www.paloaltoonline.com Open in urlscan Pro
104.26.15.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW2z8ZWv7grYPlW56dJz85c-bdC102?te=W3R5hFj4cm2z...
Effective URL:
https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Submission Tags: falconsandbox
Submission: On March 16 via api (March 16th 2022, 8:04:36 pm UTC) from US — Scanned from DE

Summary HTTP 111 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 25 domains to perform 111 HTTP transactions. The main IP is 104.26.15.44, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.paloaltoonline.com. The Cisco Umbrella rank of the primary domain is 515134.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 20th 2021. Valid for: a year.

This is the only time www.paloaltoonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:8c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	104.26.15.44 104.26.15.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
8	172.67.69.218 172.67.69.218	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	95.101.104.156 95.101.104.156	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.139.245.9 151.139.245.9	33438 (STACKPATH) (STACKPATH)
15	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
4	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	162.244.66.114 162.244.66.114	18501 (CODERO-DFW) (CODERO-DFW)
2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:2a00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	72.247.226.64 72.247.226.64	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
2 7	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:da00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.226.181.34 34.226.181.34	14618 (AMAZON-AES) (AMAZON-AES)
21	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
111	30

1 2606:4700::6812:8c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.sidekickopen80.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.26.15.44 (United States)

ASN13335 (CLOUDFLARENET, US)

www.paloaltoonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.69.218 (United States)

ASN13335 (CLOUDFLARENET, US)

www.embarcaderopublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.101.104.156 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-104-156.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.245.9 (United States)

ASN33438 (STACKPATH, US)

cdn.pushalert.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.244.66.114 (United States)

ASN18501 (CODERO-DFW, US)
PTR: 162-244-66-114.dedicated.codero.net

magnetapi.klangoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.klangoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
magnetapi2.klangoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
magnetrack.klangoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:2a00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.247.226.64 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-226-64.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c2d020829a62ec0625c4db2865ca98dc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:da00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.226.181.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-181-34.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com c2d020829a62ec0625c4db2865ca98dc.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122 pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	605 KB
19	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 68 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	168 KB
9	paloaltoonline.com www.paloaltoonline.com — Cisco Umbrella Rank: 515134	254 KB
8	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	1 KB
8	embarcaderopublishing.com www.embarcaderopublishing.com — Cisco Umbrella Rank: 521682	100 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	241 KB
5	klangoo.com magnetapi.klangoo.com — Cisco Umbrella Rank: 78821 cdn.klangoo.com — Cisco Umbrella Rank: 80584 magnetapi2.klangoo.com — Cisco Umbrella Rank: 199889 magnetrack.klangoo.com — Cisco Umbrella Rank: 100010	41 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1590 ka-f.fontawesome.com — Cisco Umbrella Rank: 2959	101 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1373 m.addthis.com — Cisco Umbrella Rank: 1332	217 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8832 www.google.de — Cisco Umbrella Rank: 6433	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	388 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	16 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 839 pixel.quantserve.com — Cisco Umbrella Rank: 381	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	114 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	110 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	352 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 966	201 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 792	438 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1542	875 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 329	1 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1029	14 KB
1	pushalert.co cdn.pushalert.co — Cisco Umbrella Rank: 37322	48 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1207	5 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 251	33 KB
1	sidekickopen80.com 1 redirects t.sidekickopen80.com — Cisco Umbrella Rank: 411123	609 B
111	25

	Domain	Requested by
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.paloaltoonline.com
9	www.paloaltoonline.com	www.paloaltoonline.com static.cloudflareinsights.com
8	www.embarcaderopublishing.com	www.paloaltoonline.com
7	www.google.com	2 redirects securepubads.g.doubleclick.net tpc.googlesyndication.com
7	www.googletagservices.com	www.paloaltoonline.com securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
4	ka-f.fontawesome.com	kit.fontawesome.com www.paloaltoonline.com
3	stats.g.doubleclick.net	1 redirects www.paloaltoonline.com
3	s7.addthis.com	www.paloaltoonline.com s7.addthis.com
2	www.facebook.com	www.paloaltoonline.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.google.de	www.paloaltoonline.com
2	magnetapi.klangoo.com	www.paloaltoonline.com magnetapi.klangoo.com
2	connect.facebook.net	www.paloaltoonline.com connect.facebook.net
2	www.googletagmanager.com	www.paloaltoonline.com www.googletagmanager.com
1	magnetrack.klangoo.com	www.paloaltoonline.com
1	magnetapi2.klangoo.com	cdn.klangoo.com
1	googleads.g.doubleclick.net	1 redirects
1	cdn.klangoo.com	magnetapi.klangoo.com
1	pixel.quantserve.com	www.paloaltoonline.com
1	www.google-analytics.com	www.googletagmanager.com
1	ping.chartbeat.net	www.paloaltoonline.com
1	rules.quantcount.com	secure.quantserve.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	c2d020829a62ec0625c4db2865ca98dc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	z.moatads.com	s7.addthis.com
1	static.chartbeat.com	www.paloaltoonline.com
1	secure.quantserve.com	www.paloaltoonline.com
1	cdn.pushalert.co	www.paloaltoonline.com
1	static.cloudflareinsights.com	www.paloaltoonline.com
1	kit.fontawesome.com	www.paloaltoonline.com
1	ajax.googleapis.com	www.paloaltoonline.com
1	t.sidekickopen80.com	1 redirects
111	37

This site contains links to these domains. Also see Links.

Domain
www.destinationpaloalto.com
portal.cityspark.com
twitter.com
facebook.com
instagram.com
mailchi.mp
www.mv-voice.com
www.almanacnews.com
www.thesixfifty.com
www.embarcaderomediagroup.com
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-20` - `2022-06-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-24` - `2022-03-24`	3 months	crt.sh
*.pushalert.co Sectigo RSA Organization Validation Secure Server CA	`2021-04-13` - `2022-05-06`	a year	crt.sh
*.klangoo.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-12` - `2022-03-30`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Frame ID: 46DCBC68928551418582E6118ADB03D6
Requests: 66 HTTP requests in this frame

Frame: https://c2d020829a62ec0625c4db2865ca98dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A1D0BEB875DFF46E15D173F4A45333E8
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 73D117BE5AC13EF7866CEE08C874A268
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: AA9EF81DBF2A112AFD1F952CE1EFBC42
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGb9Uzl4sPB2MPvwUsEkM_gUGiqsHSAYtE2_uFNoWyRjmZc_QMkNw92aGjS19VrzlUOAiLkOiy5Wr7dKKkS0fPdwORLF9Hq3Nn0jEfxmZQN-dMk1m0zopmgIETBJ3h7ZYjguWM7hgCDAVWvkbzR7_Gsmlid5xGWuMqVtR-rXC4XzMgnIbgtjggMRvt1neO4QXggujCNUgeiXPnXtNGgFMkBqK1iBXJpakWd48pr5yvLdjpg9hpX1_HjGNo6z4rMXJ2IziNg7Qke50z8YY2cZ5-Cmie8VBejyEeCCfG3a7uuDVX5VeacnAkwzLghoEKzST5OvD2ShOuzYPaeIM&sai=AMfl-YRGtQWzxcJO8kiYtBDT7ZvU6Xewtuo9cWm2lDHpc4sUGoZvVav_600g8n52j489cv-tDIYkyPrHrKmHED-cWwaYDqcAgVSwRPcZzeK3ymvdGDQbdZokqOz0xnM_9wc&sig=Cg0ArKJSzOZxzGhg-q-REAE&uach_m=[UACH]&adurl=
Frame ID: 54B35D2A6D6FB8DC115FA03E320793DB
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm_K4Qey0WC3LRaIoiOJo0pL0mFQXRimx63FelJerLrjzQk-nUa-F_g-eUVRqR9I1SGKBSRHmZb89Qg5yc4kBOYDbmymDli7EjXdcv1_KPDrkYJmDFn5mF_NSdY61KFJWKzPSdEBB2EzZDUZSXhU4NCFDjpg1xiei9hhQF0irIogwUEs_AKrNrISA-DPazqezEoYZoiHFnqzUY8TXzjnwxcaMrSxkySjW3jmYm8D8WLdCVbukIY9uTAmSPpFM2B5S-0Oa6Bn9jizrvyq4AWQk33BAkeUVtcoKv5yvR_L_UZpqDny_AXQMiiHaDgPTC38ruxekNP_1dUQEBe-M&sai=AMfl-YS0inpNHWgNSMRVHWTZa65d0fT8fVouWPCvXG4F1xZW6355s6JQyMARehKQU2Z7tCfrfzBgsgGV3Z7xRpOe494invzuMIpdGF6AusPqwlsMcxdFYDOZw5N7zJvaxgk&sig=Cg0ArKJSzJZxEOtdqzw-EAE&uach_m=[UACH]&adurl=
Frame ID: 528D36370F8B2BA244B03EBEB1C5DC3A
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu32RxJgq7ZVsGSeudhJBUB8BIt-DyLYmpkUKnjJDBlipnkZ2FhJJXxG67DWifDdERgCgldNMqmkYDkA3XN0hDaprKiXyXMHRz8xQO1bQQL8SL-Nz4eUOQR4XfcPypb09G17pqy5RzZiFR1x6R55v-1n621e0D2x6bMzlRrnBksUYlBHztxe-pH_1O9ojpwQn6Vr-r0DJXfm-vIV-bh0bbjkT7RyknzAMorm-6bLr20U9CX6JoWInx6foz9ou9BtJfJQiKuNcGu8UTEDyVWKgNhFAWJboO6lYM29Xx4X_sc_ats16yZfZKUxzBFCNLsrATEdAojQFZc2U9liWPrqEQ&sai=AMfl-YQhAAYWqf6b5LHuWNsndHz6Em_HOmrROPytFQy6vUR2Xjb9zyQcu9v7gRoHd-jAgPsHHGXfp-_8zEjUyFt7pKlEDgGjgw8FjgBlyBdUVdzsx7UQhBQ1P8XzR66O5Vw&sig=Cg0ArKJSzJ3ql17S766IEAE&uach_m=[UACH]&adurl=
Frame ID: 8DE02EACED7890E4D647827914EC04D9
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnb4_K36n6rzqQy8yGQUSkT94UMvPzmH8vxeEBZJeu-Z8EjG-8R7HarcWVMqFvmgEdfEX3LsHmXPlW0c-x2JyywekuR_cIc19dCQkTCXlE_7vNQLj7KXDXZeTVuRdYys0xrl9zDWA8G5cajSD1RQMyahyMeP2P7gGs3EFAOMyEeRRJAXpzSIo_iY2-fpifU2y65nEqAKcKyCLcSufghwS7C-cYSagz-5IHOGQn2OIOm01T8b4lNSKsf_IiK0INpyZsBKHkRpbLvbNmjp8Aei036XtckM21q_cIi6_qVjxt27N-cAQBNS3hAG3jLa0WuLlzfbJ-g78EwtbPRhjkAeI&sai=AMfl-YSgS3cQuZsVu2X-fW3SNNA14E6RDM3XMCq0_QCyrBiVzGPdd6Y9E9ZRhvetGzNDM6KDw6vvDq1kLxF2HMzHetEmxLym60lE8g_1L422amIUcd1n5Q7-4gUCklAiO6g&sig=Cg0ArKJSzE1dA9y9xnxcEAE&uach_m=[UACH]&adurl=
Frame ID: FF95F59090F626646E833C632C481BA1
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiuBgT3eo6hb2q1WZhVwJaf3e7psICLNR5Gq2Fbvjxt7tX-SMeMuVW6ZgoDv6Wz8QAMzlpBYiZg20oIQ-FPTAzBIenksFdYmHrNFBLHYWhYX3mk-lEggimYP1V2YoiBhkA1-5bK3bBkh8RrK5CE3x26Qw4pqvjEZj34eK9FtvEGKhrVFoMu_UY_KkAg0nJ9-JAaGJkcO_4bxiIbAt-S3ma69r-jrQgzy2s_8E0k3sS-ay0yoRk_QBK3c-nBfrvLUGoF92QSZYQjvX8LrL_DFXzELSI8m-_uP0wQmTGbWEcQc9dUTH_yBt3B_yqnX7PfSM74dYrMSsWNkqnIJnyz1k&sai=AMfl-YTtUKGATYddaj9J8dzw2UQdcwLr9IX3xbvgMBElH_ae96blEsBxmGd5rGqgOHESNFF2OA6-jmfWzpf5y4Xfk78zlfaCSfUzN7OhihIBwS9oRgvyn_9LFuC8tNsypYE&sig=Cg0ArKJSzHMFwTe1exSwEAE&uach_m=[UACH]&adurl=
Frame ID: 33AFADC5826CB778DBD36E67EF79017B
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwMQle20ktTpfisHMgNu_WV25_nUidTWV0EY1vP_hZG3opDlOdsz-uXDcPDipYuecNzw2kfm04agE1BPswzcy9PqR91EWH6hAXDdpKhGE_uf54lK39rW5zmk4c9OUrqPVYt3ximj4aypZq5Er_fNuAq8D-R9wx9bS700TVgBj9QKlxcuh97bGKvyigL66KkvMMV7nyUTj8FnHnzBjH1sgKd36F_0s9Xn7sagcRA8Mhw_64o6D6re9VRUrozPr9v2T8vPm60xPI0xu5ooXUJPaFKgIaEoIvxo1pTlcTzE7JXNBoDYtwQAmCEd20HrMOtlL8MbJFrt3y5CzuG0ZrG1s&sai=AMfl-YSAqbz_mS48-VsasGAHM2TEk3QalX4dtfq5429w-qTx5QXTxoC357skkXHSkiftdDI-TtDTe29ULB6l99PL-kaObMi7xMd0J3JRfu7qiuDAmWpqWTmc8B0vWwkMgH8&sig=Cg0ArKJSzMXlQS4wOn2vEAE&uach_m=[UACH]&adurl=
Frame ID: 624BE45A0A4856978D82FA3A9E9FDDBB
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EF6C419B147FFEB4A657571B6D74AEBD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C92C8664F4F75A162765289FA392C645
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Walgreens agrees to $7.5M settlement over alleged phony pharmacist | News | Palo Alto Online |FacebookTwitterPrintAddThisFacebookTwitterPrintAddThisFacebookTwitterPrintAddThis

