urlscan.io logo urlscan.io
SecurityTrails logo

www.westernjournal.com Open in urlscan Pro
2606:4700:10::ac43:b63  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Submission: On July 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 119 IPs in 9 countries across 77 domains to perform 326 HTTP transactions. The main IP is 2606:4700:10::ac43:b63, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.westernjournal.com. The Cisco Umbrella rank of the primary domain is 58984.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 13th 2022. Valid for: a year.
This is the only time www.westernjournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:230... 16509 (AMAZON-02)
3 2600:9000:223... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 52.74.46.15 16509 (AMAZON-02)
3 84.17.46.53 60068 (CDN77 ^_^)
4 2606:2800:234... 15133 (EDGECAST)
2 34.227.129.115 14618 (AMAZON-AES)
1 198.148.27.139 19189 (PULSEPOINT)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
6 104.90.104.242 16625 (AKAMAI-AS)
2 2600:9000:249... 16509 (AMAZON-02)
1 108.138.17.48 16509 (AMAZON-02)
4 34.149.135.5 15169 (GOOGLE)
1 95.101.200.23 16625 (AKAMAI-AS)
4 2a00:1450:400... 15169 (GOOGLE)
6 108.138.4.10 16509 (AMAZON-02)
2 13.32.121.72 16509 (AMAZON-02)
7 34.247.242.12 16509 (AMAZON-02)
9 151.101.2.137 54113 (FASTLY)
3 54.80.212.134 14618 (AMAZON-AES)
1 12 151.101.194.137 54113 (FASTLY)
2 216.52.2.39 30282 (AS-INAPCD...)
4 37.252.173.38 29990 (ASN-APPNEX)
1 34.107.148.139 15169 (GOOGLE)
2 185.64.189.112 62713 (AS-PUBMATIC)
8 2a00:1450:400... 15169 (GOOGLE)
13 151.139.128.11 20446 (STACKPATH...)
1 108.138.36.118 16509 (AMAZON-02)
1 3.20.242.89 16509 (AMAZON-02)
1 13.224.189.125 16509 (AMAZON-02)
2 2620:116:800d... 16509 (AMAZON-02)
1 52.218.182.72 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 34.120.247.19 15169 (GOOGLE)
3 2600:9000:223... 16509 (AMAZON-02)
1 18.205.30.173 14618 (AMAZON-AES)
1 2600:9000:225... 16509 (AMAZON-02)
2 151.101.65.194 54113 (FASTLY)
12 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 52.204.11.137 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
3 104.92.105.214 16625 (AKAMAI-AS)
1 13.32.99.89 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:225... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.2.146 44788 (ASN-CRITE...)
1 52.222.214.123 16509 (AMAZON-02)
2 132.226.41.106 31898 (ORACLE-BM...)
1 5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 213.19.147.43 26120 (RHYTHMONE)
4 34.149.20.76 15169 (GOOGLE)
1 147.75.85.234 54825 (PACKET)
4 34.252.153.54 16509 (AMAZON-02)
4 199.115.117.82 30633 (LEASEWEB-...)
1 3.69.42.191 16509 (AMAZON-02)
2 34.98.64.218 15169 (GOOGLE)
1 2602:803:c004... 26667 (RUBICONPR...)
1 178.162.133.150 60781 (LEASEWEB-...)
2 52.217.64.238 16509 (AMAZON-02)
1 104.244.42.8 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.92.70.118 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.190.5.232 16509 (AMAZON-02)
3 34.243.93.43 16509 (AMAZON-02)
1 151.101.130.137 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.112.32 16509 (AMAZON-02)
1 18.66.112.29 16509 (AMAZON-02)
2 13.32.121.98 16509 (AMAZON-02)
4 99.81.25.188 16509 (AMAZON-02)
4 34.117.228.83 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 141.95.98.65 16276 (OVH)
1 52.48.133.87 16509 (AMAZON-02)
5 52.223.40.198 16509 (AMAZON-02)
1 13.227.153.52 16509 (AMAZON-02)
1 192.82.242.209 62713 (AS-PUBMATIC)
1 34.120.133.55 15169 (GOOGLE)
1 88.221.168.189 16625 (AKAMAI-AS)
4 67.202.105.24 32748 (STEADFAST)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 104.17.120.107 13335 (CLOUDFLAR...)
1 152.199.22.191 15133 (EDGECAST)
4 104.89.20.125 16625 (AKAMAI-AS)
2 5 104.18.18.126 13335 (CLOUDFLAR...)
1 104.18.19.126 13335 (CLOUDFLAR...)
2 192.96.200.41 30633 (LEASEWEB-...)
2 2 213.19.147.44 3356 (LEVEL3)
1 1 104.92.74.8 16625 (AKAMAI-AS)
2 4 142.250.185.130 15169 (GOOGLE)
3 5 52.46.128.147 16509 (AMAZON-02)
1 35.158.200.182 16509 (AMAZON-02)
1 141.226.228.48 200478 (TABOOLA-AS)
1 1 193.0.160.129 54312 (ROCKETFUEL)
1 1 54.144.223.251 14618 (AMAZON-AES)
1 8.43.72.97 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 3 69.173.144.165 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 99.83.181.31 16509 (AMAZON-02)
326 119
17    2606:4700:10::ac43:b63 (United States)

ASN13335 (CLOUDFLARENET, US)
www.westernjournal.com
1    2600:9000:2304:5400:d:99dd:3480:21 (United States)

ASN16509 (AMAZON-02, US)
d3l320urli0p1u.cloudfront.net.
3    2600:9000:223d:ca00:9:78a:e540:93a1 (United States)

ASN16509 (AMAZON-02, US)
product.instiengage.com
auth.instiengage.com
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
1    2600:9000:223e:da00:14:248f:8500:93a1 (United States)

ASN16509 (AMAZON-02, US)
run.crtx.info
1    2606:4700:10::ac43:264e (United States)

ASN13335 (CLOUDFLARENET, US)
users.api.jeeng.com
1    52.74.46.15 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-46-15.ap-southeast-1.compute.amazonaws.com
go.automatad.com
3    84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com
b2cdn.automatad.com
4    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    34.227.129.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-129-115.compute-1.amazonaws.com
soapps.net
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    104.90.104.242 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-104-242.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    2600:9000:2491:4400:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02, US)
d3lcz8vpax4lo2.cloudfront.net
1    108.138.17.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-48.fra56.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
4    34.149.135.5 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 5.135.149.34.bc.googleusercontent.com
partplanes.com
1    95.101.200.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-23.deploy.static.akamaitechnologies.com
hbx.media.net
4    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    13.32.121.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-72.fra60.r.cloudfront.net
sb.scorecardresearch.com
7    34.247.242.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-242-12.eu-west-1.compute.amazonaws.com
trends.revcontent.com
9    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
capi.connatix.com
cds.connatix.com
img.connatix.com
3    54.80.212.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-212-134.compute-1.amazonaws.com
geoip.instiengage.com
eua.instiengage.com
12    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
ins.connatix.com
2    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
4    37.252.173.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
13    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
assets.revcontent.com
cdn.revcontent.com
img.revcontent.com
images.revcontent.com
1    108.138.36.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-118.muc50.r.cloudfront.net
certify.alexametrics.com
1    3.20.242.89 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-242-89.us-east-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    13.224.189.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-125.fra2.r.cloudfront.net
ats.rlcdn.com
2    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    52.218.182.72 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
3    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    34.120.247.19 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 19.247.120.34.bc.googleusercontent.com
telemetries.jeeng.com
3    2600:9000:223f:de00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    18.205.30.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-30-173.compute-1.amazonaws.com
geoip.insticator.com
1    2600:9000:2251:2a00:10:3422:3f00:21 (United States)

ASN16509 (AMAZON-02, US)
df80k0z3fi8zg.cloudfront.net
2    151.101.65.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
12    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    52.204.11.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-11-137.compute-1.amazonaws.com
event.insticator.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    104.92.105.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-105-214.deploy.static.akamaitechnologies.com
c.aaxads.com
l3.aaxads.com
1    13.32.99.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-89.fra60.r.cloudfront.net
geo.privacymanager.io
2    2606:4700:10::6816:49cd (United States)

