:59:59	Name: ntvSession Value: {}
.3lift.com/sync	1970-01-20 03:31:05	Name: sync Value: CgoIgQIQpYHA0_UvCgoI4gEQpYHA0_UvCgoI5gEQpYHA0_UvCgoIhwIQpYHA0_UvCgkICRClgcDT9S8KCQg6EKWBwNP1LwoJCAsQpYHA0_UvCgoIjAIQpYHA0_UvCgoIzgEQpYHA0_UvCgkIXxClgcDT9S8=
.nwaonline.com/	1970-01-21 03:39:44	Name: permutive-id Value: 7cd93580-99f1-47d3-aed8-baf5dd90f8c6
.32486ac9-2d2f-4adf-abee-f255f399471e.prmutv.co/	1970-01-20 03:33:58	Name: pxid Value: 35e1660d-810f-4f45-99bf-b09fc08eef6a
www.nwaonline.com/	1970-01-20 10:07:05	Name: last_visit_bc Value: 1646489760280
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 6JAgD8ErSg0
.youtube.com/	1970-01-20 05:40:41	Name: VISITOR_INFO1_LIVE Value: 4Fys8bpiqUw
.nwaonline.com/	1970-01-20 18:52:41	Name: _ga_L2LEJNK6NX Value: GS1.1.1646489760.1.0.1646489760.0
.nwaonline.com/	1970-01-20 18:52:41	Name: _ga Value: GA1.1.1443651117.1646489761
.adsrvr.org/	1970-01-20 10:07:05	Name: TDID Value: d6623602-8f12-4749-aa36-8c3bfe2e2396
.adnxs.com/	1970-01-20 03:31:05	Name: icu Value: ChgIw8VDEAoYASABKAEwoOGNkQY4AUABSAEQoOGNkQYYAA..
.adnxs.com/	1970-01-20 03:31:05	Name: uuid2 Value: 2989019449780359481
.rubiconproject.com/	1970-01-20 10:07:05	Name: khaos Value: L0DXHQ5F-L-BPNH
.rubiconproject.com/	1970-01-20 10:07:05	Name: audit Value: 1\|hLZGFuTafB3+qwDjseJXAj5APvdogVCbaTd6KyMQnat7y9GyzaExIftI/z8Rc1N8XQ33YR8n/S8z2DcZO01XbOCAnekPgJibbDzzimsiHmnQD5U7tEfUTQ==
.nwaonline.com/	1970-01-20 18:52:41	Name: _ma_uid Value: 9ef86884-5e81-40f1-b53e-250d3bc292d8\|1649081761609
.nwaonline.com/	1970-01-20 18:52:41	Name: _ma_vws Value: 1\|1649081762164
.3lift.com/	1970-01-20 03:31:05	Name: tluid Value: 399738382923434940250
.bing.com/	1970-01-20 10:43:05	Name: MUID Value: 2F1F19154A2C61EE1980084B4BFE60B7
.turn.com/	1970-01-20 05:40:41	Name: uid Value: 3104886536572414942
.pubmatic.com/	1970-01-20 03:31:05	Name: KADUSERCOOKIE Value: B1AFFC54-324C-433E-80D6-13A61D5FAAD2
.pubmatic.com/	1970-01-20 03:31:05	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 01:22:56	Name: pi Value: 158314:2
.pubmatic.com/	1970-01-20 03:31:05	Name: DPSync3 Value: 1647648000%3A201_197_219%7C1646524800%3A174
.pubmatic.com/	1970-01-20 03:31:05	Name: SyncRTB3 Value: 1647648000%3A3_13_7_161_56_54_220_21%7C1647734400%3A35%7C1649030400%3A203
.yahoo.com/	1970-01-20 10:07:27	Name: A3 Value: d=AQABBKRwI2ICEDMIhnWh_AiV5aD3ZQtlMX4FEgEBAQHCJGItYgAAAAAA_eMAAA&S=AQAAAq4HpeaeJfk4OqFqakXnRWA
.bidswitch.net/	1970-01-20 10:07:05	Name: tuuid Value: 955f5bfd-76c8-4f43-a825-3b9f445be8ee
.bidswitch.net/	1970-01-20 10:07:05	Name: c Value: 1646489764
.bidswitch.net/	1970-01-20 10:07:05	Name: tuuid_lu Value: 1646489764
.adsrvr.org/	1970-01-20 10:07:05	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiKwfLylq-_OhAFGAEgASgCMgsIirn1n62vvzoQBTgBWghwdWJtYXRpY2AC
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:53:23	Name: bcookie Value: "v=2&6b9e7cc6-e5c5-4248-8e27-ae4e170c6b4b"
.linkedin.com/	1970-01-20 18:48:45	Name: li_gc Value: MTswOzE2NDY0ODk3NjQ7MjswMjEtD7qG+dFjLcxLDc3l8uxBXcDIyowz3+XdXSxeVEH9xQ==