Page URL History Show full URLs

https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW2z8ZWv7grYPlW56dJz85c-bd... HTTP 307
https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharma... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

97 %
HTTPS

71 %
IPv6

25
Domains

37
Subdomains

30
IPs

3
Countries

2083 kB
Transfer

5106 kB
Size

29
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.destinationpaloalto.com/eating-and-nightlife/
Title: Restaurants

Search URL Search Domain Scan URL

URL: http://www.destinationpaloalto.com/
Title: Visit Palo Alto

Search URL Search Domain Scan URL

URL: https://portal.cityspark.com/EventEntry/EventEntry/PaloAltoWeekly/
Title: Submit Calendar Item

Search URL Search Domain Scan URL

URL: https://twitter.com/paloaltoweekly
Title: @paloaltoweekly

Search URL Search Domain Scan URL

URL: https://facebook.com/paloaltoonline
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/paloaltoonline
Title: @paloaltoonline

Search URL Search Domain Scan URL

URL: https://mailchi.mp/embarcaderomediagroup/advertise
Title: Advertising Info

Search URL Search Domain Scan URL

URL: http://www.mv-voice.com/
Title: Mountain View Voice

Search URL Search Domain Scan URL

URL: http://www.almanacnews.com/
Title: The Almanac

Search URL Search Domain Scan URL

URL: https://www.thesixfifty.com/
Title: TheSixFifty.com

Search URL Search Domain Scan URL

URL: http://www.embarcaderomediagroup.com/
Title: Embarcadero Media

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW2z8ZWv7grYPlW56dJz85c-bdC102?te=W3R5hFj4cm2zwW4mKLS-45LLYVW3zd7jZ43TCCNW41RcnV43T4P2W3KbWrJ1S1nmqW1L5LSS1N5Z0GW3zd69n3K3ptXW1Gy6NR3K3pWkW4fLG2L1ZqppXW3K9G6H3K6KvbW4fdhyd3K8JYDW3ZY6xL3K2Vj4W3R3bLV1GGm-JF49NQHrWtb91&si=8000000002011378&pi=3ab82409ad5c83bdf38c018cefc8eee4 HTTP 307
https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=740488482&utmhn=www.paloaltoonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&utmhid=202156915&utmr=-&utmp=%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&utmht=1647461070745&utmac=UA-440011-1&utmcc=__utma%3D248443142.458639756.1647461071.1647461071.1647461071.1%3B%2B__utmz%3D248443142.1647461071.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1961240356&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-440011-1&cid=458639756.1647461071&jid=1961240356&_v=5.7.2dc&z=740488482 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-440011-1&cid=458639756.1647461071&jid=1961240356&_v=5.7.2dc&z=740488482&slf_rd=1&random=935298153

Request Chain 106

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072652050/?random=618275070&cv=9&fst=1647461071099&num=1&value=0&label=GwJLCPfr1OcCEJK-vf8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&tiba=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&auid=2077156603.1647461071&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=z0IyYq6CCcWjgQf6_YTwAg&sscte=1&crd=CNPgGw&eitems=ChAI8JXGkQYQj83orbXQj7McEh0AMXZuo-gwjE9Mk-gGOxBIVQ1PojpvvsN0dRnUkw HTTP 302
https://www.google.com/pagead/1p-conversion/1072652050/?random=618275070&cv=9&fst=1647461071099&num=1&value=0&label=GwJLCPfr1OcCEJK-vf8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&tiba=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&auid=2077156603.1647461071&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=z0IyYq6CCcWjgQf6_YTwAg&cid=CAQSKQCNIrLMu2zYw5QotRdsOyYZEDpuRfXw-yO_k3JdLXFpYcGnQ4nmMzrp&eitems=ChAI8JXGkQYQj83orbXQj7McEh0AMXZuoz0MheVNiXYDXSbkN-nIeCGVPkYZrcDTTg&random=3993011488&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1072652050/?random=618275070&cv=9&fst=1647461071099&num=1&value=0&label=GwJLCPfr1OcCEJK-vf8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&tiba=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&auid=2077156603.1647461071&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=z0IyYq6CCcWjgQf6_YTwAg&cid=CAQSKQCNIrLMu2zYw5QotRdsOyYZEDpuRfXw-yO_k3JdLXFpYcGnQ4nmMzrp&eitems=ChAI8JXGkQYQj83orbXQj7McEh0AMXZuoz0MheVNiXYDXSbkN-nIeCGVPkYZrcDTTg&random=3993011488&resp=GooglemKTybQhCsO&ipr=y&prhg=0

111 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist Show response
www.paloaltoonline.com/news/2020/02/04/
Redirect Chain

https://t.sidekickopen80.com/s1t/c/5/f18dQhb0S7lM8dDMPbW2n0x6l2B9nMJN7t5XWPfhMynW2z8ZWv7grYPlW56dJz85c-bdC102?te=W3R5hFj4cm2zwW4mKLS-45LLYVW3zd7jZ43TCCNW41RcnV43T4P2W3KbWrJ1S1nmqW1L5LSS1N5Z0GW3zd69...
https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

52 KB
14 KB

414ms
379ms

Document
text/html

104.26.15.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a76cc23b08a0dc7ab69b9e70fdc7a78737fde4b8370ae86b628a94f11abe9d4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 16 Mar 2022 20:04:29 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding,User-Agent
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbDR7xTozVAZ40HldbI0xN0jJsPYeDbA%2FYdn8uPkQ0vbGmxCOznN4ScV7y9pUElTIk8YMI8tsO9VUnT7ZQqw7TRKI6t3Fmf5qGvJUXdxOsJo7Ck9wWIuSfdJHe%2Bjue7yJZ6wT7H749U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ed019225cdd9b9a-FRA
content-encoding: br

Redirect headers

date: Wed, 16 Mar 2022 20:04:29 GMT
location: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
x-robots-tag: none
link: <https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist>; rel="canonical"
referrer-policy: no-referrer
x-hubspot-correlation-id: 4d1bd125-96a3-4e55-8a86-8a961618ce27
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ed0191f6d2190c4-FRA

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ 94 KB
33 KB 115ms
81ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 18:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Mar 2023 18:26:48 GMT

GET
H2 200 colorbox.css
www.embarcaderopublishing.com/colorbox/ 4 KB
1 KB 628ms
582ms Stylesheet
text/css 172.67.69.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/colorbox/colorbox.css?v=8
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 717bf9ad10598afacee727e234d18601a90132e3f0b92f2b2084124e751b20d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 28 Jul 2021 17:10:02 GMT
server: cloudflare
etag: W/"1135-5c8320ea10960-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDEedaAy%2BdSLZHLPQwOsV0P6eNXJjiG1qh9%2Fr9Ebx6TcthXQ2dW958qJ37%2F9Cryk68N2QdStaifPp8F9W0cwGAhQ1Aud4HiZNGGruWGavl73%2BOvDo86P8RrZe38Ir%2F%2Bao3d4QC5FH61WDtcHw8fP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed019251b5c5b74-FRA

GET
H2 200 jquery.colorbox.js Show response
www.embarcaderopublishing.com/colorbox/ 28 KB
9 KB 589ms
542ms Script
application/javascript 172.67.69.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/colorbox/jquery.colorbox.js
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71096a60d61fc17ebd7846babcc1bfed67b5f65bbe7bce04aabd7ea41b93c299

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 28 Jul 2021 17:10:03 GMT
server: cloudflare
etag: W/"7105-5c8320ea7df60-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WoVz31wFfkwdhUx%2BjCyRtQb4s5DHiqjNPDFArXZ1C8Y49gZFXz3%2BIVVnCmpyHg4%2BfodORsdG3phFbARvMlGukXs7wx0gIaqi64GVO%2FNha8OmZIig3tKq%2FTRpRUWyHsS4bIAw%2FtABnRIcibltgwA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed019251b5f5b74-FRA

GET
H2 200 ajax.js Show response
www.embarcaderopublishing.com/class/ 5 KB
2 KB 559ms
513ms Script
application/javascript 172.67.69.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/class/ajax.js?v=8
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e4850c399d9fcecfb2c1977bc882dff7ca4c1393729a3e2c2890cb00cd1148a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Wed, 28 Jul 2021 17:09:53 GMT
server: cloudflare
etag: W/"12b5-5c8320e147900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wo6HGD%2FyUh0ABzCGQsXEWktabU05aB9c44q6X6%2F1sIVXQNyK2bKZrptun2eghM9LiN2A5fo3vSt63J3sy3noDiMypHhhNWgS7255zx9HQ53hnDTTUiY8sG2MOjk6FLBa%2FqB2yfuMh%2B326fUCget2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed019251b605b74-FRA