ASN13335 (CLOUDFLARENET, US)
comment.instiengage.com
1    2600:9000:225e:b200:17:5bae:c7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.instiengage.com
1    2600:9000:223c:600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    52.222.214.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-123.fra56.r.cloudfront.net
get.s-onetag.com
2    132.226.41.106 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
insticator.technoratimedia.com
5    2606:4700:10::6816:b7 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
1    213.19.147.43 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
4    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    34.252.153.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-153-54.eu-west-1.compute.amazonaws.com
g2.gumgum.com
4    199.115.117.82 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
1    3.69.42.191 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-42-191.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
insticator-d.openx.net
u.openx.net
1    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    178.162.133.150 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
2    52.217.64.238 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
s0.2mdn.net
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    104.92.70.118 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-70-118.deploy.static.akamaitechnologies.com
www.aaxdetect.com
1    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:806::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    18.190.5.232 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-5-232.us-east-2.compute.amazonaws.com
capi-tier-2-us-east-2.connatix.com
3    34.243.93.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
s.srvsynd.com
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
vid.connatix.com
3    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.66.112.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-32.fra56.r.cloudfront.net
onetag-geo.s-onetag.com
1    18.66.112.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-29.fra56.r.cloudfront.net
signal-beacon.s-onetag.com
2    13.32.121.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-98.fra60.r.cloudfront.net
signal-segments.s-onetag.com
4    99.81.25.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
yeet.revcontent.com
4    34.117.228.83 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 83.228.117.34.bc.googleusercontent.com
breadbalance.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    52.48.133.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-133-87.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    13.227.153.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-153-52.muc51.r.cloudfront.net
check.analytics.rlcdn.com
1    192.82.242.209 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    88.221.168.189 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-189.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
1    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
1    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
4    104.89.20.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-20-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
2    192.96.200.41 (Norfolk, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    213.19.147.44 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
5    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    35.158.200.182 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-200-182.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    54.144.223.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-223-251.compute-1.amazonaws.com
sync.extend.tv
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a05:d018:d29:3601:11a:a397:8c8e:9db5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
Apex Domain
Subdomains		 Transfer
24 revcontent.com
trends.revcontent.com — Cisco Umbrella Rank: 2047
assets.revcontent.com — Cisco Umbrella Rank: 5705
cdn.revcontent.com — Cisco Umbrella Rank: 6931
img.revcontent.com — Cisco Umbrella Rank: 8611
images.revcontent.com — Cisco Umbrella Rank: 6011
yeet.revcontent.com — Cisco Umbrella Rank: 6206
326 KB
23 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 4253
cd.connatix.com — Cisco Umbrella Rank: 3879
cds.connatix.com — Cisco Umbrella Rank: 4175
ins.connatix.com — Cisco Umbrella Rank: 5704
capi-tier-2-us-east-2.connatix.com — Cisco Umbrella Rank: 5459
vid.connatix.com — Cisco Umbrella Rank: 4934
img.connatix.com — Cisco Umbrella Rank: 4732
532 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
static.doubleclick.net — Cisco Umbrella Rank: 479
stats.g.doubleclick.net — Cisco Umbrella Rank: 138
cm.g.doubleclick.net — Cisco Umbrella Rank: 223
270 KB
17 westernjournal.com
www.westernjournal.com — Cisco Umbrella Rank: 58984
408 KB
16 googlesyndication.com
4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 166
pagead2.googlesyndication.com Failed
199 KB
14 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 549
eus.rubiconproject.com — Cisco Umbrella Rank: 630
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1165
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1102
token.rubiconproject.com — Cisco Umbrella Rank: 787
pixel.rubiconproject.com — Cisco Umbrella Rank: 372
26 KB
11 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 340
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
48 KB
9 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 531
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 539
image6.pubmatic.com — Cisco Umbrella Rank: 684
196 KB
9 instiengage.com
product.instiengage.com — Cisco Umbrella Rank: 20451
geoip.instiengage.com — Cisco Umbrella Rank: 20613
auth.instiengage.com — Cisco Umbrella Rank: 17664
eua.instiengage.com — Cisco Umbrella Rank: 26893
comment.instiengage.com — Cisco Umbrella Rank: 55459
static.instiengage.com — Cisco Umbrella Rank: 22787
66 KB
8 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 355
imasdk.googleapis.com — Cisco Umbrella Rank: 439
fonts.googleapis.com — Cisco Umbrella Rank: 81
157 KB
8 33across.com
ssc.33across.com — Cisco Umbrella Rank: 2035
ssc-cms.33across.com — Cisco Umbrella Rank: 1029
875 B
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 107
774 KB
7 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4251
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4967
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5271
signal-segments.s-onetag.com — Cisco Umbrella Rank: 7425
connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 3663
signal-metrics-collector-beta.s-onetag.com — Cisco Umbrella Rank: 3703
21 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 505
r.casalemedia.com — Cisco Umbrella Rank: 850
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 597
6 KB
6 google.com
adservice.google.com — Cisco Umbrella Rank: 103
www.google.com — Cisco Umbrella Rank: 17
15 KB
6 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 12728
sync.aralego.com — Cisco Umbrella Rank: 2234
2 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 399
1 KB
5 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 9139
2 KB
5 insticator.com
geoip.insticator.com — Cisco Umbrella Rank: 22436
event.insticator.com — Cisco Umbrella Rank: 17121
686 B
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
acdn.adnxs.com — Cisco Umbrella Rank: 623
29 KB
5 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 720
syndication.twitter.com — Cisco Umbrella Rank: 967
136 KB
4 breadbalance.com
breadbalance.com — Cisco Umbrella Rank: 125577
55 KB
4 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1643
3 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 410
mug.criteo.com — Cisco Umbrella Rank: 2434
rtb.fr.eu.criteo.com Failed
ads.eu.criteo.com Failed
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 69
region1.google-analytics.com — Cisco Umbrella Rank: 2603
21 KB
4 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1442
check.analytics.rlcdn.com — Cisco Umbrella Rank: 4152
api.rlcdn.com — Cisco Umbrella Rank: 871
id.rlcdn.com — Cisco Umbrella Rank: 667
36 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 196
140 KB
4 partplanes.com
partplanes.com — Cisco Umbrella Rank: 138085
61 KB
4 cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
d31qbv1cthcecs.cloudfront.net
df80k0z3fi8zg.cloudfront.net
142 KB
4 automatad.com
go.automatad.com — Cisco Umbrella Rank: 42003
b2cdn.automatad.com — Cisco Umbrella Rank: 28680
95 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 593
2 KB
3 srvsynd.com
s.srvsynd.com — Cisco Umbrella Rank: 13573
54 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 6937
www.google.de — Cisco Umbrella Rank: 4915
1 KB
3 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1816
sync.1rx.io — Cisco Umbrella Rank: 586
1 KB
3 technoratimedia.com
insticator.technoratimedia.com — Cisco Umbrella Rank: 21086
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 2878
7 KB
3 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 2798
l3.aaxads.com — Cisco Umbrella Rank: 4186
141 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
p4-hnjgd3wn5zodw-vjlioygtol53x3jo-if-v6exp3-v4.metric.gstatic.com Failed
31 KB
3 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 611
1 KB
3 amazonaws.com
s3-us-west-2.amazonaws.com
s3.amazonaws.com
2 KB
3 jeeng.com
users.api.jeeng.com — Cisco Umbrella Rank: 21543
telemetries.jeeng.com — Cisco Umbrella Rank: 13031
121 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 528
ads.yahoo.com — Cisco Umbrella Rank: 1244
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
398 B
2 openx.net
insticator-d.openx.net — Cisco Umbrella Rank: 19462
u.openx.net — Cisco Umbrella Rank: 773
476 B
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1441
103 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 164
110 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1149
pixel.quantserve.com — Cisco Umbrella Rank: 489
10 KB
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 731
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 151
2 KB
2 media.net
hbx.media.net — Cisco Umbrella Rank: 1487
prebid.media.net — Cisco Umbrella Rank: 1409
132 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 101
121 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1525
104 B
2 soapps.net
soapps.net — Cisco Umbrella Rank: 45207
18 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 485
708 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 2140
546 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 838
753 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1100
99 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 315
220 B
1 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 3230
1 KB
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 6116
1 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1558
342 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 282
16 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 258
7 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 135
13 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 247
917 B
1 aaxdetect.com
www.aaxdetect.com — Cisco Umbrella Rank: 5949
323 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2508
872 B
1 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2746
164 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1345
283 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1093
345 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1516
592 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com — Cisco Umbrella Rank: 5142
552 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 591
406 B
1 crtx.info
run.crtx.info — Cisco Umbrella Rank: 38409
104 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1437
42 KB
1 net.
d3l320urli0p1u.cloudfront.net.
41 KB
0 clarium.io Failed
protected-by.clarium.io Failed
326 77
Domain Requested by
17 www.westernjournal.com www.westernjournal.com
11 ins.connatix.com cd.connatix.com
11 securepubads.g.doubleclick.net d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
10 tpc.googlesyndication.com 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
8 www.youtube.com www.westernjournal.com
www.youtube.com
7 trends.revcontent.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
6 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com d3l320urli0p1u.cloudfront.net.
6 assets.revcontent.com d3l320urli0p1u.cloudfront.net.
6 c.amazon-adsystem.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
6 ads.pubmatic.com d3l320urli0p1u.cloudfront.net.
5 s.amazon-adsystem.com 3 redirects r.casalemedia.com
www.westernjournal.com
5 match.adsrvr.org www.westernjournal.com
d3l320urli0p1u.cloudfront.net.
r.casalemedia.com
5 ex.ingage.tech 1 redirects www.westernjournal.com
d3l320urli0p1u.cloudfront.net.
r.casalemedia.com
5 cds.connatix.com www.westernjournal.com
d3l320urli0p1u.cloudfront.net.
4 token.rubiconproject.com 4 redirects
4 cm.g.doubleclick.net 2 redirects r.casalemedia.com
www.westernjournal.com
4 dsum-sec.casalemedia.com 1 redirects r.casalemedia.com
4 eus.rubiconproject.com d3l320urli0p1u.cloudfront.net.
ex.ingage.tech
eus.rubiconproject.com
4 ssc-cms.33across.com d3l320urli0p1u.cloudfront.net.
4 breadbalance.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
4 yeet.revcontent.com www.westernjournal.com
4 www.google.com www.youtube.com
www.westernjournal.com
4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
4 hb.aralego.com www.westernjournal.com
4 g2.gumgum.com www.westernjournal.com
4 ssc.33across.com www.westernjournal.com
4 event.insticator.com www.westernjournal.com
4 ib.adnxs.com www.westernjournal.com
acdn.adnxs.com
4 www.googletagservices.com d3l320urli0p1u.cloudfront.net.
4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
4 partplanes.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
4 platform.twitter.com www.westernjournal.com
d3l320urli0p1u.cloudfront.net.
3 pixel.rubiconproject.com 1 redirects www.westernjournal.com
3 id5-sync.com www.westernjournal.com
3 fonts.googleapis.com 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
client
d3l320urli0p1u.cloudfront.net.
3 imasdk.googleapis.com www.westernjournal.com
d3l320urli0p1u.cloudfront.net.
3 s.srvsynd.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
3 images.revcontent.com www.westernjournal.com
3 cdn.revcontent.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
3 static.adsafeprotected.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
3 www.google-analytics.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
3 b2cdn.automatad.com www.westernjournal.com
d3l320urli0p1u.cloudfront.net.
2 sync.1rx.io 2 redirects
2 sync.aralego.com d3l320urli0p1u.cloudfront.net.
cdn.aralego.net
2 www.gstatic.com www.youtube.com
4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
www.gstatic.com
2 www.facebook.com www.westernjournal.com
2 signal-segments.s-onetag.com www.westernjournal.com
2 img.connatix.com www.westernjournal.com
2 jnn-pa.googleapis.com www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
2 adservice.google.com d3l320urli0p1u.cloudfront.net.
2 adservice.google.de d3l320urli0p1u.cloudfront.net.
2 s3.amazonaws.com d3l320urli0p1u.cloudfront.net.
2 insticator.technoratimedia.com www.westernjournal.com
2 mug.criteo.com www.westernjournal.com
2 gum.criteo.com 1 redirects
2 comment.instiengage.com 1 redirects www.westernjournal.com
2 eua.instiengage.com auth.instiengage.com
2 c.aaxads.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
2 confiant-integrations.global.ssl.fastly.net d3l320urli0p1u.cloudfront.net.
2 telemetries.jeeng.com www.westernjournal.com
2 connect.facebook.net d3l320urli0p1u.cloudfront.net.
2 hbopenbid.pubmatic.com www.westernjournal.com
2 ap.lijit.com www.westernjournal.com
2 auth.instiengage.com d3l320urli0p1u.cloudfront.net.
auth.instiengage.com
2 capi.connatix.com www.westernjournal.com
cd.connatix.com
2 sb.scorecardresearch.com d3l320urli0p1u.cloudfront.net.
www.westernjournal.com
2 d3lcz8vpax4lo2.cloudfront.net d3l320urli0p1u.cloudfront.net.
2 www.googletagmanager.com d3l320urli0p1u.cloudfront.net.
2 i.clean.gg www.westernjournal.com
2 soapps.net www.westernjournal.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 px.ads.linkedin.com www.westernjournal.com
1 ads.yahoo.com www.westernjournal.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 id.rlcdn.com www.westernjournal.com
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 sync.extend.tv 1 redirects
1 p.rfihub.com 1 redirects
1 sync.taboola.com r.casalemedia.com
1 x.bidswitch.net r.casalemedia.com
1 secure-assets.rubiconproject.com 1 redirects
1 r.casalemedia.com d3l320urli0p1u.cloudfront.net.
1 ssum-sec.casalemedia.com 1 redirects
1 ad-cdn.technoratimedia.com d3l320urli0p1u.cloudfront.net.
1 u.openx.net d3l320urli0p1u.cloudfront.net.
1 biddr.brealtime.com d3l320urli0p1u.cloudfront.net.
1 cdn.aralego.net d3l320urli0p1u.cloudfront.net.
1 acdn.adnxs.com d3l320urli0p1u.cloudfront.net.
1 api.rlcdn.com www.westernjournal.com
1 image6.pubmatic.com ads.pubmatic.com
1 check.analytics.rlcdn.com www.westernjournal.com
1 id.crwdcntrl.net www.westernjournal.com
1 s0.2mdn.net www.westernjournal.com
1 cdnjs.cloudflare.com www.westernjournal.com
1 www.google.de www.westernjournal.com
1 l3.aaxads.com www.westernjournal.com
1 signal-beacon.s-onetag.com d3l320urli0p1u.cloudfront.net.
1 onetag-geo.s-onetag.com www.westernjournal.com
1 stats.g.doubleclick.net www.westernjournal.com
1 vid.connatix.com cd.connatix.com
1 capi-tier-2-us-east-2.connatix.com cd.connatix.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.aaxdetect.com www.westernjournal.com
1 pixel.quantserve.com www.westernjournal.com
1 static.doubleclick.net www.youtube.com
1 img.revcontent.com www.westernjournal.com
1 syndication.twitter.com platform.twitter.com
1 apex.go.sonobi.com www.westernjournal.com
1 fastlane.rubiconproject.com www.westernjournal.com
1 insticator-d.openx.net www.westernjournal.com
1 hb.emxdgt.com www.westernjournal.com
1 prebid.a-mo.net www.westernjournal.com
1 tag.1rx.io www.westernjournal.com
1 get.s-onetag.com d3l320urli0p1u.cloudfront.net.
1 rules.quantcount.com d3l320urli0p1u.cloudfront.net.
1 static.instiengage.com www.westernjournal.com
1 geo.privacymanager.io www.westernjournal.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com www.youtube.com
1 df80k0z3fi8zg.cloudfront.net d3l320urli0p1u.cloudfront.net.
1 geoip.insticator.com www.westernjournal.com
1 s3-us-west-2.amazonaws.com d3l320urli0p1u.cloudfront.net.
1 secure.quantserve.com d3l320urli0p1u.cloudfront.net.
1 ats.rlcdn.com d3l320urli0p1u.cloudfront.net.
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.westernjournal.com
1 certify.alexametrics.com www.westernjournal.com
1 prebid.media.net www.westernjournal.com
1 cd.connatix.com 1 redirects
1 geoip.instiengage.com www.westernjournal.com
1 hbx.media.net d3l320urli0p1u.cloudfront.net.
1 d31qbv1cthcecs.cloudfront.net d3l320urli0p1u.cloudfront.net.
1 bh.contextweb.com www.westernjournal.com
1 go.automatad.com 1 redirects
1 users.api.jeeng.com www.westernjournal.com
1 run.crtx.info www.westernjournal.com
1 www.googleoptimize.com www.westernjournal.com
1 product.instiengage.com www.westernjournal.com
1 d3l320urli0p1u.cloudfront.net. www.westernjournal.com
0 p4-hnjgd3wn5zodw-vjlioygtol53x3jo-if-v6exp3-v4.metric.gstatic.com Failed 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
0 protected-by.clarium.io Failed 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
0 pagead2.googlesyndication.com Failed 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
srcdoc
www.westernjournal.com
0 ads.eu.criteo.com Failed 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
0 rtb.fr.eu.criteo.com Failed www.westernjournal.com
326 144