.linkedin.com/	1970-01-20 01:22:56	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2240:u=1:x=1:i=1646489764:t=1646576164:v=2:sig=AQEhYY158hnMGnhqAKd1Prt5nad-j4T1"
.adfarm1.adition.com/	1970-01-20 03:31:05	Name: UserID1 Value: 7071619689582229650
.mathtag.com/	1970-01-20 10:47:24	Name: uuid Value: 62616223-70a4-4600-a455-746d69a6f15d
.simpli.fi/	1970-01-20 10:08:32	Name: suid Value: 6D8C00459A72444FB4D00B341E1A68EF
.adform.net/	1970-01-20 02:06:08	Name: C Value: 1
.de17a.com/	1970-01-20 09:59:53	Name: guid2 Value: 1.8671275517256877988
.adform.net/	1970-01-20 02:47:53	Name: uid Value: 2307799097925015183
.sportradarserving.com/	1970-01-20 10:07:05	Name: zuuid Value: a6d9bc97-50ab-49ed-ba02-d83f553a72cf
.sportradarserving.com/	1970-01-20 10:07:05	Name: c Value: 1646489764
.sportradarserving.com/	1970-01-20 10:07:05	Name: zuuid_lu Value: 1646489764
.pubmatic.com/	1970-01-20 02:04:41	Name: KRTBCOOKIE_1101 Value: 23040-7071619689582229650
.pubmatic.com/	1970-01-20 03:31:05	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 02:04:41	Name: KRTBCOOKIE_391 Value: 22924-2307799097925015183&KRTB&23263-2307799097925015183
.pubmatic.com/	1970-01-20 02:04:41	Name: KRTBCOOKIE_27 Value: 16735-uid:62616223-70a4-4600-a455-746d69a6f15d&KRTB&16736-uid:62616223-70a4-4600-a455-746d69a6f15d&KRTB&23019-uid:62616223-70a4-4600-a455-746d69a6f15d&KRTB&23208-uid:62616223-70a4-4600-a455-746d69a6f15d
.pubmatic.com/	1970-01-20 02:04:41	Name: KRTBCOOKIE_377 Value: 6810-d6623602-8f12-4749-aa36-8c3bfe2e2396&KRTB&22918-d6623602-8f12-4749-aa36-8c3bfe2e2396&KRTB&23031-d6623602-8f12-4749-aa36-8c3bfe2e2396
.sportradarserving.com/	1970-01-20 10:07:05	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 10:07:05	Name: zuuid_k_lu Value: 1646489764
.pubmatic.com/	1970-01-20 02:04:41	Name: KRTBCOOKIE_57 Value: 22776-2989019449780359481&KRTB&23339-2989019449780359481
.pubmatic.com/	1970-01-20 02:04:41	Name: KRTBCOOKIE_336 Value: 5844-8671275517256877988
.doubleclick.net/	1970-01-20 10:43:05	Name: IDE Value: AHWqTUmqtZNRIZfPSPOU18HiWdCvksINVDJKa6mY-XNasxeoQFoZlT9gBzM2G8R_s18
.pubmatic.com/	1970-01-20 02:04:41	Name: KRTBCOOKIE_80 Value: 22987-CAESEPnVpJ6oArG4bR2lmjKuNHg&KRTB&16514-CAESEPnVpJ6oArG4bR2lmjKuNHg&KRTB&23025-CAESEPnVpJ6oArG4bR2lmjKuNHg
.pubmatic.com/	1970-01-20 02:04:41	Name: PugT Value: 1646478029
.onaudience.com/	1970-01-20 10:07:05	Name: cookie Value: c6b148f906477722
.onaudience.com/	1970-01-20 01:22:56	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 10:07:05	Name: zc Value: 74c00f14-10cd-4e98-53d0-e2dbd2a2e608
.zeotap.com/	1970-01-20 01:22:56	Name: zsc Value: %D9%21%3F0%10%8C%B6%2C%9A%E2%0C%993%B0U%F2p%E5R%D9%B87hd%5C%B2%06%3E%D8%84%DA%FD%1D%E5%3F%9C%F3%16%9D%01%2F%5C%DC%F4Z%ED%E3%A5%C1%0Ew%3DQ%F6%D8P%04dM%94%C3%E0%9D%82s%CCL%C6l16%0F%D7%A1%CD%CB%0AR%3E%FC%5D%8F%E7
.amazon-adsystem.com/	1970-01-20 06:23:53	Name: ad-id Value: A9DheNTlakb8hUABjoFUhvg
.amazon-adsystem.com/	1970-01-21 21:49:48	Name: ad-privacy Value: 0
.pubmatic.com/	1970-01-20 02:04:41	Name: SPugT Value: 1646489766