GET
H2 200 hide_slide.js Show response
www.embarcaderopublishing.com/js/ 2 KB
1014 B 560ms
514ms Script
application/javascript 172.67.69.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/js/hide_slide.js?v=8
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07cebc4e0f208791813887c1710c84a241522bb6428e58512b06efe2bbf8031c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Aug 2021 01:48:20 GMT
server: cloudflare
etag: W/"6ae-5c8c61d0f7f60-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmPVhWUfUQbiWALRPbULOLR7Bf3TF7gJNrP2R%2BwCigAN1Gte0lDTTRELoskF08XGWSiJ7rSWM9wFX7JmffuErvDPZSJNjWdJORB4yHKOgGMVtQJHEkLOLFdwWFI3%2Bnj7ldkdCW%2BRlspFJvZLVFST"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed019251b625b74-FRA

GET
H2 200 cookie.js Show response
www.embarcaderopublishing.com/js/ 3 KB
1 KB 568ms
522ms Script
application/javascript 172.67.69.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/js/cookie.js?v=8
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 169a73226f810a0ba713f5145c28f8c66a5864d5a32c84d1abe89382390c8117

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Aug 2021 01:48:19 GMT
server: cloudflare
etag: W/"a0b-5c8c61d01e300-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEn%2FFT3STDQ4c4bMKq5mU0QI2qlV8z2L2YfH5tlV8IFHCl9JKYZiHUmF8vTUjp6OQMVpuLv%2FT9j9gyhQu8gQBJClNrXd0R2SLRxT9LqDBuriNak5hB6PaqCe0d4wbnOQ2ySSraCpM54HMSoK4F7A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed019251b635b74-FRA

GET
H2 200 login_scripts.js Show response
www.embarcaderopublishing.com/js/ 4 KB
1 KB 569ms
523ms Script
application/javascript 172.67.69.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/js/login_scripts.js?v=8
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429f430d83b23af02d70781f2dd4200646e55304ef59b01bb9018e7a3d50310d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Aug 2021 01:48:22 GMT
server: cloudflare
etag: W/"1035-5c8c61d30a3c0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k68Il2hDWZLNdRtSENttvoc7o5FUHej0a7SwgwnFMIzGIUguIbaxa8erWuGTbFQwRJJZMSPHkJa0cKd3Pj5Ht1OHDaVGqDJnx%2B%2BL0S8NncwL8zIT1CHUigkX8Bfd2B7Oo7SkmkwClLvB%2BYP2gqw%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed019251b675b74-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 46ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64332d5f516b02ba38e276c714353873699a90426ef36f36a52ef11c19d7fa35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27854
x-xss-protection: 0
server: sffe
etag: "1160 / 525 of 1000 / last-modified: 1647448831"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 bootstrap.min.css
www.paloaltoonline.com/twitter_bootstrap/4.3.1/css/ 152 KB
24 KB 34ms
33ms Stylesheet
text/css 104.26.15.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paloaltoonline.com/twitter_bootstrap/4.3.1/css/bootstrap.min.css
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70c104563e945a1d986daac2f5896636676bf5c03a86883682957e755b32c0d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 18:39:24 GMT
server: cloudflare
age: 5105
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eN4DJzS7Z%2BqdhHQUg0ggfYJXtnG27ZlcWNxfMefgtJwMRiOTyzArhfu017UrG4p%2FHMfddGna2hFObcJKLEHKfqRkX9betJgMpXdSbURHP1uryfo2yd9DSQ%2BLQFQfoOhsylRlLVGZNCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed01924dae29b9a-FRA

GET
H2 200 jquery.js Show response
www.embarcaderopublishing.com/js/ 265 KB
81 KB 830ms
785ms Script
application/javascript 172.67.69.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/js/jquery.js
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344a7d902c6d219492e3c8e2f3a29c1634c73be7c410a8b5212ed67f56081e39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Aug 2021 01:48:21 GMT
server: cloudflare
etag: W/"42586-5c8c61d209660-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6uONmsNQNAKKSDvhQUF6MB2qCwrwZSheko7yxilQ8hNfoPLIpCC%2BudcO7s%2FTiq3Z9TFpzCTReM4bdcT0cbR5KbMKRHZK0Mfomd22TLEwqV4G%2Ft%2BIVrrtmc2t1q4M0DpTxX34npjvVErkdV6BNZj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed019251b655b74-FRA

GET
H2 200 styles_responsive.css
www.embarcaderopublishing.com/css/ 13 KB
3 KB 592ms
548ms Stylesheet
text/css 172.67.69.218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.embarcaderopublishing.com/css/styles_responsive.css?v=8
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c8af0d335c968baf9a79ff05886e8f92246348df7cff269f2163b493b1ff55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Thu, 05 Aug 2021 01:48:48 GMT
server: cloudflare
etag: W/"3597-5c8c61eba9f20-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qE6lBmLATJmNJL%2Befze2JBmF9ZwfFiQRcD6iHByYL02jWKyQv5hTZhYkhhfy0HU8YTV%2Bs3HFYPQHq4%2BGjeTtcpufEGj%2FFaEFbmrAz%2F9SnWI%2BKbLfFH4vQZ1sTJ1ezmCVfovOfNFxBIkVAo%2FF0INR"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed019251b5e5b74-FRA

GET
H2 200 20c4b40556.js Show response
kit.fontawesome.com/ 11 KB
4 KB 100ms
50ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/20c4b40556.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b07a3d22468f376c38de5b6cef82395389411c81a6b40fd04232cc6cf4522ab2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://www.paloaltoonline.com/
Origin: https://www.paloaltoonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:29 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 6ed019252bd69a17-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: Ftbmi5yXO-f2UrxAMYpB

GET
H2 200 api.js Show response
www.paloaltoonline.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 17ms
16ms Script
text/javascript 104.26.15.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltoonline.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWkmmKft%2BD0IuaNzmABrEX40XWwHqHU%2B1l883AS%2BV6XEZlFjQZMlAXYtsi%2FlgB8fQHg6dx30u1C0WbjIG1H5OEO5SCEFyMadLkMEa0UnEiMOxjY5xJdmRt5g3bSu08SavoWHoIBax0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6ed01929f85a9b9a-FRA

GET
H2 200 top_logo.png
www.paloaltoonline.com/art/ 17 KB
17 KB 47ms
47ms Image
image/png 104.26.15.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paloaltoonline.com/art/top_logo.png
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8f967538c97446e86a0f511b529c7b85b054c427e4f91add4fa1949141cd5b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 293
cf-polished: origSize=18113, status=vary_header_present
content-length: 17371
last-modified: Mon, 07 Oct 2013 22:29:02 GMT
server: cloudflare
etag: "46c1-4e82e2dd64780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEZwmr5%2BNAHU9SA4DGMsCFx03qpSTD4VJbV8%2Blqgqx%2BmRw89xQFfw1oCrRohR5%2FKxCreXzOHIOYhhf6kEc%2BPNNFLLKI5gRtnhpAhrLVLqg2Hz29bxe81qxG2JXWN606AIlo5yVJdXNI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ed0192a18989b9a-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 83515_full.jpg
www.paloaltoonline.com/news/photos/2020/february/4/ 150 KB
150 KB 774ms
773ms Image
image/jpeg 104.26.15.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paloaltoonline.com/news/photos/2020/february/4/83515_full.jpg
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b096fa9475588a1ced4799294851262112e97a03d8b573aa51a6dce6a54fd93e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:31 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Feb 2020 16:57:56 GMT
server: cloudflare
etag: "2573b-59dc2f107054c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FYpDOEVeVAyemcbbA39Zdz%2B0JC5XDs9IGrRcMerFbYSiZv4j0PgXZtVbcEmK11HtrPtPoEJcgFlVHT9mI6T%2BTCv0B9uuXJ5yfbMWvLrjLrknmCmQEvPiwEDG9MRF07fzT5RLf5e1%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6ed0192a18a89b9a-FRA
content-length: 153403

GET
H2 200 phone-330x270.jpg
www.paloaltoonline.com/express/img/ 22 KB
23 KB 25ms
24ms Image
image/jpeg 104.26.15.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.paloaltoonline.com/express/img/phone-330x270.jpg
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53baab3c7eec5fbc940e4c0682c9178e72f4e68f90a0fd1c41c0cda8ab5d18b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2689
cf-polished: origSize=24455, status=vary_header_present
content-length: 22664
last-modified: Wed, 16 Mar 2022 19:19:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BjJVCqDdf4DSP2yUXFNrtjw5uwPmiofuQ3WVIP1bVNV40SL69nj3h%2F04VctoZjjCNCybcUtriBcEe6yEO4cvcWlnHHLUT48t5xCtlCO6MfD0ENGM22elZasQ4POlwXg1bAD08BtjfI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ed0192a38f79b9a-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bootstrap.min.js Show response
www.paloaltoonline.com/twitter_bootstrap/4.3.1/js/ 57 KB
16 KB 29ms
28ms Script
application/javascript 104.26.15.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paloaltoonline.com/twitter_bootstrap/4.3.1/js/bootstrap.min.js
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f29bd85aa6f169b65fc269b452b5c6884d2f3a97b5f9232d9d02dd2c7e542a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Mar 2022 18:20:52 GMT
server: cloudflare
age: 6218
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EbQxQt4vA9jIziz7uLP1wbCH6xML9Q2i%2FHC1DNVf8GcJxy3mjCxP5ApLbBUapwcLoDG09fEbE7Q%2BmUVizDSRDp0j%2FvCjvtS5rPK%2BpSPtB74d1SMGhYpwpte7FfO%2BmQysHEt%2BfIMqiyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ed01928dd699b9a-FRA

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 62ms
17ms Script
application/javascript 95.101.104.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.104.156 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-104-156.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Wed, 16 Mar 2022 20:04:30 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 67ms
38ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.paloaltoonline.com/
Origin: https://www.paloaltoonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6ed0192a69fc695d-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
47 KB 68ms
29ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-2DXJ

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d9fe6174b4965137c66d11f2084d65cca34c8ac31917258451704002188848f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47521
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 82ms
18ms Script
text/javascript 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1791
date: Wed, 16 Mar 2022 19:34:39 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 16 Mar 2022 21:34:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 31ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26320
x-xss-protection: 0
pragma: public
x-fb-debug: FEoSyaLft9F5Z+FnFDJ9C1Bftol7eHOvlFxkLH04V6YJZppBVf3brznbwfxBmLHMRh0NbIn/RJDWfivEnFHpqA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 16 Mar 2022 20:04:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrate_84c36689ca5c8a4c307a3236c41d43d3.js Show response
cdn.pushalert.co/ 217 KB
48 KB 58ms
28ms Script
application/javascript 151.139.245.9
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pushalert.co/integrate_84c36689ca5c8a4c307a3236c41d43d3.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.139.245.9 , United States, ASN33438 (STACKPATH, US),

Reverse DNS

Software

nginx /

Resource Hash

f6d96e86c77e8f26464233ba2ba34711c9ea40b1f9286ed7a01418bad35811fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Feb 2022 18:43:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
x-cache: HIT
content-type: application/javascript
cache-control: max-age=8640000, public
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_2022031401.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
124 KB 35ms
8ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126502
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Mar 2023 19:05:04 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 105 B
730 B 52ms
20ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.paloaltoonline.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