This site contains links to these domains. Also see Links.

Domain
getadmiral.typeform.com
getadmiral.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-13 -
2023-06-13		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.instiengage.com
Sectigo RSA Organization Validation Secure Server CA		 2022-05-24 -
2023-05-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.crtx.info
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
jeeng.com
Cloudflare Inc ECC CA-3		 2021-09-13 -
2022-09-12		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.soapps.net
Sectigo RSA Organization Validation Secure Server CA		 2022-01-13 -
2023-01-22		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2022-06-10 -
2022-09-08		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
partplanes.com
GTS CA 1P5		 2022-06-08 -
2022-09-06		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
revcontent.com
Amazon		 2021-08-09 -
2022-09-07		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
assets.revcontent.com
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
certify.alexametrics.com
Amazon		 2022-05-30 -
2023-06-28		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2021-10-12 -
2022-11-10		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon		 2021-12-17 -
2022-11-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-21 -
2022-07-20		 3 months crt.sh
telemetries.jeeng.com
GTS CA 1D4		 2022-06-08 -
2022-09-06		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2021-08-11 -
2022-08-25		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.aaxads.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.s-onetag.com
Amazon		 2022-01-04 -
2023-02-01		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2021-07-15 -
2022-07-18		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-05-20 -
2022-08-18		 3 months crt.sh
*.a-mo.net
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
cdn.revcontent.com
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
img.revcontent.com
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
images.revcontent.com
R3		 2022-07-09 -
2022-10-07		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.aaxdetect.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
srvsynd.com
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
b2cdn.automatad.com
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
breadbalance.com
GTS CA 1P5		 2022-06-08 -
2022-09-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
analytics.rlcdn.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh

This page contains 39 frames:

Primary Page: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Frame ID: F54D42F44386A796BFC683EF4DAE1646
Requests: 184 HTTP requests in this frame

Frame: https://auth.instiengage.com/auth/index.html
Frame ID: BF6FA6A41BD0041F6B106CD7285E1C37
Requests: 3 HTTP requests in this frame

Frame: https://cds.connatix.com/p/169822/connatix.player.dc.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Frame ID: A7BBDC0186C7FBA71519EB0A65871CA4
Requests: 20 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
Frame ID: 71B479FD8798572F3F38C3E9C3B0AAC7
Requests: 21 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html?origin=https%3A%2F%2Fwww.westernjournal.com
Frame ID: 92618C74448E80370F7C90647B70E77F
Requests: 2 HTTP requests in this frame

Frame: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0EFC1E031EDDE3E349E88C3094F79BF7
Requests: 1 HTTP requests in this frame

Frame: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C460DC664DA60FA8CC65DFDC724E02B7
Requests: 13 HTTP requests in this frame

Frame: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D88EA1896628F66CA3B107549B7AA4AE
Requests: 10 HTTP requests in this frame

Frame: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D98FE5487D60EAFEB5C6C695F8F3C90E
Requests: 8 HTTP requests in this frame

Frame: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D85F09A5057CD26C7C0FA7D2113266B5
Requests: 1 HTTP requests in this frame

Frame: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 25491FB0F752F01E17DC44A9880253F0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=WestJournalism&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1277659344868225031&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&sessionId=16127b746a1d92260c65e37bd12fbe4d26c17496&siteScreenName=WestJournalism&theme=light&widgetsVersion=3235bd17138fa%3A1657578976990&width=550px
Frame ID: 1AF80A577AA9E608087560AF41D46ECE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html
Frame ID: 9A979C82A98014410417DEE7072C52F5
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html
Frame ID: 8E96AD2C9D963105932A565A32632C64
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html
Frame ID: EBB8861FD18D09392A9F4F764DE2296F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DF3DA882DA2B9DB2479BF9775CEDB23C
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys4aYgAG02YH_ZlJAAS-VcIxSBpQCcxGVqlYpg&u=%7CDjoFNrpw8fOzbhJNJTnMLYy%2FMbaofpj%2Fmi9y3jVvznY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MCkYQDzO89rvOncPEPJVvW98NsCrMubiPTVw4MZ3TPXOmrRwuuwNyo7bEzcxS114xmyiODf0zWMtzYJiD8d3z5xTTVwa7ouTUA7SOFEXn5Nw1e8AjhFiN6YqQ_xvmHjAYWK7W6BiT1YaxqrWN3Et2e2IQNK9SXOHKEUR_VBN9Xee7kgjj8uMAvp8_xEJkFd7p83BspXZ_Zq_3cDnQo0s23vnUn6gw4USHMhBqI1eKG38R3mjCUB6I5RHGHOCciIZZXeBmXSL8NKs6IyXiraDPgPBXgnS7DwLNIB9YhqLTI8wi-6SbZY1R0v5NsDvAcFBeMBRrtstxQ-wa7g4Zl3Y8NcoqRrY4Optcs8QLPE4zMAzPapn5xNrz0iEg8Bn60aw-dkCxZw9VZ7n2TFAlcudZM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9fQZYhrOYuamG8my9u8P1fySuAjJntKxXNWdkfdwwI23ARABIABglcr5gZQHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAdW20uoDyAEJqQKex4kW5NOwPuACAKgDAaoEhwNP0BLtJKtb6_Y4gAcw3OwaKPeUgUY5JIUFHY8S92oyKiEl6UI9NJ7B2J_jiRJa9Oz0fMuQ3tSIzHStBg2I9aAH0wyAWsQYgBwNijEVKIaI7FQMiT76LS95E4BkexsSsbYUMN7WCESUFlQkNjrucIE59GRI65DJKouKE4x-UQM4dNeja7xWCgWLDl8s2TgE_yUaomrEspi9tuHG3jx4wyLccEilyoEKMCK5nTy7yVcLSZ0sMTyWW5hPQrkxIMSOwT8nO9uUa9HW_xPMm5aIG-tqLl2_x7Cc6cFAISrvyTh_b0yB7GUX51u5hihhHkPcwG0CIsl9zv0Uyb74cYxW0X4CTakO8ukxJosddP64hfpWLoXf5qAcd4TDZsbB0XaYXH36jhJbMH4usBI3r5v_kQNOPkjsTicrs6B9xjeFbALIZ_MSOpu2HBKtMho1X-RgMqwQ-G5MlYi6quMM1Sr5I20uTJAiEgPHzcmjQM6DzHWSkAs9FKv31p_rWO0h8FGiItSwMzmWDq2y4AQBgAafqav584bY1lOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0smZjO2LyvieyXBHORxRS4jhBFgw%26client%3Dca-pub-2697679518515886%26adurl%3D
Frame ID: 6601CBC17586DD130D48EA675D5307B8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C8BFCDB20101FD0A1D4B2A0DE471695B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A5447E8F9154259ABE95B729C9F449A1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 70B09BB79687B2A364945B4E632085B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Frame ID: AE9E7029319E7F70A79B98D6BF1BB2CA
Requests: 1 HTTP requests in this frame

Frame: https://p4-hnjgd3wn5zodw-vjlioygtol53x3jo-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Frame ID: 81D123204142877B3F9899E7B5C97222
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158410
Frame ID: A3D41357C8B1E72821BF0D54CEB69DDE
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 55309E2BBED1927299AC48DE161E1CA0
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aBPa4O7Kyr7ioGrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 410F54F1911C834632985BCFB0CCB178
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3DPM_UID
Frame ID: 602E7AF729A9F6CA5FD2FA68B9A5E885
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: F9F8144B90880953B9A0544E391F4581
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 0BFAAB50752A42B137A0FEFB8AE858C3
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: F79BF30F8C2324285543A6563986E2C4
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aISzFq7Kyr7ioGrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 7AD326A116E783A24C1C5E388F8DFEE5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Frame ID: D0562178E7B302B82296B1EB3E99C107
Requests: 4 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.15.0
Frame ID: 329D07CA9EFD76789F78FB059E9DE0C0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D42C867369A928CC23627184A1A703D4
Requests: 10 HTTP requests in this frame