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.connatix.com/min/connatix.renderer.infeed.min.js Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://id.rlcdn.com/709414.gif?us_privacy=1--- Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32486ac9-2d2f-4adf-abee-f255f399471e.edge.permutive.app
32486ac9-2d2f-4adf-abee-f255f399471e.prmutv.co
a.sportradarserving.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
ads.yahoo.com
ajax.googleapis.com
amplify-imp.outbrain.com
api.permutive.com
ascendeum-d.openx.net
b1-nydc1.zemanta.com
b1sync.zemanta.com
b1t-nydc1.zemanta.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.connatix.com
cdn.jsdelivr.net
cdn.klangoo.com
cdn.permutive.com
cdn.resonate.com
cm.g.doubleclick.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
grid.bidswitch.net
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
jadserve.postrelease.com
log.outbrainimg.com
magnetapi.klangoo.com
magnetapi2.klangoo.com
magnetrack.klangoo.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
mwzeom.zeotap.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
s.amazon-adsystem.com
s.ntv.io
s336.nwaonline.com
s7.addthis.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
sync.mathtag.com
t.teads.tv
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
u.openx.net
um.simpli.fi
use.fontawesome.com
wehco-bi.appspot.com
wehco.blueconic.net
wehco.media.clients.ellingtoncms.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.googletagmanager.com
www.nwaonline.com
www.youtube.com
x.bidswitch.net
z.moatads.com
zem.outbrainimg.com
jadserve.postrelease.com
s.amazon-adsystem.com
wehco.blueconic.net
104.109.78.125
104.18.12.242
104.19.150.54
13.248.245.213
142.250.186.98
143.204.95.188
143.204.98.38
143.204.98.65
151.101.14.132
151.101.193.108
151.101.194.137
162.244.66.114
169.50.137.184
178.250.2.151
18.184.108.74
18.184.249.62
18.193.253.133
184.30.24.121
185.29.134.248
185.33.221.14
185.64.189.110
185.64.189.112
185.64.190.78
185.64.190.80
185.64.190.81
198.47.127.20
2.18.232.28
2.18.232.7
2.18.233.180
2.18.234.163
2.18.234.190
2.18.235.40
2001:678:cb4:bbbb::11
208.91.60.7
213.155.156.182
216.58.212.130
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2602:803:c004:200::140
2606:4700:10::ac43:db6
2606:4700:20::ac43:4735
2606:4700:3033::6815:3f36
2606:4700::6810:5614
2606:4700::6812:551
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:801::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:812::2003
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2014
2a00:1450:4001:830::200e
2a05:d018:d29:3601:48c:2850:f91f:4df0
34.107.254.252
35.157.246.167
35.211.165.199
35.241.9.51
35.244.159.8
35.244.174.68
35.71.131.137
37.157.4.39
51.79.83.225
52.28.154.195
54.239.37.23
64.202.112.127
64.202.112.159
69.173.144.139
69.173.144.165
85.114.159.93
04c504d2e7bd10a6b2ddaacc904a3aba785c70bad1f19c2d19d60ddbcb99107e
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05d57a314c71c845e1b78bcf291cd71e2e8f1135b32cbd084b6aaeee590920d4