624f2ebed6ab50754d72b2dfed5b581cdd92859622089ab52f84213dff02a00a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94
x-xss-protection: 0
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 58ms
27ms Fetch
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=20c4b40556
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/20c4b40556.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2511109
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bc2WlQtdXoKub3EDnRlJMeE67i0oVlUyekMg774UJFJRFYDHDsHWg8awkILZDQjobNVZcze7OC1LD52xtim6Oagv9o0baBAjXPS8RWtSIuZQZ8GA7wDMC9hTr9QjRVHBlnG0IOSvWRJPXbxmZq%2B6MIKjyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA56-C2
cf-ray: 6ed0192a6cac9bc5-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: BQO6PtoMzKS0CaKilM4EQuEh4PuC6Yevq3Yu_092kPLU10E3qZu-vQ==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 60ms
29ms Fetch
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=20c4b40556
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/20c4b40556.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1304924
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnPfkmSCdP0HuaeXcZhW%2B0RmO%2FFLsFSV5C16ylIMM3sK4AmCdDrvpwJfkQE4fpnohoW0n3z3761EZxbSZJkfStEl0Lr3%2FFfl0aPSvJ2h8SQsDaZcOVPwKbnH3z7HeRio9KjHdofp2vx%2F5oMr3ZYzR83Scg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA50-C1
cf-ray: 6ed0192a6cad9bc5-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: eWJyfKbL5JqzbQ9h2AcOA0BDDyTRn9qeyvDE2eD729uxLqXzl3JVzA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 56ms
25ms Fetch
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=20c4b40556
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/20c4b40556.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4345169
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90g97lqv8UQLKku3cuATcfdPtZBWUVYZQSWU1x01qm02sXPeuITIlkAsxeLj67N%2FnWjHPeT5EtOOBWSpP9KLYmPSp2%2BSnAjK5WaYbeNrG85AGy984WSDFxwXCixlXcffNg3vmJ2385jrD%2FJq1NkaJNvr9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA60-P2
cf-ray: 6ed0192a6cb19bc5-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: UdmcrNJElUA9C7EDq9iGZHRtUGt1olmzJ6YTXBdz7Mx_mrcGL9SR0g==

GET
DATA 200
OK truncated
/ 192 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK Widgets_30.js Show response
magnetapi.klangoo.com/w/ 5 KB
3 KB 557ms
140ms Script
application/javascript 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL

https://magnetapi.klangoo.com/w/Widgets_30.js

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b8d50c84a2260ae91fabc4defb64a4e0d45a6449288509817fd3c6afe68b62f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 20:04:32 GMT
Content-Encoding: gzip
ETag: "fd4dad04588d61:0"
Last-Modified: Fri, 11 Sep 2020 14:14:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2255

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 27ms
9ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 23 Mar 2022 20:04:30 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 51ms
11ms Script
application/x-javascript 2600:9000:2057:2a00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2a00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 18:18:17 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 04:15:35 GMT
server: nginx
age: 6373
etag: W/"62297b67-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: K4N16J1Dy9fEVS5InZXtvQRBUZChRDBa_QPmXCT3iChF-FFs1frl_A==
expires: Wed, 16 Mar 2022 20:18:17 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 70ms
18ms Script
application/x-javascript 72.247.226.64
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.226.64 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-247-226-64.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: C0B7E130097BC605
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=11840
accept-ranges: bytes
content-length: 948
x-amz-id-2: WMRpIO186SrpMgXAdDxxqtwuB/nVpPpDrif5aSQ8+ORAAGwczaqMUoDLYLjYQOU+EHP09vSgz8E=

GET
H2 200 1381337412046565 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 104ms
103ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1381337412046565?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28293576ca04b2720124f207693251cf2f93e2a66a1a833389d28e060c1f356f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ijSHS3CMtcNrVndj9DzN18x/C6DDBAdq5shce2oOocsqyWIzrTGBmIKskp2KA01h1sBGzcDsbBT8NxUYqfeoEA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 16 Mar 2022 20:04:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 44ms
17ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.paloaltoonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 69ms
27ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.paloaltoonline.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 261 KB
25 KB 123ms
108ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3744393474514778&correlator=1184441416360339&eid=31065652%2C31065516%2C44756895%2C44756896&output=ldjh&gdfp_req=1&vrg=2022031401&ptt=17&impl=fifs&sc=1&iu_parts=1006587%2Cpaloalto_news_responsive_1%2Cpaloalto_news_responsive_2%2Cpaloalto_news_story_300x250_1%2Cpaloalto_news_story_300x250_2%2Cpaloalto_news_story_300x250_3%2Cpaloalto_news_story_300x250_4&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=970x250%7C1x1%2C970x250%7C1x1%2C300x250%2C300x250%2C300x250%2C300x250&ifi=1&adks=2470967933%2C2765269385%2C3643861399%2C2525601685%2C809780643%2C1320052880&sfv=1-0-38&ecs=20220316&fsapi=false&cookie_enabled=1&abxe=1&dt=1647461070647&lmt=1647461070&dlt=1647461069551&idt=1067&biw=1600&bih=1200&adxs=315%2C315%2C435%2C815%2C435%2C815&adys=80%2C1600%2C1180%2C1180%2C2007%2C2007&oid=2&ucis=1%7C2%7C3%7C4%7C5%7C6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x40%7C1600x35%7C380x0%7C380x0%7C380x0%7C380x0&msz=1600x0%7C1600x0%7C350x0%7C350x0%7C350x0%7C350x0&fws=0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=458639756.1647461071&ga_sid=1647461071&ga_hid=202156915&ga_fc=false&btvi=0%7C1%7C0%7C0%7C2%7C3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

70485b7821e50c28e60fa1df16054759ac4de20f1e55e6c7aafec126307d6abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25188
x-xss-protection: 0
google-lineitem-id: 5925501785,5924291915,5943543482,5662915675,5938040600,5860338190
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381379725,138384289328,138383715591,138378747910,138383038082,138380507489
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.paloaltoonline.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c2d020829a62ec0625c4db2865ca98dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A1D0 6 KB
4 KB 73ms
15ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c2d020829a62ec0625c4db2865ca98dc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 16 Mar 2022 20:04:30 GMT
expires: Thu, 16 Mar 2023 20:04:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5988981069fd470d/ 2 KB
875 B 129ms
128ms Script
application/javascript 95.101.104.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5988981069fd470d/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.104.156 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-104-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d2e73d41ed98b2f23dc207b99356f35999495484a5890e4d043cadedb1fc0a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
etag: -152112856--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=21, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 699

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 161ms
161ms Script
application/javascript 95.101.104.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=623242ce2e492679&bkl=0&bl=1&pdt=1022&sid=623242ce2e492679&pub=ra-5988981069fd470d&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.paloaltoonline.com&fp=news%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1647461070675&jsl=135201&uvs=623242ceed1fff10000&skipb=1&callback=addthis.cbs.jsonp__52267865336673670
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.104.156 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-104-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 83c50ab3867750f196ebe0e86823aed1791c2bbc84b302247ae62f32faef3d5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 20:04:30 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 73D1 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame AA9E 71 KB
26 KB 32ms
32ms Document
text/html 95.101.104.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.104.156 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-104-156.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 16 Mar 2022 20:04:30 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 38ms
24ms Font
font/woff2 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer: https://www.paloaltoonline.com/
Origin: https://www.paloaltoonline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
via: 1.1 9905602b8526d2635024f3edbf1df702.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4345006
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdxLIOVsNruSqLop3a0x5AgrCzbhrkRlE7DF%2BxUECvE0CesFlbDgR1IE0Uf7yg8%2BCoD9OF36wCqYwl5QYz03ei91xMEa%2Fn%2FCgJNGHQ%2FovVOIYNLWZ0n4J5Bjx7ZtiP2TJPqztvs3qY2b6GXMtwWthCd5rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
cf-ray: 6ed0192bf8f59bc4-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: R9ZKba_FuMO8nJxb0hXtLvmXYviJSPDMiWo0R-ajo7EJ15HYbdNV9Q==

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=740488482&utmhn=www.paloaltoonline.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-440011-1&cid=458639756.1647461071&jid=1961240356&_v=5.7.2dc&z=740488482
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-440011-1&cid=458639756.1647461071&jid=1961240356&_v=5.7.2dc&z=740488482&slf_rd=1&random=935298153

42 B
501 B

97ms
49ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-440011-1&cid=458639756.1647461071&jid=1961240356&_v=5.7.2dc&z=740488482&slf_rd=1&random=935298153

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 20:04:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 20:04:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-440011-1&cid=458639756.1647461071&jid=1961240356&_v=5.7.2dc&z=740488482&slf_rd=1&random=935298153
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __utm.gif
stats.g.doubleclick.net/ 35 B
55 B 37ms
17ms Image
image/gif 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=785947116&utmhn=www.paloaltoonline.com&utmt=event&utme=5(trafficQuality*botDetection*botExcluded)(1)8(2!User%20Type*Unlocked*Meter%20Count)9(2!Visitor*Viewed*1)11(2!1*1*1)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&utmhid=202156915&utmr=-&utmp=%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&utmht=1647461070755&utmac=UA-440011-1&utmni=1&utmcc=__utma%3D248443142.458639756.1647461071.1647461071.1647461071.1%3B%2B__utmz%3D248443142.1647461071.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=6QAAAAAAAAAAAAAAAAQAAAAE~

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 10:42:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 33710
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
63 KB 44ms
29ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KBH7GWY29S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-2DXJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a1cb414aa708861fd163a3b0064a2d720b57c4560effc53c4d8d2f4686cf04b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64318
x-xss-protection: 0
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 45ms
20ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-2DXJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14889
x-xss-protection: 0
server: cafe
etag: 11178597599353190569
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 rules-p-7apeS9pNVYMQo.js Show response
rules.quantcount.com/ 3 B
438 B 34ms
13ms Script
application/javascript 2600:9000:206f:da00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-7apeS9pNVYMQo.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:da00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
via: 1.1 c888f786e25e6e3c7dbb7e9da462d714.cloudfront.net (CloudFront)
age: 17306
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:09:04 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: iAgrOk8g0_fj1DtN0zhxaIJSq_h_rbKeE9vQrjjiBqxAv8-ZU7Sq_g==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 1038ms
193ms Image
image/gif 34.226.181.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=paloaltoonline.com&p=%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&u=BiJdWZDd_zjxBpplbJ&d=paloaltoonline.com&g=26708&g0=News&g1=Bay%20City%20News%20ServiceBay%20City%20News%20Service&n=1&f=00001&c=0&x=0&m=0&y=4230&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2176&t=C6WgYm6uAUtCE2DevBbjugqCVI2QQ&V=129&i=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&tz=0&_acct=anon&sn=1&sv=CSdLmnB2oyH-CtvkBuDOU7SIDdNhsG&sd=1&im=06530c40&_
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.226.181.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-181-34.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 20:04:31 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54B3 0
0 34ms
34ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGb9Uzl4sPB2MPvwUsEkM_gUGiqsHSAYtE2_uFNoWyRjmZc_QMkNw92aGjS19VrzlUOAiLkOiy5Wr7dKKkS0fPdwORLF9Hq3Nn0jEfxmZQN-dMk1m0zopmgIETBJ3h7ZYjguWM7hgCDAVWvkbzR7_Gsmlid5xGWuMqVtR-rXC4XzMgnIbgtjggMRvt1neO4QXggujCNUgeiXPnXtNGgFMkBqK1iBXJpakWd48pr5yvLdjpg9hpX1_HjGNo6z4rMXJ2IziNg7Qke50z8YY2cZ5-Cmie8VBejyEeCCfG3a7uuDVX5VeacnAkwzLghoEKzST5OvD2ShOuzYPaeIM&sai=AMfl-YRGtQWzxcJO8kiYtBDT7ZvU6Xewtuo9cWm2lDHpc4sUGoZvVav_600g8n52j489cv-tDIYkyPrHrKmHED-cWwaYDqcAgVSwRPcZzeK3ymvdGDQbdZokqOz0xnM_9wc&sig=Cg0ArKJSzOZxzGhg-q-REAE&uach_m=[UACH]&adurl=