Frame: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
Frame ID: 9FF0DD558F3777ED8194BAE7DD335801
Requests: 10 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aleOzs7Kyr7ioGrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 5E597839A638FD102E199133E25F38BA
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=asRWdk7Kyr7ioGrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 3D1DD9A0315F0755AD1603E70191ADA6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Frame ID: 5E89A2620F95BAC4F640C5386C49577A
Requests: 1 HTTP requests in this frame

Frame: https://sync.aralego.com/idSync/?ucf_nid=par-BE7E7ADB8D34EE2BF7BBD2899BB62A77&gdpr=0&redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fucfunnel%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3DUCFUID
Frame ID: 472A6A7DAF71CBA9EE1D9ADC8CF69956
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6162062275
Frame ID: D4CF281C1D5644C35CC13F000DBDDAD0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

326
Requests

89 %
HTTPS

36 %
IPv6

77
Domains

144
Subdomains

119
IPs

9
Countries

4854 kB
Transfer

14736 kB
Size

76
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://go.automatad.com/geo/OaEAJP/afihbs.js HTTP 301
  • https://b2cdn.automatad.com/geo/OaEAJP/all-geo-W/afihbs.js
Request Chain 39
  • https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c HTTP 302
  • https://cds.connatix.com/p/169822/connatix.player.dc.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Request Chain 86
  • https://comment.instiengage.com/live/loader/loader.js HTTP 301
  • https://static.instiengage.com/app-loader/static/loader.js
Request Chain 91
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ZhK6G3x2bjBCVnI1ZitzVG1CUDhrWWNONythUy83clV1SU5Ca1pzaHVJNTBSK1lUUndSdmcrbURMck1nWkRtb0tMcmc0TUxuY1VBaGVOTWpUaUZYRVZwejNwYVhoY1dPSFZrQis5aGcxOUxXNW5OT1hSWmlBem9hanRabTdvWW9UbkZ3T3dqZzZBZUk4RmxrVkw3cyt0SFp1TkM3d3hWSXhjVzV6SjYvT3VBeVNpS3NScGR5ZldmSzV3VzJSRHgvQU5oYzh3T0dFOWhTdVhQaHR1RC81NjdSRmRoeGkzL050UXFHb3dYclFKRzE0Q2FNb1I4bGlDc0tyWnZ2SFB0SjZDdkJofA&cppv=2
Request Chain 134
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 289
  • https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D HTTP 302
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
Request Chain 294
  • https://ex.ingage.tech/v1/syncPage/unruly?userId=0c348f1f-1466-4945-a089-450e93358bb3&to=https%3A%2F%2Fsync.1rx.io%2Fusersync2%2Frmpssp%3Fsub%3Dinsticator HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator&zcc=1&cb=1657674341744 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6162062275
Request Chain 298
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Request Chain 300
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ys4aZRFEV2BhvTwOIyOcwgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE8sgknjeEA05UrRo9ZrKUs&google_cver=1&gdpr=1
Request Chain 303
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys4aZRFEV2BhvTwOIyOcwgAABHgAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys4aZRFEV2BhvTwOIyOcwgAABHgAAAIB&dcc=t
Request Chain 306
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588520808044868
Request Chain 307
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f5c79cb8-a065-4aa1-a848-2fd8285e0ac2
Request Chain 312
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/R24AOzju_WWnm3CP8ZzG48n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8609829194155222922
Request Chain 313
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECs_Oh7nHTw2kS92Hx-HkJA&google_cver=1
Request Chain 314
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5IWI0T5-28-64PH&sigv=1&esig=2~d95affe5a0bb4662a323b543d1157375c2bd8d5b
Request Chain 315
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VJ02xURxS4WqZ6q_Qaw_PQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VJ02xURxS4WqZ6q_Qaw_PQ
Request Chain 317
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVJV0kwVDUtMjgtNjRQSA==
Request Chain 318
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5IWI0T5-28-64PH