05e729cdebb13980a99941445ee74fe1eae6c194731e7f4fdd60281c3fd0e5f4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0977c46182dd47e285e6d06417983b89710fb9611854b0667774eb1adf28eb47
0985b35e11632f31f38b689cfc8a2fb40469925b22306089ea494744c55a0d64
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb
0dc4d239818b7855cdd48679083cc8b157b78271d494ba8fe20e861c53ae6e2c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10403f32e61a3c952928b9b3cfed128c14576bbc52ddcadbcd9997a655a7b95c
13bbe8ec2034ac5993a42c6035f93895a5a5968044e182f920f2312e92a7e9fd
17a0d2f0d7b12116c3b87b3e8662ff59cb88682b5cb038fae9cc9df5a16f5b7b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a1ceef0848eb5ea2c816e56c35b6be9fcee9295c976ac5b0da03d4552d9ac4b
1e61bded631c76e734bedf448d8a3517fdcd323b1a158f2901cfa989ff01f2ac
1e8653e8f23f19deea7c7252796520826bf80a333f6a78fb16e29a783d785701
2039b4b8fbdc55ee9d1e99e4ef3c6467439a0987ec49f48c13bb8ffc10a059c7
20d821160a5c05ea1eade5b72131cd2bb4680d039a60931ef6ff87a8d5741682
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b98964cf8fe02bd4be23245c2a901a360fb04025e4c461d5d4564b01d394db2
2ba0c6f678bcf2407d62a232bc2841aa3b9c6281ed0adceaf8caeeb38328378c
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ecb1a5a62f6090f2d77ebc71750977933b6fcb1b3b46b23d8791ad8d4570b07
2f3dfe5b454f4e65ec99fdb97911ed03ddeb7d0205051b078333ba1f6386fa91
303c5f6f3b03136852e547151cc8e82ef4b9f1f90132a7271892eb912daa44e2
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31f905374457a5300e13a4c80dc5220d85c84a903b1da9d2562ac53c2ed6353a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
36a588822bfb9e3d351da79c492ed62f9d98275d59f611a50b0f37ae11731a34
39c5031fa5e04352d50fff0f766f4c5f77f2e30a45fcf73d0470bd41cd041394
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b5500b51e4d9583e1d005a4df8a8567773d5a5bef3120ac1190bc5cfbb9c0cd
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef2ab34d9864136d4d79b4f583cc4967f39ae8fde03e7e354ba468cc60c8168
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4080b83d8afc4487b8229308be2f196372bd2123613b46388048f14159f07181
409b4627c5ef5cd5dd4a9c09a29b7ec881970d109b084f275a9b3b4dc99f038d
434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4690497edbba8208ca3335192210c452506e3c01f4feb7cc4c3f41ae547d3b39
47a0b51885852e8a21abc963f5325695bc6e3955f8ab1735b0a72f2079f6e1db
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
4b52e3d6c7bab000af13e140fead5be1fcf8639009d6466ba87d6e75138679ed
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
501d697b0aac4c8b7a7b993801dc41e15600042be5fb178c59aa788a3a711b7f
5237c7063a1b19125fa64756bae3e02477f86b151d81fc4c26469c22b9ec993c
53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
59b075c7c91ff7b85bbdae7d07308e3a41169aa0d1c876357e45b2bde536cf37
5d3485c761640d33d61a6c8eba8d4bbb3455a1cee7a1e4b7f80b92f182169b38
63b49d58e13f9edc496b9e239b5e5c08757d26551bd16628cf996d3af0b769f2