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 54B3 19 KB
8 KB 48ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:51:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 54B3 2 KB
1 KB 55ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:50:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54B3 117 KB
36 KB 50ms
33ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 54B3 0
0 59ms
30ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJ78yuwKNkH1CI8UVmE2GpCEewBZp-j2IWy2qrfcW9lX0ggeS7PhLu8lkgVNz5H-n44oD0Aj5vdoGs_-F6Uho5gHLSRg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 1189797581414563939
tpc.googlesyndication.com/simgad/ Frame 54B3 123 KB
123 KB 139ms
107ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1189797581414563939

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ed92c83f45ef42c299e01c7dfea746c7599cb11de6e3f463e64766133c291e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 14:11:20 GMT
x-content-type-options: nosniff
age: 107590
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126056
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 18:46:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 14:11:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 528D 0
0 38ms
38ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm_K4Qey0WC3LRaIoiOJo0pL0mFQXRimx63FelJerLrjzQk-nUa-F_g-eUVRqR9I1SGKBSRHmZb89Qg5yc4kBOYDbmymDli7EjXdcv1_KPDrkYJmDFn5mF_NSdY61KFJWKzPSdEBB2EzZDUZSXhU4NCFDjpg1xiei9hhQF0irIogwUEs_AKrNrISA-DPazqezEoYZoiHFnqzUY8TXzjnwxcaMrSxkySjW3jmYm8D8WLdCVbukIY9uTAmSPpFM2B5S-0Oa6Bn9jizrvyq4AWQk33BAkeUVtcoKv5yvR_L_UZpqDny_AXQMiiHaDgPTC38ruxekNP_1dUQEBe-M&sai=AMfl-YS0inpNHWgNSMRVHWTZa65d0fT8fVouWPCvXG4F1xZW6355s6JQyMARehKQU2Z7tCfrfzBgsgGV3Z7xRpOe494invzuMIpdGF6AusPqwlsMcxdFYDOZw5N7zJvaxgk&sig=Cg0ArKJSzJZxEOtdqzw-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 528D 19 KB
8 KB 43ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:51:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 528D 2 KB
1 KB 135ms
106ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:50:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 528D 117 KB
36 KB 99ms
87ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 528D 0
0 55ms
31ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHOILe2ux8-ZeD3rFmAOTNSxKcfenvsWD18m9w9eDWnad8j2B97ON7MmFkIKnjkOkGwqH6Hzn_Q3Nuef-pdAIzCUZgYg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 16699666740564962865
tpc.googlesyndication.com/simgad/ Frame 528D 265 KB
266 KB 50ms
22ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16699666740564962865

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fed637125d875a269920326b6e9619cb0ad2220d12dbc6f2e40f48e215619fe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 05:58:10 GMT
x-content-type-options: nosniff
age: 137180
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 271728
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 19:21:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 05:58:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8DE0 0
0 36ms
36ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu32RxJgq7ZVsGSeudhJBUB8BIt-DyLYmpkUKnjJDBlipnkZ2FhJJXxG67DWifDdERgCgldNMqmkYDkA3XN0hDaprKiXyXMHRz8xQO1bQQL8SL-Nz4eUOQR4XfcPypb09G17pqy5RzZiFR1x6R55v-1n621e0D2x6bMzlRrnBksUYlBHztxe-pH_1O9ojpwQn6Vr-r0DJXfm-vIV-bh0bbjkT7RyknzAMorm-6bLr20U9CX6JoWInx6foz9ou9BtJfJQiKuNcGu8UTEDyVWKgNhFAWJboO6lYM29Xx4X_sc_ats16yZfZKUxzBFCNLsrATEdAojQFZc2U9liWPrqEQ&sai=AMfl-YQhAAYWqf6b5LHuWNsndHz6Em_HOmrROPytFQy6vUR2Xjb9zyQcu9v7gRoHd-jAgPsHHGXfp-_8zEjUyFt7pKlEDgGjgw8FjgBlyBdUVdzsx7UQhBQ1P8XzR66O5Vw&sig=Cg0ArKJSzJ3ql17S766IEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 8DE0 19 KB
8 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:51:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 8DE0 2 KB
1 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:50:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8DE0 117 KB
36 KB 73ms
65ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8DE0 0
0 50ms
30ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQu9axjtblBr-0th3CSGMyheXXtzlwt9E6zVrdnVBbNMISgktLxUAozbZVnEvg8rT2KxFO1OOlOMieGRTIyYwDYqjTAQg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 933655710960249366
tpc.googlesyndication.com/simgad/ Frame 8DE0 28 KB
28 KB 108ms
107ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/933655710960249366

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5be0fbd454f5701966b9ea4ac25f1acdf12eeaab3bc9b9d539075b84d20e9c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 20:24:26 GMT
x-content-type-options: nosniff
age: 171604
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28829
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 17:37:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 Mar 2023 20:24:26 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF95 0
0 35ms
34ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnb4_K36n6rzqQy8yGQUSkT94UMvPzmH8vxeEBZJeu-Z8EjG-8R7HarcWVMqFvmgEdfEX3LsHmXPlW0c-x2JyywekuR_cIc19dCQkTCXlE_7vNQLj7KXDXZeTVuRdYys0xrl9zDWA8G5cajSD1RQMyahyMeP2P7gGs3EFAOMyEeRRJAXpzSIo_iY2-fpifU2y65nEqAKcKyCLcSufghwS7C-cYSagz-5IHOGQn2OIOm01T8b4lNSKsf_IiK0INpyZsBKHkRpbLvbNmjp8Aei036XtckM21q_cIi6_qVjxt27N-cAQBNS3hAG3jLa0WuLlzfbJ-g78EwtbPRhjkAeI&sai=AMfl-YSgS3cQuZsVu2X-fW3SNNA14E6RDM3XMCq0_QCyrBiVzGPdd6Y9E9ZRhvetGzNDM6KDw6vvDq1kLxF2HMzHetEmxLym60lE8g_1L422amIUcd1n5Q7-4gUCklAiO6g&sig=Cg0ArKJSzE1dA9y9xnxcEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame FF95 19 KB
8 KB 32ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:51:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame FF95 2 KB
1 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:50:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF95 117 KB
36 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 8442643325529584319
tpc.googlesyndication.com/simgad/ Frame FF95 30 KB
30 KB 109ms
108ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8442643325529584319

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c33fdcc3af7e86804566e4b7392e1680fa31921175953eb5e2cabc1f0105c8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 18:50:11 GMT
x-content-type-options: nosniff
age: 4459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30695
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 22:25:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 Mar 2023 18:50:11 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 33AF 0
0 36ms
35ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiuBgT3eo6hb2q1WZhVwJaf3e7psICLNR5Gq2Fbvjxt7tX-SMeMuVW6ZgoDv6Wz8QAMzlpBYiZg20oIQ-FPTAzBIenksFdYmHrNFBLHYWhYX3mk-lEggimYP1V2YoiBhkA1-5bK3bBkh8RrK5CE3x26Qw4pqvjEZj34eK9FtvEGKhrVFoMu_UY_KkAg0nJ9-JAaGJkcO_4bxiIbAt-S3ma69r-jrQgzy2s_8E0k3sS-ay0yoRk_QBK3c-nBfrvLUGoF92QSZYQjvX8LrL_DFXzELSI8m-_uP0wQmTGbWEcQc9dUTH_yBt3B_yqnX7PfSM74dYrMSsWNkqnIJnyz1k&sai=AMfl-YTtUKGATYddaj9J8dzw2UQdcwLr9IX3xbvgMBElH_ae96blEsBxmGd5rGqgOHESNFF2OA6-jmfWzpf5y4Xfk78zlfaCSfUzN7OhihIBwS9oRgvyn_9LFuC8tNsypYE&sig=Cg0ArKJSzHMFwTe1exSwEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 33AF 19 KB
8 KB 33ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:51:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 33AF 2 KB
1 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:50:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33AF 117 KB
36 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 33AF 0
0 39ms
31ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSUxN4q13EnPug8O6MnFWeyLBL6XdrHSR5vGBLJWFEYMKwcEMjU7KdnwQ5lLmWjg4Yc_gd5ZiiePc2pedIH_tAS10o9w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 894042469702682766
tpc.googlesyndication.com/simgad/ Frame 33AF 29 KB
29 KB 110ms
109ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/894042469702682766

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a667171ec6a00b195fcce5123fb7c92fd7858dc88d4daf0a85b2bb0db13a415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 23:54:20 GMT
x-content-type-options: nosniff
age: 72610
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29389
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 01:47:20 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 23:54:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 624B 0
0 34ms
33ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwMQle20ktTpfisHMgNu_WV25_nUidTWV0EY1vP_hZG3opDlOdsz-uXDcPDipYuecNzw2kfm04agE1BPswzcy9PqR91EWH6hAXDdpKhGE_uf54lK39rW5zmk4c9OUrqPVYt3ximj4aypZq5Er_fNuAq8D-R9wx9bS700TVgBj9QKlxcuh97bGKvyigL66KkvMMV7nyUTj8FnHnzBjH1sgKd36F_0s9Xn7sagcRA8Mhw_64o6D6re9VRUrozPr9v2T8vPm60xPI0xu5ooXUJPaFKgIaEoIvxo1pTlcTzE7JXNBoDYtwQAmCEd20HrMOtlL8MbJFrt3y5CzuG0ZrG1s&sai=AMfl-YSAqbz_mS48-VsasGAHM2TEk3QalX4dtfq5429w-qTx5QXTxoC357skkXHSkiftdDI-TtDTe29ULB6l99PL-kaObMi7xMd0J3JRfu7qiuDAmWpqWTmc8B0vWwkMgH8&sig=Cg0ArKJSzMXlQS4wOn2vEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 624B 19 KB
8 KB 28ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:51:01 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 624B 2 KB
1 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 853
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 19:50:17 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 624B 117 KB
36 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 20:04:30 GMT

GET
H2 200 3457134389572478710
tpc.googlesyndication.com/simgad/ Frame 624B 35 KB
35 KB 112ms
111ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3457134389572478710

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89052aa8545cf63413cbc79b3f0985633c6a02c4f3282ee9116e78e751969e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 05:58:10 GMT
x-content-type-options: nosniff
age: 137180
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36052
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 19:25:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 Mar 2023 05:58:10 GMT