326 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/ 		264 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6456004d9b2021298249f8e2b4b0316fbc3232d4413ee21b201d2fb68ee27df
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=1800
cf-cache-status
EXPIRED
cf-ray
729e1c6f8ded9243-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 01:05:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Tue, 12 Jul 2022 00:50:39 GMT
link
<https://www.westernjournal.com/wp-json/>; rel="https://api.w.org/" <https://www.westernjournal.com/wp-json/wp/v2/posts/3086439>; rel="alternate"; type="application/json" <https://www.westernjournal.com/?p=3086439>; rel=shortlink
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
script.js
d3l320urli0p1u.cloudfront.net./ 		118 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3l320urli0p1u.cloudfront.net./script.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:5400:d:99dd:3480:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a91b27c9bc0af2fd36659e04a6249960e1fa23cac3704fe53cea5910b36d8465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 15:08:41 GMT
server
AmazonS3
age
365
etag
W/"0ac7268620c5cc1d8de0c7b0cabdebe2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 745bd6e0dfe1d054bf9397c4a6fbc612.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
VIE50-P1
x-amz-cf-id
K88jCQbJm8Mp1WLlc4Z9Yxuwu9rCoPEXVXsIgaFcEB_R9zY7pHrzuQ==
classic-main.css
www.westernjournal.com/wp-content/themes/firefly/assets/css/ 		60 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.westernjournal.com/wp-content/themes/firefly/assets/css/classic-main.css?ver=2.0-1657055523
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
062b0d22ad022b356e28c693483746d526490b53acedf582d3df368744d35d03
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2022 21:12:03 GMT
server
cloudflare
age
4088
etag
W/"62c4a923-11b45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=1800
cf-polished
origSize=72517
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
729e1c7b6c9f9243-FRA
cf-bgj
minify
prebid.js
www.westernjournal.com/wp-content/themes/firefly/assets/js/ 		296 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.westernjournal.com/wp-content/themes/firefly/assets/js/prebid.js?ver=1657030487
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
897c8ed302822389fa45468e00618479321e071c84a8706bf7d3425171a4d760
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2022 14:14:47 GMT
server
cloudflare
age
3669
etag
W/"62c44757-49efa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
729e1c7c2d149243-FRA
9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
product.instiengage.com/product-loader-code/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://product.instiengage.com/product-loader-code/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ca00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5635608c85a07da967f952dc1d8b0f01354ea5b1af4fcc02941d78ed7c4f98a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
BxMum4xggLoMYaI0y0MJN0PeT6PjKUB5
content-encoding
br
last-modified
Tue, 12 Jul 2022 15:10:17 GMT
server
AmazonS3
age
209
etag
W/"1fa0648538fd6f7dff7bddc99554a901"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
cache-control
max-age=3600,public
date
Wed, 13 Jul 2022 01:02:45 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
_OSi7aZ4vR5qHmZDHXR5BDVO5P8Y_pzQqCkPSK_OYUaYrzZjiIKElQ==
optimize.js
www.googleoptimize.com/ 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-WL75GFT
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cdf1b9fb710d3dfacf7d95fa1def7a49bf9290cd46b576ea6d3095f567e62880
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42298
x-xss-protection
0
expires
Wed, 13 Jul 2022 01:05:36 GMT
track.min.js
run.crtx.info/ 		103 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://run.crtx.info/track.min.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:da00:14:248f:8500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ad498922283d143b7abade92e57ea7f0aea2bd35655220dc50a675f463a3c04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 04:08:04 GMT
via
1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified
Mon, 15 Feb 2021 22:14:47 GMT
server
AmazonS3
age
75453
etag
"f88a765c6ea3dacc55ca6ed581e54f1f"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
content-length
105945
x-amz-cf-id
c7PBraa32Meze0bBjCys7pssLVnasP2an5ODKExtAkCy1Oo1FOdSPw==
/
users.api.jeeng.com/users/domains/VAM4nzne41/sdk/ 		354 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://users.api.jeeng.com/users/domains/VAM4nzne41/sdk/
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:264e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
123d31532bc0abb2eaf2e1d15028ed425c920dff4bc1712805cf2fee5c2bbaa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
age
1937
x-powered-by
Express
x-cache
Hit from cloudfront
access-control-allow-origin
*
server
cloudflare
etag
W/"588e3-6Kk9LCJ2M6yQDVKYWfhMwqf487M"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
x-cloud-trace-context
84a57122ba317dd7cfe76394dc33e1c2
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
cf-ray
729e1c7cab369296-FRA
x-amz-cf-id
gwmHUt58FvWKr_2mW4rPGolESGDaRzBs2h0Yi9VsAmfXqA6ToTdoNA==
afihbs.js
b2cdn.automatad.com/geo/OaEAJP/all-geo-W/
Redirect Chain
  • https://go.automatad.com/geo/OaEAJP/afihbs.js
  • https://b2cdn.automatad.com/geo/OaEAJP/all-geo-W/afihbs.js
45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2cdn.automatad.com/geo/OaEAJP/all-geo-W/afihbs.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS-879 /
Resource Hash
a8fab022958e5b449fc18d22b1f9a167d3d5edddcc7e70b700c97f1a492a937a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
br
x-openstack-request-id
tx0d7c436eefcc4d5cb3d64-0062b72faf
cdn-edgestorageid
883
access-control-allow-origin
*
x-iplb-instance
45516
cdn-cachedat
07/01/2022 20:11:57
cdn-pullzone
87832
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id
tx0d7c436eefcc4d5cb3d64-0062b72faf
server
BunnyCDN-AMS-879
x-timestamp
1654524774.52011
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Mon, 06 Jun 2022 14:12:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
x-iplb-request-id
B95D01F3:91CB_8E2CE366:01BB_62B72FAF_C5D10C:1C7B0
vary
Accept-Encoding
x-object-meta-mtime
1654524770.705643102
cdn-cache
REVALIDATED
cdn-uid
02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control
public, max-age=120
cdn-requestid
b725620311b0ef56bec114047054a42c
content-type
application/javascript
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Wed, 13 Jul 2022 01:05:37 GMT
server
nginx/1.17.8
content-type
text/html; charset=utf-8
location
https://b2cdn.automatad.com/geo/OaEAJP/all-geo-W/afihbs.js
cache-control
no-cache
x-automatad-country
DE
content-length
93
expires
Wed, 13 Jul 2022 01:05:36 GMT
wj-logo-white.svg
www.westernjournal.com/wp-content/uploads/2022/05/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/05/wj-logo-white.svg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107efb180fdc839cd0c0d138c64525679bfe24d23a45dfe2d707a3d9ec03ed16
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 May 2022 10:03:49 GMT
server
cloudflare
age
2298225
etag
W/"62861605-147f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
729e1c7c8d4f9243-FRA
wj-logo-blue.svg
www.westernjournal.com/wp-content/uploads/2022/05/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/05/wj-logo-blue.svg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f3e01f5c6b35ee75f07456af79f93e9477f1d0e167a6d82b11995a9967506c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 May 2022 10:03:51 GMT
server
cloudflare
age
2298225
etag
W/"62861607-147f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=31536000
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
729e1c7c8d519243-FRA
warner_todd_huston-150x150.jpg
www.westernjournal.com/wp-content/uploads/2022/01/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/01/warner_todd_huston-150x150.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d88a00bca5c76a2e6bcdd592af3255593bd8972b52585081b005e723a3113c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
cf-cache-status
MISS
last-modified
Tue, 25 Jan 2022 20:47:12 GMT
server
cloudflare
etag
"61f061d0-4c7b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
strict-transport-security
max-age=2592000; includeSubDomains
accept-ranges
bytes
cf-ray
729e1c7c8d529243-FRA
content-length
19579
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/674D) /
Resource Hash
d9a6e71441811bf8ad12d3fdd93bf7dc4a187a9de4982996189e90cd6ba295b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:36 GMT
Content-Encoding
gzip
Age
212
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
29251
x-tw-cdn
VZ
Last-Modified
Mon, 11 Jul 2022 23:29:05 GMT
Server
ECS (frb/674D)
Etag
"6bd810ca00e69f1e65a4c1093054e30c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
bundle.js
soapps.net/live/loader/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/bundle.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.129.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-129-115.compute-1.amazonaws.com
Software
/
Resource Hash
a2e79845e72a66bbedb76e43644b2246bf2d17f646769e110df62cd07f82b768
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 29 Jun 2022 10:50:58 GMT
ETag
W/"62bc2e92-4412"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
counter.js
soapps.net/live/loader/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://soapps.net/live/loader/counter.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.227.129.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-227-129-115.compute-1.amazonaws.com
Software
/
Resource Hash
f16d3840dcefb86d1c02a0d53d4da8ad527ad92b1b250ce9d96bcc2722a9ac81
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:37 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 29 Jun 2022 10:50:58 GMT
ETag
W/"62bc2e92-66bc"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/javascript
Cache-Control
public, max-age=300
Transfer-Encoding
chunked
Connection
keep-alive
set.aspx
bh.contextweb.com/bh/ 		49 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/set.aspx?action=add&pid=1&advid=5248&token=LCMHRD&do=add
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
de-DE
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-57cd67f859-kh88s
expires
-1
global-min.js
www.westernjournal.com/wp-content/themes/firefly/assets/js/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.westernjournal.com/wp-content/themes/firefly/assets/js/global-min.js?ver=1.1-1657054892
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33fc259e4e68eb54430457513e7f6edceeab13f97bd1116375fd829d2fee31dc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Jul 2022 21:01:32 GMT
server
cloudflare
age
6607
etag
W/"62c4a6ac-1845c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
729e1c7c8d539243-FRA
wp-embed.min.js
www.westernjournal.com/wp-includes/js/ 		1 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.westernjournal.com/wp-includes/js/wp-embed.min.js?ver=5.8.4
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Feb 2021 22:40:03 GMT
server
cloudflare
age
3174
etag
W/"601b2643-592"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1800
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
729e1c7c0d039243-FRA
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 13 Jul 2022 01:05:36 GMT
server
nginx/1.21.6
via
1.1 google
gtm.js
www.googletagmanager.com/ 		176 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K3K9VP
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e28a29b0e3bbf50cc0235f435d4d1251bfc888952dfbdebcee042d490c558e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52098
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 00:14:44 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 13 Jul 2022 01:05:36 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158410/3599/ 		167 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158410/3599/pwt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dea36661bcd2e84495bb6ab5c2b679cde1267f5fd6e9e4f44908b3acb8816ec6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 19:39:57 GMT
server
Apache
etag
"1421c11-29a3b-5cd3b9c953a17"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=123688
accept-ranges
bytes
content-type
text/javascript
content-length
54751
expires
Thu, 14 Jul 2022 11:27:05 GMT
9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
d3lcz8vpax4lo2.cloudfront.net/ads-code/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/ads-code/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4400:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed534c2ed462b4833b0f970f5b9852f0f0668be80197a04d8c8bbd7b95f3bc71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
fU_wn7Ra1VVAPlQL06cbhgKS_Dpgfq5C
content-encoding
br
last-modified
Tue, 12 Jul 2022 14:44:20 GMT
server
AmazonS3
age
59
etag
W/"6b1516c7e98a0a4bf0c23834060e070f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Wed, 13 Jul 2022 01:05:36 GMT
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
GMIW5nn1pTG08Q2M6vpZcn9wAbckyui_16_ojzsHYTnIWfGAWd5mMg==
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-48.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sat, 28 May 2022 01:59:52 GMT
Via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
3971145
ETag
"d89453438fbf10dcf4c13265c40d5160"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=26920000
X-Amz-Cf-Pop
FRA56-P7
Accept-Ranges
bytes
Content-Length
4255
X-Amz-Cf-Id
jvZMU9vZKcTqCW4JLAlb65brMngYFH1xvVbTSw0iFhyHWkRIb6mB7Q==
v2fnsXllGjmYYZDkgwKOyVaoXJwgkvcNWxl2LluCH7xXOUPsl-k9MOjWVvyBLU2vM
partplanes.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partplanes.com/v2fnsXllGjmYYZDkgwKOyVaoXJwgkvcNWxl2LluCH7xXOUPsl-k9MOjWVvyBLU2vM
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
c187b984aa89c6340d574fcb9f3b1882ba025fad66be1eaf689f104cc40cda50
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"2a851f33fb4800134d271eb1e519bd5cd02a89fb23905ba62e53e19e61db0fea"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-n4tq
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 13 Jul 2022 01:05:36 GMT
x-buildnumber
586086155
timing-allow-origin
*
bidexchange.js
hbx.media.net/ 		574 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/bidexchange.js?cid=8CUYW0S8R&version=5.1&dn=www.westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-200-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3f9b04fa4a25f7912b0d89bd04e13754ecaf2e69b95151e998644e012e0cd363
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Wed, 13 Jul 2022 01:05:36 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
timing-allow-origin
*
expires
Wed, 13 Jul 2022 01:35:36 GMT
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bd217c51f258c4656f1c64c87a959b4f1624c621607dcf3a826cd4c9ce63ec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28012
x-xss-protection
0
server
sffe
etag
"1272 / 490 of 1000 / last-modified: 1657663598"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Jul 2022 01:05:36 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 13 Jul 2022 00:44:48 GMT
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 20:51:38 GMT
server
AmazonS3
age
1249
etag
W/"72916dde70b34122b394074010b382ce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P6
content-encoding
gzip
x-amz-cf-id
TtTUgVh4v5sAo8d13eWPjmk2aMjEUNEtKRgBCGHa1H_ogyPAswoC3w==
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 01:37:00 GMT
content-encoding
gzip
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
age
84517
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
f-Eg6DAHivzXwKVXrKRObqly-1XoVko0U9eg2g6R5i9TNETlg36-zQ==
Khiara-Bridges-Josh-Hawley-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/07/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/07/Khiara-Bridges-Josh-Hawley-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4871228653d98c7ab91a884e9f02cd1b79908ecb5db26836db1098edcf3fe1
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
11984
cf-polished
origSize=31493, status=webp_bigger
content-length
27264
last-modified
Tue, 12 Jul 2022 21:15:32 GMT
server
cloudflare
etag
"62cde474-7b05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
729e1c7c9d5f9243-FRA
cf-bgj
imgq:100,h2pri
Untitled-design-2022-07-12T071826.883-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/07/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/07/Untitled-design-2022-07-12T071826.883-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1751af1ad1882c8f739afee6c9199d5bf85c2bb2f808ba45a167df23ff3318aa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
47879
cf-polished
origSize=29556, status=webp_bigger
content-length
27763
last-modified
Tue, 12 Jul 2022 11:18:50 GMT
server
cloudflare
etag
"62cd589a-7374"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
729e1c7cad609243-FRA
cf-bgj
imgq:100,h2pri
Untitled-design-2022-07-12T093426.340-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/07/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/07/Untitled-design-2022-07-12T093426.340-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af6c3b631a665bd5927bd8edf37a59596fceb2cba7a048ca784bb5d39ab843ca
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
39193
cf-polished
origSize=31521, status=webp_bigger
content-length
29440
last-modified
Tue, 12 Jul 2022 13:34:47 GMT
server
cloudflare
etag
"62cd7877-7b21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
729e1c7cad619243-FRA
cf-bgj
imgq:100,h2pri
Dave_Yost_Ohio_AG-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/07/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/07/Dave_Yost_Ohio_AG-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b895ff9e811f19d652fc8ffdd7924f2f580859e998a81ae294e0232f805ac0a8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
17273
cf-polished
origSize=32945, status=webp_bigger
content-length
32171
last-modified
Tue, 12 Jul 2022 18:13:25 GMT
server
cloudflare
etag
"62cdb9c5-80b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
729e1c7cad629243-FRA
cf-bgj
imgq:100,h2pri
Disney-pride-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/07/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/07/Disney-pride-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6b34418e76b41bb4b0858e36488f170916069c13109a2433309785f4c5eff73
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
13523
cf-polished
origSize=37262, status=webp_bigger
content-length
34852
last-modified
Tue, 12 Jul 2022 20:47:08 GMT
server
cloudflare
etag
"62cdddcc-918e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
729e1c7cad639243-FRA
cf-bgj
imgq:100,h2pri
Nina-Jankowicz-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/07/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/07/Nina-Jankowicz-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b18c5700d0526eb4867705b0907e89d9d51a9f24697782b96cf93abd55aafc34
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
39531
cf-polished
origSize=22660, status=webp_bigger
content-length
20938
last-modified
Tue, 12 Jul 2022 13:28:44 GMT
server
cloudflare
etag
"62cd770c-5884"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
729e1c7cad649243-FRA
cf-bgj
imgq:100,h2pri
serve.js.php
trends.revcontent.com/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/serve.js.php?w=110583&t=rc_997&c=1657674336738&width=1600&referer=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.242.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-242-12.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
86d85ef9d429dcff2fd26e97dad7e05a5a69e4c628af757f555674347bf995ed
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
1252
si
capi.connatix.com/tr/ 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=1eba740d-7077-438a-9d6f-8a848d60672b&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
access-control-allow-credentials
true
accept-ranges
bytes
content-length
0
access-control-max-age
86400
content-type
application/json
/
geoip.instiengage.com/json/ 		245 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.instiengage.com/json/
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.212.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-212-134.compute-1.amazonaws.com
Software
/
Resource Hash
9e712925468c945fc143153b4bd2ed96dd6397b2115efbc0f40afa21c5e9536c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:37 GMT
access-control-allow-credentials
true
x-database-date
Tue, 12 Jul 2022 19:14:50 GMT
content-length
245
vary
Origin
content-type
application/json
index.html
auth.instiengage.com/auth/ Frame BF6F 		71 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/index.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ca00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed6000ae436062e81c720d3eaa8435f5e5d6c2c1fd732a21a89239833ea8bb9e