6471fb56b8dd8c4ce897564448db6a5b372fc7f95a6a57b5c7161c0910aa63e4
69a3b2b3625c5b1ef37f59ebcd787c3b2e5b1379f3cf45a4763e6e12525e02fa
6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bec6a132d4d9a947733747cee86caf4c20cf682293bc59bf55a1e5632528170
6c49b6b8133215ab8f6098916fa9b31444e6088d7865995295ac8b82a16edb42
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6d70e027910b3498b0ae48b0859c643115fa4a272786d0c5fde05f423803d8ec
742f5bf956962f640df73129426612d155be6aec9fb8e542374f111f9da1362e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
773b9ab702988e1f267e00341e5dab91ea4ff52301916ed0bbc2eabcfb8bd339
7763f245a82f5f8a6ada073555d4c2016a611500b88e2bc62dfbc6823ac7d89d
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
814e0a77dd63313cabae0f4d6e6f88c510b0c8b67b5412edf022b48a1d0a956e
824043c5d884d7a8d3aaf975c9462240670fc3d97be8c0bbe46327b01a53a8d7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91b4d5ccad9a637949a9d1966fc68ad5cccada4f05e9e8069356de68732d0746
93e3ed68f984276f940bc09c116bd39cebedf21b1f4f15b5044fe7688846f885
969c16408cd487874d2d1a3b68c7991b6f479bfcea609eccb1f47a813a5e1491
97ea80c5078bc96b9258698f850d13275350bed0e0a81001cd384e19485af180
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b6ca73ab50c02b75d1f8014cf8fd28e7aca9a493ee4bcd6615015aadea71270
a0734210780de6fc8b51c718b1f70bd8076f72fa13368eb67c1bbf61f7051356
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b0b21fec8e4fcab31246cab94399945c95b0e2858a03c03af518459fda2e2cb8
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4d42a379ac780de8aa3c004ae2df02738fe5674648d5d465c116c54029d3db6
c6912ff1547a3c02949c8e299e0a1477eba73271e0cc1bcddab436c9d1396938
c6fef49f2d9458e2b8f43e0834aea5fa82c16be9c9b5db1c5443386310f7c8ef
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e1117d6696a8fd5364b5bd1bccae6fca652fe8780e8875ad140c559f36afa034
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47f26aae345081dea62da35197fa79c79decf1010a9ff176d49a5595ed9b709
e4eda306f2139535f80071029f8e6f6defa8230902ecfb4adda331dd0ddc1ed0
e73e0542029c2df6b0aa28ef20ef60d2e7aace5d8905400fefc243f0c0d37da7
e7d4d5340bbe57a01d8f7992142e2763d438d5783890c76748306eebfa056a69
e833be0e7f6978ffda6f94acd914dd1a84fe1545445c352d71be1f13f5f8f4d5
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f101503eee703c16c4256e003cffec0e78643c84806ec36739b4e66bac87ed5e
f6654cdce4772c6e6d896c5ff548af91be2430caa8b1a8f6d60345fc15738bdb

www.nwaonline.com Open in urlscan Pro 2606:4700:20::ac43:4735 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

84 %HTTPS

28 %IPv6

51 Domains

87 Subdomains

63 IPs

10 Countries

2171 kBTransfer

5387 kBSize

61 Cookies

33 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nwaonline.com Open in urlscan Pro
2606:4700:20::ac43:4735 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

84 %
HTTPS

28 %
IPv6

51
Domains

87
Subdomains

63
IPs

10
Countries

2171 kB
Transfer

5387 kB
Size

61
Cookies

160 HTTP transactions
0 data transactions