POST
H2 204 result Show response
www.paloaltoonline.com/cdn-cgi/bm/cv/ 0
625 B 58ms
57ms XHR
text/plain 104.26.15.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paloaltoonline.com/cdn-cgi/bm/cv/result?req_id=6ed019225cdd9b9a
Requested by: Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Mar 2022 20:04:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ed0192d684a9b9a-FRA
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yG893H65SQdgWhW%2BEcCVesOLOX2qMlKzo62YBW5RPv%2Feg7kiWGCnNxZ8iLVgKaYTyL%2Fee5CK5%2FM0Al%2BUtSGTB26Y8B57KqJ9ccJTgn9nleWZpMi9tWcj0ux9WEmZDxoPWEvNagWFo0Q%3D"}],"group":"cf-nel","max_age":604800}

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 82ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1381337412046565&ev=PageView&dl=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&rl=&if=false&ts=1647461070962&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647461070960.1904961596&it=1647461070608&coo=false&rqm=GET

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 16 Mar 2022 20:04:31 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 35ms
35ms Script
application/javascript 95.101.104.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.104.156 Munich, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-104-156.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 16 Mar 2022 20:04:30 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77619

GET
DATA 200
OK truncated
/ Frame FF95 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41678b966b83f6065a0dba5f6d23a7be538d203a2960be3b3ec5a2d3219b53bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 collect
www.google-analytics.com/g/ 0
352 B 84ms
32ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-KBH7GWY29S&gtm=2oe3e0&_p=202156915&sr=1600x1200&ul=en-us&cid=458639756.1647461071&_s=1&dl=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&dt=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&sid=1647461070&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KBH7GWY29S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 20:04:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.paloaltoonline.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 8DE0 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fb1049f451689d788750f5d18cefa59ce4a6bab70d6fc3eaf317a099b2dc468

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 33AF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e977b9f8d0f8ce6ba01a97278205db86b6ba3076e384a687708b19a096e2c695

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54B3 0
0 78ms
37ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTUZi60yXCq2hoN1ilMGnsWLJEXBmaHHksdXhSrtpZCxeoupqd-y4V3kVTsb8NOM8EG1VucYbd8F3xZqTMEhbyFG4cUhIg_WZIrXAXjrC5dyHUMzAjJCmDfoYq3HNgj9Zs9xl2U85QUbDxdNbVdwbLP5tdU8g7C9pH7gtZqRj8pAmHjANPcYXCrWsAkI0bukAdswx0SW4-Fn0RdTCbVq5HqSnwDeRBjKVBGje36J9D2V9esg4aWcNnF4i-2en151EPmLP9x0cIxZzWl_VzQKxWmkdgWPnUsEq9xq58igxS7Xymyymwa9V-tX2iu3SiAUEHOUl8kOwSac2CIx5yOg&sai=AMfl-YTAeXRMyaUoD6NgUnyzsfzkvZ2DkJvvPFbVgWzSTmFsZqQk9HfwlvkZLf8EjZRdlfmAPyzUW5qvCM0BL5zCUgSXYALSKdtfmrfmYKo06ZcumHp_x9J9pEQPM_uhAEg&sig=Cg0ArKJSzIK_E6U398O9EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Mar 2022 20:04:31 GMT

GET
DATA 200
OK truncated
/ Frame 54B3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f21981c617f9963092f61b06bc08b8459a3ebaba6db32497d5d5d077c1dc8f36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel;r=1764875005;rf=0;a=p-7apeS9pNVYMQo;url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist;uht=2;fpan=1;fpa=P0-145...
pixel.quantserve.com/ 35 B
371 B 33ms
32ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1764875005;rf=0;a=p-7apeS9pNVYMQo;url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist;uht=2;fpan=1;fpa=P0-145105136-1647461071096;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=paloaltoonline.com;je=0;sr=1600x1200x24;dst=0;et=1647461071096;tzo=0;ogl=url.https%3A%2F%2Fwww%252Epaloaltoonline%252Ecom%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlemen%2Ctitle.Walgreens%20agrees%20to%20%247%252E5M%20settlement%20over%20alleged%20phony%20pharmacist%2Cdescription.Walgreens%20has%20settled%20a%20consumer%20protection%20lawsuit%20alleging%20that%20it%20put%20people'%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Epaloaltoonline%252Ecom%2Fnews%2Fphotos%2F2020%2Ffebruary%2F4%2F83515_original%252Ejpg

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 20:04:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1072652050/ 2 KB
1 KB 60ms
23ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1072652050/?random=1647461071099&cv=9&fst=1647461071099&num=1&value=0&label=GwJLCPfr1OcCEJK-vf8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&tiba=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&auid=2077156603.1647461071&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8a2a0cf3c3d3bce7ed4083087326daf0b181612096047870851297e94b5be74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 20:04:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8DE0 0
0 51ms
36ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYEhSu3rFusMpRha1S1JD6Geg1U_gkUPfSnEMFjw68QFAcIdtpFGHPujbM6oG-2gFj9mQpxKO5Egday7AJxiD1G3t-eGCCFNDMwwBzll_TUPVtzXrPOUsDpX8lhhTCCzSGwMlMwE_gqYG6alBN7no-_55BFTOlvE45DtxcB73nzAO4UzcrBCVgS9mX4D_EZViQnK8XxRJAOJYaKwyAee6Tx_ttgRp0SHUBpQCMuXAxvlCtQbUSKZTHfXDuK9L8UP0QT2P-QK6V3PgKe_OThvT1lQertJtI21Otjf4hL6a_P-b971f2qx-SF0qhUMqAVhxiHRcVaPYkH3ZaTzuEkNcuWQ&sai=AMfl-YS6ECIv6pAeQfM_LRSOubid8smj3RHINT9OUtf4ZNZp2fgcOcR_tQobdbedgQNqejG59AGEoOgFMzgXWN7MsD60xkbPSX5400sTVyWOuJC9hWDpkjoXTd0pdKakwQ4&sig=Cg0ArKJSzKNmGAjPCw2mEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Mar 2022 20:04:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 528D 0
0 37ms
37ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsso-mka0q2KFJHZaMXhrpm-OwLTrpqEUvsurmXBVpzFhyBz5axyCgr_ZDbsIPFgBd_etSqTPjKYVMrntk-xWjjHAphpFjjuPJANpPCsEp-5M-2cJnIYaPszDAgyz9TW3SrWrAYFh2QSY6fXH_xzZteh3JAlHKoFQF3pno340DHKfJys4xMiRMpi2yIZclx3o71S4pFzrsHLhXdvuerFPFhXg45pIMTjB4Jz0JnNwXCcle8QogU3cMYQN1_eZw1GMowXkqPvaMDyK3VWrtwp2ot9mx9lxfhzlE_Ru3VPLmSgRZHq5E5qW6OMzWNQStXdzFzeN3pqA9P8L5AbPHgcxw&sai=AMfl-YQYc7nbxTjWKjwju3KLUdKut9Y8HoIeFWuMfK8oYauCrnlqA-UvGKq41xOUfHyIRQ8C8jPnE-COkeN5omi0xrmQncepJDe2cdPJYQjivlc8SPa3sMOMpLi4XeHYDDs&sig=Cg0ArKJSzNWc2mp0un75EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Mar 2022 20:04:31 GMT

GET
DATA 200
OK truncated
/ Frame 528D 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 774de9a4a5e854a420ea4020e0667ec6b7a5b231349eb1813e0b7307cf0cc2ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 624B 0
0 33ms
32ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8ddCYCE-PnRasIWWCak5U5X6b3jVSGbJDybn-OdsIT6CSuHuIdLi7QKkwoXkR-VOfzs7Erq3VWpkyfxlc6vxGKAFwbf4Avl3e9u55KkTlUYuScA_qN_TaItUwpvFT5AFnPoNZltrKTCmrbK2rqKS3N1KfCjrVt76Xcpwpr2qiX7nwqbvY9Ltsdx9UrM6br1QcG-SP-sxQ61OJP-O9Gv9nTHKslinmoE6uI3Na9KUikQVr8Emy7b8PAWAFRA31jPkgsjWGvIfMAJUIyo7eSugT6g2aps-8v_W0sNL5czfb16QJKiycIzzL1g0J5OLU-OjQbiPTNu9OmMEkD11vMtIHGQ&sai=AMfl-YQ9ZHYQS6dlp6wmJ0BOfxfyNMl6SA_YQhNviTXqumZDUvZTv8gUnh8e3LGjwoxIzsNYRTYrw_Jiw73kTyNUp2u9FstHOUGlH-FKDcxuTUjkE_0fFR4fGNrizei9V58&sig=Cg0ArKJSzCfwizqE2EkzEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Mar 2022 20:04:31 GMT

GET
DATA 200
OK truncated
/ Frame 624B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ac97377aa76ad2fc1e610fe4c533f1a90f78b192eb4955c6d43522f370e4204

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF95 0
0 40ms
38ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvL9Pu7Kl1zyYbpJ-CfsyjsH56bStMdkXVVGeof8kDNp_A4CkHZEVQU3ZbyxIXpf4YWJ7EwNhA6eiZ-hhK9ya0UhVCtIERI6Urfee8i-np0iG3cr79Q5uLCYR39WvwkjL5yhziP_aJyvX-L8m1TcWr6HeTMNj9ahvPM-oEf2oa-fiScu81r8aNx2-QQqQsjGlEAYjmQwZ2YmexlUvwk0KMlPJS8gk3I1pNUcGdeGIR-klJAOiQJadCNqD71ecfekKsVCwQQfdXuUV7h8I9G3nqfMthRmZGbIvsGE3qP5AC3JG0Be4pl-r5Nr-VeerBOeS1tGsZeuuRLWTdWLO1Xay_Lng&sai=AMfl-YQODPIsnVbgpCajq7GEKbiUHIpJLvtmcvA_OyUsgrbKipA3_dEFLJPQqyDZGuTtvZDExyY-D5VqyDEVyBtbIfA3shkw9XisDK-0PfMA9fo6Ex0mYu5tMVxAeNhVmzw&sig=Cg0ArKJSzI4eN7YhTE5VEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Mar 2022 20:04:31 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 33AF 0
0 39ms
39ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0k6LqXkSupb4xU4hYuNXg8ORFo34UmEgYbvSqioYktagWecCVWFcfFekZapFzBwzpBJ1wp1H1g6T0oNjUuGnpTEMe3kq60b0Z12PuOTfmRI1nXXkCjDua01GortRNCMvB0zRx8U0JwNaTl4QWgIMlcxTLd1sDI4UYFYzyaBisXVaseTYxOI99rFx3_qaZF45mKWZ2FcnTj8b2M46NLf9aFWGPcRWqF8pIFiLzUGid3vgMCRfwnTaKKj-1z2t0jeHfRHTvQ1JDTD8PPe2zmSS6d1Gq4IXhogODwziTGe4M5yRuqixdxOXaoDg4WTYoTfmF7BEuZSI1fSzgENUkn2u6DA&sai=AMfl-YRF-CU9kHpFW20qV0A0R6eozcPEP98dILicqVXJ97XoQ52-ToBqe6HtfpIrYruW0S9sFz4Pkz6UYit6dhwLfgn4yRrs0I95KmuKgIPAOCvvqn8TB7zbWDGJNyAMQmg&sig=Cg0ArKJSzO-n7PMRXAlyEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 16 Mar 2022 20:04:31 GMT

GET
H/1.1 200
OK Widgets_30.css
magnetapi.klangoo.com/w/ 6 KB
2 KB 130ms
127ms Stylesheet
text/css 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL

https://magnetapi.klangoo.com/w/Widgets_30.css

Requested by

Host: magnetapi.klangoo.com
URL: https://magnetapi.klangoo.com/w/Widgets_30.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

2456d9285598d9087f535f346da7d988824f80bb274f1b0e595a659cf6c73666

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 20:04:32 GMT
Content-Encoding: gzip
ETag: "fd4dad04588d61:0"
Last-Modified: Fri, 11 Sep 2020 14:14:09 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=86400
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1361

GET
H/1.1 200
OK magnet.min.js Show response
cdn.klangoo.com/wgt/ 117 KB
36 KB 694ms
275ms Script
application/javascript 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.klangoo.com/wgt/magnet.min.js
Requested by: Host: magnetapi.klangoo.com
URL: https://magnetapi.klangoo.com/w/Widgets_30.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),
Reverse DNS: 162-244-66-114.dedicated.codero.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1415f872274db77c903b798fe3002b12f0141a62afd21830c2c8a482fb785b87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 20:04:33 GMT
Content-Encoding: gzip
ETag: "0ba80ae2a35d81:0"
Last-Modified: Fri, 11 Mar 2022 09:30:44 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 36415

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.google.de/pagead/1p-conversion/1072652050/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1072652050/?random=618275070&cv=9&fst=1647461071099&num=1&value=0&label=GwJLCPfr1OcCEJK-vf8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO...
https://www.google.com/pagead/1p-conversion/1072652050/?random=618275070&cv=9&fst=1647461071099&num=1&value=0&label=GwJLCPfr1OcCEJK-vf8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.de/pagead/1p-conversion/1072652050/?random=618275070&cv=9&fst=1647461071099&num=1&value=0&label=GwJLCPfr1OcCEJK-vf8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...