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
118
cache-control
max-age=300
content-length
71
content-type
text/html
date
Wed, 13 Jul 2022 01:03:39 GMT
etag
"b9491f411770504985f7455cc2dd1c88"
last-modified
Wed, 29 Jun 2022 12:04:25 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
x-amz-cf-id
ZkIcXjodRNEiWW4jc5JLlALtvIlSA5aytX9VUOqCLHpvD2iSK2xIDg==
x-amz-cf-pop
FRA56-P3
x-amz-version-id
lDuir2UAc9E4Rrlu1XeSO1az8Q408jtD
x-cache
Hit from cloudfront
cop-in-car-559x327.jpg
www.westernjournal.com/wp-content/uploads/2022/07/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/uploads/2022/07/cop-in-car-559x327.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
996cc355b02ca8b07027d89aad116552b619f26a299cdfdce3cc902c55b0c1ed
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
cf-cache-status
MISS
last-modified
Wed, 13 Jul 2022 00:33:25 GMT
server
cloudflare
etag
"62ce12d5-5169"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
strict-transport-security
max-age=2592000; includeSubDomains
accept-ranges
bytes
cf-ray
729e1c7cbd789243-FRA
content-length
20841
connatix.player.dc.js
cds.connatix.com/p/169822/ Frame A7BB
Redirect Chain
  • https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
  • https://cds.connatix.com/p/169822/connatix.player.dc.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
1 MB
274 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/169822/connatix.player.dc.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b3346c170b35963c12dede0b11af46770fc8dec58b211f69eaf2b105f87e271

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
br
last-modified
Tue, 12 Jul 2022 13:26:40 GMT
age
41556
etag
"23724c419d88e786fdda31514851aa95"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
279689

Redirect headers

location
https://cds.connatix.com/p/169822/connatix.player.dc.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
date
Wed, 13 Jul 2022 01:05:37 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
bid
ap.lijit.com/rtb/ 		24 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.3.0
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
4e35b4fad72a5955d3cf90e8ed82c9a6e1102a62e53d849f1dd7d3fd382a06a5

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Jul 2022 01:05:36 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.westernjournal.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e41da7505a486f1f3ae67e58c3fcc4e4f759106f0747f9f3ec45893562ac4d3f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Jul 2022 01:05:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.162.209.134; 178.162.209.134; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9a6e6cbe-8e35-405e-8c98-ada6e09bd387
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.westernjournal.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/ 		338 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU8Y0E88
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c101692679dd5f24a4fefecb620e1b0107ec4e08c6e6e9e32dbaf1a4868e8c3f

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
translator
hbopenbid.pubmatic.com/ 		0
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
7nses9-w5BU
www.youtube.com/embed/ Frame 71B4 		63 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4b0d17cd120bef7df65b09e2ef7bba272164a245e318005c535623d246e81b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Wed, 13 Jul 2022 01:05:36 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
authIframe.js
auth.instiengage.com/auth/ Frame BF6F 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://auth.instiengage.com/auth/authIframe.js
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:ca00:9:78a:e540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://auth.instiengage.com/auth/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
TVWRK3pkNhZcT_LWKouW.Zjz_x6_YXzz
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 20:32:00 GMT
server
AmazonS3
age
50
etag
W/"e0bffec4a3929b23d4347f914449f5cb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
cache-control
max-age=300
date
Wed, 13 Jul 2022 01:04:46 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
Fxge3mYCVZ-u_4ci3knGt3X42BeKmhmg0M33jocZsr07KUMLgf_Tow==
delivery.js
assets.revcontent.com/master/ 		154 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
baef494f7ae268d69fe448d07bb3b3e0ac9f863e25fa649e8ffbc29bad7be8be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 16:22:40 GMT
server
AmazonS3
x-amz-request-id
WD7AVFAPPE1AYHJW
etag
"38355562882cc79c426e179bf54b2baf"
x-hw
1657674336.cds160.fr8.hn,1657674336.cds146.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
50174
x-amz-id-2
xeXsQwGTlW0AyxFw+ZomdOyuQSFSXjZplbcWAnfqyw8s6jubcEJ2lQyhek2QPAXSn4tceWiJDX4=
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20in%20Federal%20Prison&time=1657674336840&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&random_number=20843522464&sess_cookie=e3d6da32181f5170a478d38a9c7&sess_cookie_flag=1&user_cookie=e3d6da32181f5170a478d38a9c7&user_cookie_flag=1&dynamic=true&domain=westernjournal.com&account=C1z2k1acFH002c&jsv=20130128&user_lang=en-US
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-118.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 12 Jul 2022 03:02:56 GMT
Via
1.1 f52fb277cecd3d7de14d996c1f683de2.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
79362
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
MUC50-P2
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
vp1M272VcGgOdXRXukTvLm8UXtZEVQNuRcOYw46Jz93gGzrv_QyUWA==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.20.242.89 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-20-242-89.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
server
Server
f7060245-2280-4168-a5a7-87f79f9d0e3e.js
d3lcz8vpax4lo2.cloudfront.net/header-tags/9af198ff-22cf-4d4b-80d5-b58d0f23e539/ 		168 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3lcz8vpax4lo2.cloudfront.net/header-tags/9af198ff-22cf-4d4b-80d5-b58d0f23e539/f7060245-2280-4168-a5a7-87f79f9d0e3e.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4400:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fd26d8422c7fa91ebca3a37dd9d891528e7c12496a4d01bc8d13fab36f826d3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
cHctciEdG8Qla2zKejlIGEBtXTR8QpBM
content-encoding
br
last-modified
Tue, 12 Jul 2022 14:44:18 GMT
server
AmazonS3
age
57
etag
W/"4aa657a9d5a3b7a85a12b9981a5395a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Wed, 13 Jul 2022 01:05:36 GMT
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
GP-FYxZYQrrBk3rqoSWxxPsOeaWpOPeK9NQs1k0O6dRLKCidnrKXVQ==
ats.js
ats.rlcdn.com/ 		109 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-125.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
br
etag
W/"148e21f812b555a13b2a9c6b616141f4"
age
71558
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Tue, 12 Jul 2022 05:12:59 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA2-C1
content-type
application/x-javascript
x-amz-cf-id
iX60-iNAhcr-oIhAnBrcg_rCOC5VbrlgdXBgQwsn9qUQRIeskBiRaw==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
etag
"Sy8yk7L2ihxjBP+YyKUKJg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 20 Jul 2022 01:05:37 GMT
getemails.js
s3-us-west-2.amazonaws.com/files.getemails.com/account/K97HRE0/source/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/files.getemails.com/account/K97HRE0/source/getemails.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.182.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		196 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DCR5CPLYCJ&l=dataLayer&cx=c
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a30ad4f20cc72ac8c00fa6da3153e6086abda21c4d6fc9486a337db542f0b84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71070
x-xss-protection
0
expires
Wed, 13 Jul 2022 01:05:36 GMT
appstore.svg
www.westernjournal.com/wp-content/plugins/wj-functionality/assets/images/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/plugins/wj-functionality/assets/images/appstore.svg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b119677aab360b1b7905cbc521eba617ec9429c3bff70cd00b9f6ccddcb3e026
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 24 Jun 2022 17:19:26 GMT
server
cloudflare
age
2237
etag
W/"62b5f21e-2a35"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=1800
strict-transport-security
max-age=2592000; includeSubDomains
cf-ray
729e1c7d8de09243-FRA
googleplay.png
www.westernjournal.com/wp-content/plugins/wj-functionality/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.westernjournal.com/wp-content/plugins/wj-functionality/assets/images/googleplay.png
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f3e38a262ae300f7e99e8ab0950ea6e67d7404331b374506bc0cd60e03e69cd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:36 GMT
vary
Accept
cf-cache-status
HIT
age
991
cf-polished
origFmt=png, origSize=16773
content-disposition
inline; filename="googleplay.webp"
content-length
8262
last-modified
Fri, 24 Jun 2022 17:19:25 GMT
server
cloudflare
etag
"62b5f21d-4185"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains
content-type
image/webp
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
729e1c7d8de39243-FRA
cf-bgj
imgq:100,h2pri
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7180
date
Tue, 12 Jul 2022 23:05:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 13 Jul 2022 01:05:57 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ea1dc07a8462adc1de680c13135b4e0365c1c6bb72ccce3f1899527618af0457
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
25940
x-xss-protection
0
pragma
public
x-fb-debug
5HnlWeJXXYtLDJcfW9HRxdWt9T1B9q6JDwLA0GMjNzBENGYpqtM7D0VIGxh8N53PybYHoU7FjlY/z0E+X4of2g==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 13 Jul 2022 01:05:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
user_visited_page
telemetries.jeeng.com/api/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.247.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.247.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 13 Jul 2022 01:05:37 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-powered-by
Express
skeleton.js
static.adsafeprotected.com/ 		17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age
12740854
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
MT5UpyPLpFaXceVeNbpo3F3J9XB1J15mVrwdi4CCU3nuBh6SBgwL-w==
user_visited_page
telemetries.jeeng.com/api/events/ 		15 B
30 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemetries.jeeng.com/api/events/user_visited_page
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.247.19 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
19.247.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
via
1.1 google
etag
W/"f-v/Y1JusChTxrQUzPtNAKycooOTA"
x-powered-by
Express
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
www-player.css
www.youtube.com/s/player/132602e8/ Frame 71B4 		339 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/132602e8/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b0e249726f2a27bc59bf1dcdc12552d04788cc18f045fdf93f4aa7843a7ac37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 20:17:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
17298
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47730
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 00:14:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 12 Jul 2023 20:17:19 GMT
www-embed-player.js
www.youtube.com/s/player/132602e8/www-embed-player.vflset/ Frame 71B4 		305 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/132602e8/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03ee0d6058a181a521f9a5930debdb8af46421a31c1cb355b338dee06c29cd6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 20:14:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
17479
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96623
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 00:14:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 12 Jul 2023 20:14:18 GMT
base.js
www.youtube.com/s/player/132602e8/player_ias.vflset/de_DE/ Frame 71B4 		2 MB
559 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/132602e8/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec50a99f783156f5e61173e6cdef676d1ced23ca1dc07c98ab84c1fe0e261b37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 22:35:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
95437
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
571849
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 00:14:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 11 Jul 2023 22:35:00 GMT
fetch-polyfill.js
www.youtube.com/s/player/132602e8/fetch-polyfill.vflset/ Frame 71B4 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/132602e8/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 20:51:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
15251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 00:14:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 12 Jul 2023 20:51:26 GMT
/
geoip.insticator.com/json/ 		245 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip.insticator.com/json/
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.30.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-30-173.compute-1.amazonaws.com
Software
/
Resource Hash
9e712925468c945fc143153b4bd2ed96dd6397b2115efbc0f40afa21c5e9536c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:37 GMT
access-control-allow-credentials
true
x-database-date
Tue, 12 Jul 2022 19:14:50 GMT
content-length
245
vary
Origin
content-type
application/json
9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
df80k0z3fi8zg.cloudfront.net/files/instibid/ 		332 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://df80k0z3fi8zg.cloudfront.net/files/instibid/9af198ff-22cf-4d4b-80d5-b58d0f23e539.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:2a00:10:3422:3f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
008a2141beeeaa12dd8fa27edf7f2ba2181ad709bbdebd578d76e9c4e27ecfb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
yWQARcbfOwxjOTM50lwdEphFbNNKH6qo
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 17:43:37 GMT
server
AmazonS3
age
77224
etag
W/"fdd038211286c88f8a3c1ff16837cafd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
date
Tue, 12 Jul 2022 03:38:34 GMT
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
rtWiCClcGFCQGwKjjLeSi_bJKm0AmmmhkiI27GU-bMf_yT-Qy3_GqA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/2912/ 		205 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/2912/pwt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1d9411a3eb3af20c314c2ee4bc617596a0347dc0eb50cfeb3c7a1cfb4e87c162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
last-modified
Wed, 01 Jun 2022 18:08:45 GMT
server
Apache
etag
"1121321-333aa-5e066c7b2affc"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=99493
accept-ranges
bytes
content-type
text/javascript
content-length
64106
expires
Thu, 14 Jul 2022 04:43:50 GMT
config.js
confiant-integrations.global.ssl.fastly.net/GkEkQif6INZKXAE-PNQESRSrDNk/gpt_and_prebid/ 		188 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/GkEkQif6INZKXAE-PNQESRSrDNk/gpt_and_prebid/config.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad2cb4bd02aa79aad7809661da0060a903f348a01796c0de08d479245eca6b62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:37 GMT
Content-Encoding
gzip
Age
1588
X-Cache
HIT
Connection
keep-alive
Content-Length
38556
x-amz-id-2
pBtCicToWlmzS9v9pn8D0oJ5ETI5cabOGv2NRCgQCQ8AC/dtNyDTSIpOgiOaZRQ8bgAswJAoHJU=
X-Served-By
cache-fra19130-FRA
Last-Modified
Tue, 12 Jul 2022 22:56:03 GMT
Server
AmazonS3
X-Timer
S1657674337.158249,VS0,VE1
ETag
"832831bd51a0f98d7b28119e4c01fb97"
x-amz-request-id
6V842XXZN04B7ZAS
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
1
pubads_impl_2022070701.js
securepubads.g.doubleclick.net/gpt/ 		374 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022070701.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
31918f5f4ce49eaa63265c0b72b9a22886ed6eb95081772a3fbc1a0151a6e63c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 23:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5749
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130611
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 08:36:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 12 Jul 2023 23:29:48 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		333 B
796 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.westernjournal.com
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
6249b2ddb95ef35ec44a9f9f5490b3ed9ebc3a0d7aca7f7c782f6995d0505178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
159
x-xss-protection
0
expires
Wed, 13 Jul 2022 01:05:37 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		761 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.westernjournal.com&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
de088236d4b4043c0ae5dfb65f856b1ed6c81bcfba89513d8c38d105a0e8a416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 20:53:23 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
server
Server
age
15134
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P6
content-length
761
x-amz-cf-id
Pb6v3UfswpzByinQssYiWWqRy7j5mf1Mz03mIkpub_xnHBKteOk21A==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&pid=lG2gO4CYA038W&cb=0&ws=1600x1200&v=8.1.0&t=1100&slots=%5B%7B%22sd%22%3A%22BB1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F101957818%2C22550773714%2FWesternJournal%2FWesternJournal_Commentary%2FWesternJournal_Commentary_Direct%2FWesternJournal_Commentary_Direct_BB1%22%7D%2C%7B%22sd%22%3A%22WP1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F101957818%2C22550773714%2FWesternJournal%2FWesternJournal_Commentary%2FWesternJournal_Commentary_Direct%2FWesternJournal_Commentary_Direct_WP1%22%7D%2C%7B%22sd%22%3A%22SB2%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F101957818%2C22550773714%2FWesternJournal%2FWesternJournal_Commentary%2FWesternJournal_Commentary_Direct%2FWesternJournal_Commentary_Direct_SB2%22%7D%5D&schain=1.0%2C1!fireflyengagement.com%2C2018001%2C1%2C%2C%2C&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
TQ1CH9M7XAPAW6RS47JY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
getJpv8mDNccGdStOPbYvyDZrUfHujZQQno_iBzUrwKxJ6ndRbFKfg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
62502
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 29 Jun 2022 23:14:57 GMT
server
AmazonS3
date
Tue, 12 Jul 2022 07:43:56 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 def5acc189db6e2856a956225d5cd100.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
2ohYtuRZug0rHfOLsCgEREb1onJNwCKX9PkYba3AeoIWgaaqCg4yUQ==
b
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=20480112&cs_it=b3&cv=3.8.0.210223&ns__t=1657674337037&ns_c=UTF-8&c7=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&c8=Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20in%20Federal%20Prison&c9=
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
NYPy0ltHpHfufVHlh_IDhAdhzjP31DWka5P5l48wz1JpE2NeaiBrDw==
x-cache
Miss from cloudfront
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 71B4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 17:06:41 GMT
x-content-type-options
nosniff
age
28736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 12 Jul 2023 17:06:41 GMT
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.11.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-11-137.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:37 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_pageview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.11.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-11-137.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin,content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.westernjournal.com
access-control-max-age
3600
content-length
0
date
Wed, 13 Jul 2022 01:05:37 GMT
vary
Origin
collect
region1.google-analytics.com/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DCR5CPLYCJ&gtm=2oe7b0&_p=1171272951&_z=ccd.v9B&cid=1760488950.1657674337&ul=en-us&sr=1600x1200&_s=1&sid=1657674337&sct=1&seg=0&dl=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&dt=Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20in%20Federal%20Prison&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DCR5CPLYCJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aax.js
c.aaxads.com/ 		542 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.aaxads.com/aax.js?pub=AAXBDSLO9&hst=www.westernjournal.com&ver=1.2
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-105-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4f0db91aa562bb034d9bad4e936daaaf1d559b7343a43c0242f7d0a84193da13
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Wed, 13 Jul 2022 01:05:37 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
expires
Wed, 13 Jul 2022 01:35:37 GMT
widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html
platform.twitter.com/widgets/ Frame 9261 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html?origin=https%3A%2F%2Fwww.westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6712) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
6513
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Jul 2022 01:05:37 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Mon, 11 Jul 2022 22:43:33 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6712)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		199 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 20:07:19 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=136286
accept-ranges
bytes
content-type
application/javascript
content-length
62062
expires
Thu, 14 Jul 2022 14:57:03 GMT
token
eua.instiengage.com/v1/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.212.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-212-134.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://auth.instiengage.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://auth.instiengage.com
access-control-max-age
3600
content-length
0
date
Wed, 13 Jul 2022 01:05:37 GMT
vary
Origin
token
eua.instiengage.com/v1/auth/ Frame BF6F 		864 B
1016 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eua.instiengage.com/v1/auth/token
Requested by
Host: auth.instiengage.com
URL: https://auth.instiengage.com/auth/authIframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.212.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-212-134.compute-1.amazonaws.com
Software
/
Resource Hash
40baa59a1995d9784f73502d4667f8ed4d3414c84a36bdf147ba85379d3cd6fc