42 B
64 B

68ms
36ms

Image
image/gif

2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1072652050/?random=618275070&cv=9&fst=1647461071099&num=1&value=0&label=GwJLCPfr1OcCEJK-vf8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&tiba=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&auid=2077156603.1647461071&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=z0IyYq6CCcWjgQf6_YTwAg&cid=CAQSKQCNIrLMu2zYw5QotRdsOyYZEDpuRfXw-yO_k3JdLXFpYcGnQ4nmMzrp&eitems=ChAI8JXGkQYQj83orbXQj7McEh0AMXZuoz0MheVNiXYDXSbkN-nIeCGVPkYZrcDTTg&random=3993011488&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 20:04:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 20:04:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1072652050/?random=618275070&cv=9&fst=1647461071099&num=1&value=0&label=GwJLCPfr1OcCEJK-vf8D&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3e0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&tiba=Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C&auid=2077156603.1647461071&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=z0IyYq6CCcWjgQf6_YTwAg&cid=CAQSKQCNIrLMu2zYw5QotRdsOyYZEDpuRfXw-yO_k3JdLXFpYcGnQ4nmMzrp&eitems=ChAI8JXGkQYQj83orbXQj7McEh0AMXZuoz0MheVNiXYDXSbkN-nIeCGVPkYZrcDTTg&random=3993011488&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 20ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1381337412046565&ev=Microdata&dl=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&rl=&if=false&ts=1647461071473&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%20%7C%20News%20%7C%20Palo%20Alto%20Online%20%7C%22%2C%22meta%3Adescription%22%3A%22Walgreens%20has%20settled%20a%20consumer%20protection%20lawsuit%20alleging%20that%20it%20put%20people%27s%20health%20at%20risk%20by%20allowing%20an%20unlicensed%20pharmacist%20to%20handle%20more%20than%20745%2C000%20prescriptions%20in%20the%20Bay%20Area.%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist%22%2C%22og%3Atitle%22%3A%22Walgreens%20agrees%20to%20%247.5M%20settlement%20over%20alleged%20phony%20pharmacist%22%2C%22og%3Adescription%22%3A%22Walgreens%20has%20settled%20a%20consumer%20protection%20lawsuit%20alleging%20that%20it%20put%20people%27s%20health%20at%20risk%20by%20allowing%20an%20unlicensed%20pharmacist%20to%20handle%20more%20than%20745%2C000%20prescriptions%20in%20the%20Bay%20Area.%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2Fphotos%2F2020%2Ffebruary%2F4%2F83515_original.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.57&r=stable&ec=1&o=30&fbp=fb.1.1647461070960.1904961596&it=1647461070608&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 16 Mar 2022 20:04:31 GMT

GET
H/1.1 200
OK WidgetLoad Show response
magnetapi2.klangoo.com/NewsAgencyService.svc/ 296 B
912 B 2002ms
1595ms Script
text/javascript 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to

Full URL

https://magnetapi2.klangoo.com/NewsAgencyService.svc/WidgetLoad?calk=3b021afa-927e-40e6-b47c-66b1e5a13326&request=%7B%22pt%22%3A1%2C%22id%22%3A%2255271%22%2C%22v%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist%22%2C%22dp%22%3A%222020-02-04T09%3A01%3A00-08%3A00%22%2C%22ws%22%3A%5B%7B%22id%22%3A%22rel_30-1%22%2C%22ty%22%3A1%2C%22lf%22%3A%22en%22%2C%22mr%22%3A2%2C%22fd%22%3A%2216%20DEC%202021%22%2C%22rf%22%3A2%2C%22sd%22%3A1%7D%2C%7B%22id%22%3A%22rel_30-3%22%2C%22ty%22%3A1%2C%22lf%22%3A%22en%22%2C%22mr%22%3A4%2C%22fd%22%3A%2216%20DEC%202021%22%2C%22rf%22%3A2%2C%22sd%22%3A1%7D%5D%7D&format=json&callback=__CB

Requested by

Host: cdn.klangoo.com
URL: https://cdn.klangoo.com/wgt/magnet.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

5520d2ffdbd6cb568debfb63b31fe36e642d4c2a8fb4e8224f1c2983c041347c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 20:04:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
Content-Length: 299
Expires: Wed, 16 Mar 2022 20:09:36 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 54B3 42 B
497 B 78ms
33ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszzqkOOZU01UZtjWPfSSuvHKwKhiB941uKIl5c5jZHKzlvMMXXpLizfch2BvUm1DFg_tyoLgxfO3QXSOxWHSwr0a-vz8lTQoXNNuvB7YlCWtj673Tm&sig=Cg0ArKJSzEm0VWZZHd33EAE&id=lidar2&mcvt=1000&p=80,315,330,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220316&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2470967933&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647461070838&rpt=244&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 20:04:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track.ashx
magnetrack.klangoo.com/v1.1/ 35 B
339 B 545ms
127ms Image
image/gif 162.244.66.114
CODERO-DFW

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://magnetrack.klangoo.com/v1.1/track.ashx?e=A_PAGE_VIEW&p=55271&r=&c=3b021afa-927e-40e6-b47c-66b1e5a13326&u=22961e90-2135-4aa0-bddb-0f207d1d2e35&l=https%3A%2F%2Fwww.paloaltoonline.com%2Fnews%2F2020%2F02%2F04%2Fwalgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist&ran=164746107234474

Requested by

Host: www.paloaltoonline.com
URL: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.244.66.114 , United States, ASN18501 (CODERO-DFW, US),

Reverse DNS

162-244-66-114.dedicated.codero.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 20:04:34 GMT
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Content-Length: 35

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 45ms
29ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a6913dc6b12a6dba8a2e469b3e99e58d9382f99ec862ba841ca7756c023794d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 20:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10637
x-xss-protection: 0

POST
H2 200 rum Show response
www.paloaltoonline.com/cdn-cgi/ 0
258 B 33ms
32ms XHR
text/plain 104.26.15.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paloaltoonline.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.44 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.paloaltoonline.com/news/2020/02/04/walgreens-agrees-to-75m-settlement-over-alleged-phony-pharmacist
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
content-type: application/json

Response headers

date: Wed, 16 Mar 2022 20:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.paloaltoonline.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6ed01940fd509b9a-FRA
vary: Origin

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 56ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031401.js?cb=31065652