Request headers

Referer
https://auth.instiengage.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://auth.instiengage.com
date
Wed, 13 Jul 2022 01:05:37 GMT
access-control-allow-credentials
true
content-length
864
vary
Origin
content-type
application/json
serve.js.php
trends.revcontent.com/ 		66 KB
67 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/serve.js.php?w=110583&t=rc_997&c=1657674336738&width=1600&site_url=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&referer=&skip_iab=true
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.242.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-242-12.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
bf014ac987da28da1644134f7e37adf6053af3224f6c264f187383b5d710ed3a
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:37 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/javascript; charset=utf-8
/
geo.privacymanager.io/ 		30 B
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-89.fra60.r.cloudfront.net
Software
/
Resource Hash
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:00 GMT
via
1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront), 1.1 4612dc3b414cf2057f542e94733d59bc.cloudfront.net (CloudFront)
age
37
x-amzn-requestid
5404de9d-c3d0-4f68-abaf-ed8f0056cafe
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ce1a3c-247860a15a2ceb073a8fe51a;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA60-P3
x-amz-apigw-id
VLkJiHXVDoEF8Hg=
content-length
30
x-amz-cf-id
PLUJv3UZjHmMbb0iTE6LYjQNhg1atbM5kxAVKo2Luqs_lFTMn8rpDw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
loader.js
static.instiengage.com/app-loader/static/
Redirect Chain
  • https://comment.instiengage.com/live/loader/loader.js
  • https://static.instiengage.com/app-loader/static/loader.js
126 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.instiengage.com/app-loader/static/loader.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Server
2600:9000:225e:b200:17:5bae:c7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fcda8e056167509b7f01d30d2a82a4397735b3cdd673dfd489c6fea141b312e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
.SpcaR1ebHND8LOupYEc9dguUVudPFBv
content-encoding
br
last-modified
Wed, 29 Jun 2022 10:49:19 GMT
server
AmazonS3
age
38
etag
W/"2c5f23b90f2729048187bb49ea4fc476"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
cache-control
max-age=60
date
Wed, 13 Jul 2022 01:05:00 GMT
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
3d61inXGuR8ddXbOVLU3ryI_9ygMHkllHsAKNMcPY31HUhHSJ35CWw==