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 20:04:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF6C 13 KB
5 KB 9ms
9ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 19:43:37 GMT
expires: Thu, 16 Mar 2023 19:43:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C92C 783 B
534 B 34ms
34ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4c150940f4943d3c26f6f5bdc59ce610cf115a2de0333ee9d083f548a803b8a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YQ1yNtx2A4UiaIpxaaJPDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 16 Mar 2022 20:04:34 GMT
date: Wed, 16 Mar 2022 20:04:34 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-YQ1yNtx2A4UiaIpxaaJPDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 t8NylQo1xB2GWJCi-kujG7WJbcGG27TqDMZSIoHl89E.js Show response
pagead2.googlesyndication.com/bg/ Frame EF6C 35 KB
14 KB 47ms
18ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/t8NylQo1xB2GWJCi-kujG7WJbcGG27TqDMZSIoHl89E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7c372950a35c41d865890a2fa4ba31bb5896dc186dbb4ea0cc6522281e5f3d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 12:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13798
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Mar 2023 12:03:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C92C 0
0 169ms
169ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031401&jk=3744393474514778&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EF6C 0
9 B 8ms
8ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?x9jWGw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 20:04:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031401&jk=3744393474514778&bg=!8fKl8rbNAAZgliNcYJY7ACkAdvg8WqsDA3h_6iSYFQEcRFkN7Ls4Q3IXI6wGkHwADbpkWPSOEgI1zAIAAABUUgAAAANoAQeZAuCd1c1Ii161udVhsSZseQsn-I7pWosNiabyAcuCFNddmA8moiW4qryNqSwvo57IrVuHiQtwh0rtt0sIOBXJF64WG4yUiInc6X8vf_uRMME6t0y0oDN8z6Jzk8KuGCQq_frs-Qw36tYkhesmRHNfhoh56E2aeAG4QWLDt2r_rzPQyv2_BlcJQZxtRZRwOgTxzSQD7XfbVn-hh_r_Gi709s-90liWhzHeDhgKc8Yc-yELIwM-Um9swfxhGpCrjNnd3lBRyevd2N0_ADsGXKh336daYKCsT7d3skfPUTwM9pVTrkdRRj9AlhwClefbYdHptqnd8PKYjTAvR3dquk8HOw09LwRsNevvFdb55xVWmg5sMIVlIhD-hWVd5iQH8ZCqhXF32LCp6SDWoLQIV7tE0j0jk7qrLjDMG0ScXl0AXHXnp-Jq8e08R0xQ-GJCT9KWvofw3t4McHdndRi2v9ESE1lI0eqSX9RLDqWuAXQWTIJ1yWpKUGXStuso5pxYbtOU7JAj12xFq4NCOKfkllrq0_u3rVmWzRgMt_aHqL_tLZw99ZtcSY_ovQ0zDXqGkOqrs4qWk0PsldQ6SN_nHHgzC5WxLZ_b-hDXt3csmSR3umYIXT5iym7QodDs-AmmVjmfsveehaF10xdhRkBRXHOKIGMMAc-MbPr47ZLbfn_M3X3rCHY1d1EYnZdZkq_bYLjfBNB1ATg2UzjvQbwQyxBzKr_oZ27S6nh3Ctk25SUA19I24NUXc6EkDAF4ntmcs_Cv0lWvN5hQPkAN99jnVAovDHWO3tqRBI9hGSsug9ca187OZMc7HcvAFlZl-0JMjRygotH2Vsp-JlxjY6y4QzK-kxFWdy1RmTdpzWH8_HK6URCKfcv2qXj91W1Mzgm68QciCBOZAKO4h4ot-JNa-e2U7wr_Xjv0O-LVpTnGy9bMYV7eQYPV4Fhp0DxvUYeuLtlLh9OoyMdUEh8fOpLBb9c2B9hd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paloaltoonline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 20:04:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.sidekickopen80.com/	1970-01-20 10:23:17	Name: _hetc Value: e44aba76-76c2-4cbe-9f8f-92d636f65cf3\|1647461069072\|ACOD57cwLQIUf9jcFJybw5Z1JBykLfy21u3vEyQCFQCQc70i8E6+WW2BpawY/1Gul5BgJg==
www.paloaltoonline.com/	1969-12-31 23:59:59	Name: X-Mapping-fjhppofk Value: 7607CBB9AE4A5BC249CD2ED9CCE6C696
www.paloaltoonline.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: diunpmdjil4t5j8gauajk25n4l
.paloaltoonline.com/	1970-01-23 17:40:15	Name: uti Value: bb94ccf35ccf50e5d3116962f17ec9e4
www.paloaltoonline.com/	1970-01-23 17:40:15	Name: uti Value: bb94ccf35ccf50e5d3116962f17ec9e4
www.paloaltoonline.com/	1970-01-20 11:07:55	Name: __atuvc Value: 1%7C11
www.paloaltoonline.com/	1970-01-20 01:37:42	Name: __atuvs Value: 623242ceed1fff10000
.paloaltoonline.com/	1969-12-31 23:59:59	Name: __utmc Value: 248443142
.paloaltoonline.com/	1970-01-20 06:00:29	Name: __utmz Value: 248443142.1647461071.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.paloaltoonline.com/	1970-01-20 01:37:41	Name: __utmt Value: 1
.paloaltoonline.com/	1970-01-20 19:08:53	Name: __utma Value: 248443142.458639756.1647461071.1647461071.1647461071.1
.paloaltoonline.com/	1970-01-20 01:37:42	Name: __utmb Value: 248443142.2.9.1647461071
.paloaltoonline.com/	1970-01-20 19:08:53	Name: __utmv Value: 248443142.\|2=User%20Type=Visitor=1^3=Unlocked=Viewed=1^4=Meter%20Count=1=1^5=hiding=not%20private=1
.paloaltoonline.com/	1970-01-20 03:47:17	Name: _gcl_au Value: 1.1.2077156603.1647461071
www.paloaltoonline.com/	1970-01-20 11:06:29	Name: _cb_ls Value: 1
www.paloaltoonline.com/	1970-01-20 11:06:29	Name: _cb Value: BiJdWZDd_zjxBpplbJ
www.paloaltoonline.com/	1970-01-20 11:06:29	Name: _chartbeat2 Value: .1647461070814.1647461070814.1.CSdLmnB2oyH-CtvkBuDOU7SIDdNhsG.1
www.paloaltoonline.com/	1970-01-20 01:37:42	Name: _cb_svref Value: null
.paloaltoonline.com/	1970-01-20 10:59:17	Name: __gads Value: ID=07ba1270a823ee3a-221e9f1e5ecd00d4:T=1647461070:S=ALNI_MbpU-wFQgikd19RLhhP8NkYk1K6wQ
.doubleclick.net/	1970-01-20 10:59:17	Name: IDE Value: AHWqTUnZdJaqyOJbuyIduuRSqg2tmj9Vlw4etUemN6RY6LLF6wmDZgjEDj7t8Y3L4Vw
.addthis.com/	1970-01-20 11:07:55	Name: uvc Value: 1%7C11
.paloaltoonline.com/	1970-01-20 03:47:17	Name: _fbp Value: fb.1.1647461070960.1904961596
.paloaltoonline.com/	1970-01-20 01:37:42	Name: __cf_bm Value: O39awk6JRxbrUra__l7WFKRhE2uqCTyZcL1nEW1zWIs-1647461070-0-AStmcfT4izqqsB4YrEy8wp3ijEY2oOU2CWvB+wtMjW7e0nntXGM82go9mTYfGeEPbBZg1QFz6gycTsqF77RXBstSzUCYBCAzvQgA+oquHUybDxvkd3Tn8Wk2lEn6uouRjQ==
.paloaltoonline.com/	1970-01-20 19:08:53	Name: _ga_KBH7GWY29S Value: GS1.1.1647461070.1.0.1647461070.0
.paloaltoonline.com/	1970-01-20 19:08:53	Name: _ga Value: GA1.1.458639756.1647461071
.addthis.com/	1970-01-20 11:07:55	Name: loc Value: MDAwMDBFVURFSEUyMzAxMTg4NzAwMzAwMDBDSA==
.quantserve.com/	1970-01-20 11:07:55	Name: mc Value: 623242cf-19b7a-c2af6-660d4
.paloaltoonline.com/	1970-01-20 11:02:09	Name: __qca Value: P0-145105136-1647461071096
.paloaltoonline.com/	1970-01-20 19:08:53	Name: _ma_uid Value: 22961e90-2135-4aa0-bddb-0f207d1d2e35\|1650053072045

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 71) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
c2d020829a62ec0625c4db2865ca98dc.safeframe.googlesyndication.com
cdn.klangoo.com
cdn.pushalert.co
connect.facebook.net
googleads.g.doubleclick.net
ka-f.fontawesome.com
kit.fontawesome.com
m.addthis.com
magnetapi.klangoo.com
magnetapi2.klangoo.com
magnetrack.klangoo.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.quantserve.com
rules.quantcount.com
s7.addthis.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.sidekickopen80.com
tpc.googlesyndication.com
v1.addthisedge.com
www.embarcaderopublishing.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.paloaltoonline.com
z.moatads.com
s7.addthis.com
104.26.15.44
142.250.184.226
142.250.185.226
151.139.245.9
162.244.66.114
172.67.69.218
2600:9000:2057:2a00:18:1fcd:34f:cdc1
2600:9000:206f:da00:6:44e3:f8c0:93a1
2606:4700::6810:5e41
2606:4700::6812:1634
2606:4700::6812:8c2
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a06:98c1:3121::7
34.226.181.34
72.247.226.64
95.101.104.156
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
07cebc4e0f208791813887c1710c84a241522bb6428e58512b06efe2bbf8031c
0d2e73d41ed98b2f23dc207b99356f35999495484a5890e4d043cadedb1fc0a8
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1415f872274db77c903b798fe3002b12f0141a62afd21830c2c8a482fb785b87
169a73226f810a0ba713f5145c28f8c66a5864d5a32c84d1abe89382390c8117
1ac97377aa76ad2fc1e610fe4c533f1a90f78b192eb4955c6d43522f370e4204
2456d9285598d9087f535f346da7d988824f80bb274f1b0e595a659cf6c73666
28293576ca04b2720124f207693251cf2f93e2a66a1a833389d28e060c1f356f
2a6913dc6b12a6dba8a2e469b3e99e58d9382f99ec862ba841ca7756c023794d
2e4850c399d9fcecfb2c1977bc882dff7ca4c1393729a3e2c2890cb00cd1148a
2fb1049f451689d788750f5d18cefa59ce4a6bab70d6fc3eaf317a099b2dc468
32c8af0d335c968baf9a79ff05886e8f92246348df7cff269f2163b493b1ff55
33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f
344a7d902c6d219492e3c8e2f3a29c1634c73be7c410a8b5212ed67f56081e39
3a667171ec6a00b195fcce5123fb7c92fd7858dc88d4daf0a85b2bb0db13a415
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
41678b966b83f6065a0dba5f6d23a7be538d203a2960be3b3ec5a2d3219b53bc
429f430d83b23af02d70781f2dd4200646e55304ef59b01bb9018e7a3d50310d
4c150940f4943d3c26f6f5bdc59ce610cf115a2de0333ee9d083f548a803b8a8
4d44b03d4e4d1df9a852bf35460f5584c94b37c52d08742682a1a03d20d2f6d1
4d9fe6174b4965137c66d11f2084d65cca34c8ac31917258451704002188848f
4f29bd85aa6f169b65fc269b452b5c6884d2f3a97b5f9232d9d02dd2c7e542a7
53baab3c7eec5fbc940e4c0682c9178e72f4e68f90a0fd1c41c0cda8ab5d18b6
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5520d2ffdbd6cb568debfb63b31fe36e642d4c2a8fb4e8224f1c2983c041347c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
5a76cc23b08a0dc7ab69b9e70fdc7a78737fde4b8370ae86b628a94f11abe9d4
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624f2ebed6ab50754d72b2dfed5b581cdd92859622089ab52f84213dff02a00a
64332d5f516b02ba38e276c714353873699a90426ef36f36a52ef11c19d7fa35
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
70485b7821e50c28e60fa1df16054759ac4de20f1e55e6c7aafec126307d6abe
70c104563e945a1d986daac2f5896636676bf5c03a86883682957e755b32c0d6
71096a60d61fc17ebd7846babcc1bfed67b5f65bbe7bce04aabd7ea41b93c299
717bf9ad10598afacee727e234d18601a90132e3f0b92f2b2084124e751b20d1
774de9a4a5e854a420ea4020e0667ec6b7a5b231349eb1813e0b7307cf0cc2ab
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c50ab3867750f196ebe0e86823aed1791c2bbc84b302247ae62f32faef3d5c
89052aa8545cf63413cbc79b3f0985633c6a02c4f3282ee9116e78e751969e37
8a2a0cf3c3d3bce7ed4083087326daf0b181612096047870851297e94b5be74d
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
9ed92c83f45ef42c299e01c7dfea746c7599cb11de6e3f463e64766133c291e3
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1cb414aa708861fd163a3b0064a2d720b57c4560effc53c4d8d2f4686cf04b5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b07a3d22468f376c38de5b6cef82395389411c81a6b40fd04232cc6cf4522ab2
b096fa9475588a1ced4799294851262112e97a03d8b573aa51a6dce6a54fd93e
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b7c372950a35c41d865890a2fa4ba31bb5896dc186dbb4ea0cc6522281e5f3d1
b872b4ad2e649961fbf3cdc43966716bd820301634adebaf5329c1aa22a1f7ee
b8d50c84a2260ae91fabc4defb64a4e0d45a6449288509817fd3c6afe68b62f9
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
c33fdcc3af7e86804566e4b7392e1680fa31921175953eb5e2cabc1f0105c8cf
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d5be0fbd454f5701966b9ea4ac25f1acdf12eeaab3bc9b9d539075b84d20e9c2
d8f967538c97446e86a0f511b529c7b85b054c427e4f91add4fa1949141cd5b5
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e977b9f8d0f8ce6ba01a97278205db86b6ba3076e384a687708b19a096e2c695
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f21981c617f9963092f61b06bc08b8459a3ebaba6db32497d5d5d077c1dc8f36
f6d96e86c77e8f26464233ba2ba34711c9ea40b1f9286ed7a01418bad35811fc
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fed637125d875a269920326b6e9619cb0ad2220d12dbc6f2e40f48e215619fe6

www.paloaltoonline.com Open in urlscan Pro 104.26.15.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

97 %HTTPS

71 %IPv6

25 Domains

37 Subdomains

30 IPs

3 Countries

2083 kBTransfer

5106 kBSize

29 Cookies

12 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.paloaltoonline.com Open in urlscan Pro
104.26.15.44 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

97 %
HTTPS

71 %
IPv6

25
Domains

37
Subdomains

30
IPs

3
Countries

2083 kB
Transfer

5106 kB
Size

29
Cookies

111 HTTP transactions
10 data transactions