Redirect headers

date
Wed, 13 Jul 2022 01:05:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://static.instiengage.com/app-loader/static/loader.js
cache-control
max-age=3600
cf-ray
729e1c801b879b55-FRA
expires
Wed, 13 Jul 2022 02:05:37 GMT
rules-p-kZpd2WPpvPttS.js
rules.quantcount.com/ 		2 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-kZpd2WPpvPttS.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 00:33:23 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
server
AmazonS3
age
1934
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P2
content-length
2
x-amz-cf-id
-OszAty9WXWLA9yAZm_zk5Pt4gAlrVOXv2e0P1EpD5E4LObiKuS4wg==
1897937520432117
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1897937520432117?v=2.9.64&r=stable
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba47c6f03faab24c82885daf886dd14e613761a53105607a620f6b50d391e0e7
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ZBC/5/UKmuThOVmOxS6I4gDxV63SLKMU7nCjoZxE1vRDDCcBqXgYBSLceGnjJ1saD5gwymhXxbio0wjFwfZwJw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 13 Jul 2022 01:05:38 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1657674338003
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 00:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 13 Jul 2022 01:39:13 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 13 Jul 2022 01:05:36 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1164
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.westernjournal.com%2F&domain=www.westernjournal.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ZhK6G3x2bjBCVnI1ZitzVG1CUDhrWWNONythUy83clV1SU5Ca1pzaHVJNTBSK1lUUndSdmcrbURMck1nWkRtb0tMcmc0TUxuY1VBaGVOTWpUaUZYRVZwejNwYVhoY1dPSFZrQis5aGcxOUxXNW5OT1hSWmlBem9hanRabT...
350 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ZhK6G3x2bjBCVnI1ZitzVG1CUDhrWWNONythUy83clV1SU5Ca1pzaHVJNTBSK1lUUndSdmcrbURMck1nWkRtb0tMcmc0TUxuY1VBaGVOTWpUaUZYRVZwejNwYVhoY1dPSFZrQis5aGcxOUxXNW5OT1hSWmlBem9hanRabTdvWW9UbkZ3T3dqZzZBZUk4RmxrVkw3cyt0SFp1TkM3d3hWSXhjVzV6SjYvT3VBeVNpS3NScGR5ZldmSzV3VzJSRHgvQU5oYzh3T0dFOWhTdVhQaHR1RC81NjdSRmRoeGkzL050UXFHb3dYclFKRzE0Q2FNb1I4bGlDc0tyWnZ2SFB0SjZDdkJofA&cppv=2
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
606e14865f687929a23c8f7329e3553a6536bc84ed6589059eeb2a127a45610e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2989
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:36 GMT
location
https://mug.criteo.com/sid?cpp=ZhK6G3x2bjBCVnI1ZitzVG1CUDhrWWNONythUy83clV1SU5Ca1pzaHVJNTBSK1lUUndSdmcrbURMck1nWkRtb0tMcmc0TUxuY1VBaGVOTWpUaUZYRVZwejNwYVhoY1dPSFZrQis5aGcxOUxXNW5OT1hSWmlBem9hanRabTdvWW9UbkZ3T3dqZzZBZUk4RmxrVkw3cyt0SFp1TkM3d3hWSXhjVzV6SjYvT3VBeVNpS3NScGR5ZldmSzV3VzJSRHgvQU5oYzh3T0dFOWhTdVhQaHR1RC81NjdSRmRoeGkzL050UXFHb3dYclFKRzE0Q2FNb1I4bGlDc0tyWnZ2SFB0SjZDdkJofA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3377
content-length
509
expires
0
tag.min.js
get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-123.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
MzFJp_hCplumN12v7na.JL4ToSqQ7M.M
content-encoding
gzip
last-modified
Mon, 30 May 2022 15:16:46 GMT
server
AmazonS3
age
66186
etag
W/"32357f1c0de69779f4fedf3aeb29d83e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 474733f16f494ddb794b4f7dfd7de966.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Tue, 12 Jul 2022 06:42:32 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
8m8S8Tw1SYAhm7uj0zLqYjzQ0Qhqy7PDUQ_zce9dtkn2p0CzCJdn-g==
insticator
insticator.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_6.15.0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.41.106 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:37 GMT
server
nginx
openrtb
ex.ingage.tech/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://www.westernjournal.com
access-control-max-age
3600
cf-cache-status
DYNAMIC
cf-ray
729e1c80cabe6909-FRA
content-length
0
date
Wed, 13 Jul 2022 01:05:37 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin, Access-Control-Request-Headers
mvo
tag.1rx.io/rmp/213163/0/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/213163/0/mvo?z=1r&hbv=6.15,2.1
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Beverwijk, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
pragma
no-cache
date
Wed, 13 Jul 2022 01:05:37 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aleOzs7Kyr7ioGrkHcnlxd
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0444c9ff63443b03ecfd54c4c68d046803ea86ad281f2cc120ea30958950bb91

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=asRWdk7Kyr7ioGrkHcnlxd
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0444c9ff63443b03ecfd54c4c68d046803ea86ad281f2cc120ea30958950bb91

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aBPa4O7Kyr7ioGrkHcnlxd
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0444c9ff63443b03ecfd54c4c68d046803ea86ad281f2cc120ea30958950bb91

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aISzFq7Kyr7ioGrkHcnlxd
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0444c9ff63443b03ecfd54c4c68d046803ea86ad281f2cc120ea30958950bb91

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
c
prebid.a-mo.net/a/ 		0
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:36 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
89
vary
origin, Accept-Encoding
imp
g2.gumgum.com/hbid/ 		492 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1657674337349&to=0&aun=div-insticator-ad-cmt-1&gpid=westernjournal.com-div-insticator-ad-cmt-1&maxw=300&maxh=250&si=308808&pi=3&bf=300x250&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.15.0%22%7D&ogu=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&ns=10240
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-153-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0e55ecef515bcf3f1eed39090d481913aa7e27d104f5fd967a92048c2e7ab7c0

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		492 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1657674337350&to=0&aun=div-insticator-ad-cmt-2&gpid=westernjournal.com-div-insticator-ad-cmt-2&maxw=300&maxh=250&si=308809&pi=3&bf=300x250&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.15.0%22%7D&ogu=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&ns=10240
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-153-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b69b721689b44cdc508f67ce808a683ef65851d71ee4b376f0e91044504b1410

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		492 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1657674337350&to=0&aun=div-insticator-ad-cmt-3&gpid=westernjournal.com-div-insticator-ad-cmt-3&maxw=300&maxh=250&si=308810&pi=3&bf=300x250&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.15.0%22%7D&ogu=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&ns=10240
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-153-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3007badc4c359017dcf5ec36f629816437f3522755803670c551d343c9d14278

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		492 B
877 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1657674337350&to=0&aun=div-insticator-ad-cmt-4&gpid=westernjournal.com-div-insticator-ad-cmt-4&maxw=300&maxh=250&si=308811&pi=3&bf=300x250&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.15.0%22%7D&ogu=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&ns=10240
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.153.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-153-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcd5aff72dd62d42bc1b7dae6dccb1b2d10a3e8ef70d4f6ffe4339a49ab7de46

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
insticator
insticator.technoratimedia.com/openrtb/bids/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator.technoratimedia.com/openrtb/bids/insticator?src=prebid_prebid_6.15.0
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
132.226.41.106 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
864223007
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
header
hb.aralego.com/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A294B4487796AD9C6D8A3E844922B3&tdid=&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C%2C%2C&eids=&host=www.westernjournal.com&u=https%3A%2F%2Fwww.westernjournal.com&xr=0&ucfUid=4414fa6c-daa7-4048-ae6f-98c7a3536eb3&w=300&h=250
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.westernjournal.com
Date
Wed, 13 Jul 2022 01:05:37 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A294B4487796AD9C6D8A3E844922B3&tdid=&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C%2C%2C&eids=&host=www.westernjournal.com&u=https%3A%2F%2Fwww.westernjournal.com&xr=0&ucfUid=4414fa6c-daa7-4048-ae6f-98c7a3536eb3&w=300&h=250
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.westernjournal.com
Date
Wed, 13 Jul 2022 01:05:37 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A294B4487796AD9C6D8A3E844922B3&tdid=&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C%2C%2C&eids=&host=www.westernjournal.com&u=https%3A%2F%2Fwww.westernjournal.com&xr=0&ucfUid=4414fa6c-daa7-4048-ae6f-98c7a3536eb3&w=300&h=250
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.westernjournal.com
Date
Wed, 13 Jul 2022 01:05:37 GMT
Access-Control-Allow-Credentials
true
Connection
close
header
hb.aralego.com/ 		0
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A294B4487796AD9C6D8A3E844922B3&tdid=&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C%2C%2C&eids=&host=www.westernjournal.com&u=https%3A%2F%2Fwww.westernjournal.com&xr=0&ucfUid=4414fa6c-daa7-4048-ae6f-98c7a3536eb3&w=300&h=250
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.115.117.82 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.westernjournal.com
Date
Wed, 13 Jul 2022 01:05:37 GMT
Access-Control-Allow-Credentials
true
Connection
close
/
hb.emxdgt.com/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1657674337360&src=pbjs
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.42.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-42-191.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
arj
insticator-d.openx.net/w/1.0/ 		73 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2ee6b482-f51d-4478-a984-5a510af659c4%2Cb9bdd953-780c-477b-b1a7-3dd7efecb247%2Cae5b8206-c86c-45c7-8709-76a90dfc77f9%2Cb5e64833-7d01-416f-980e-6cfbd5352f59&nocache=1657674337361&pubcid=261152e7-ead3-4762-a76d-683d775c6fde&schain=1.0%2C1!insticator.com%2C7afb724c-10ef-44e8-8817-eb6f9a5668db%2C1%2C%2C%2C&aus=300x250%7C300x250%7C300x250%7C300x250&divids=div-insticator-ad-cmt-1%2Cdiv-insticator-ad-cmt-2%2Cdiv-insticator-ad-cmt-3%2Cdiv-insticator-ad-cmt-4&aucs=westernjournal.com-div-insticator-ad-cmt-1%2Cwesternjournal.com-div-insticator-ad-cmt-2%2Cwesternjournal.com-div-insticator-ad-cmt-3%2Cwesternjournal.com-div-insticator-ad-cmt-4&auid=545638243%2C545638243%2C545638243%2C545638243
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
04d771c31aa24781903095a150ed529e5504cdfb33154e4c36e7af7f1706484f

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.westernjournal.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		495 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8f9aa8f97529c4bb9b13334e1cf1794392d37859664e5ae5225a1056ee4a71d9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 01:05:37 GMT
X-Proxy-Origin
178.162.209.134; 178.162.209.134; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ce013074-5c73-4d81-b3f9-1471c5eab1ef
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.westernjournal.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
495
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		648 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=155412&zone_id=739730%3B739732%3B739734%3B2469380&size_id=15&rp_schain=1.0,1!insticator.com,7afb724c-10ef-44e8-8817-eb6f9a5668db,1,,,&rf=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&tg_i.pbadslot=westernjournal.com-div-insticator-ad-cmt-1%3Bwesternjournal.com-div-insticator-ad-cmt-2%3Bwesternjournal.com-div-insticator-ad-cmt-3%3Bwesternjournal.com-div-insticator-ad-cmt-4&tk_flint=pbjs_lite_v6.15.0&x_source.tid=d8592645-0c8b-48ee-a66f-28751a4b2412%3Be51faf3c-a4ea-438b-8df0-e53a4ddf52c4%3Bd06b1484-177a-455f-9252-32617d7381fc%3B4df14e11-58df-4e49-be2f-23d86914d910&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=westernjournal.com-div-insticator-ad-cmt-1%3Bwesternjournal.com-div-insticator-ad-cmt-2%3Bwesternjournal.com-div-insticator-ad-cmt-3%3Bwesternjournal.com-div-insticator-ad-cmt-4&slots=4&rand=0.04395194586403517
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
156b29047c1b5c585cc523f92a711d29592b95f0e5fc44da6054b409c79a160e

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 01:05:37 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.westernjournal.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
648
Expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		157 B
872 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%225755764e2fbf405%22%3A%22c2e260cfe351e337fda0%7C300x250%7Cgpid%3Dwesternjournal.com-div-insticator-ad-cmt-1%22%2C%2258ffa32a0dac166%22%3A%22ed20059b2775a9921552%7C300x250%7Cgpid%3Dwesternjournal.com-div-insticator-ad-cmt-2%22%2C%2259d3ab62f2fca7%22%3A%22af6f1db0bef4da9f6f7f%7C300x250%7Cgpid%3Dwesternjournal.com-div-insticator-ad-cmt-3%22%2C%2260ce36d9c47d0e1%22%3A%22aa7d27ad7bdb63242ebd%7C300x250%7Cgpid%3Dwesternjournal.com-div-insticator-ad-cmt-4%22%7D&ref=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&s=292035c1-abf4-4759-8319-c2dcecdc7405&pv=006ee969-6f4a-4989-b3c7-eb2f7109bbd2&vp=desktop&lib_name=prebid&lib_v=6.15.0&us=50&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%227afb724c-10ef-44e8-8817-eb6f9a5668db%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
05007a28c1f595706be49465c711c266f541b14c439649ae50827939ef89e47f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 01:05:37 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-ams-1-7-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.westernjournal.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
143
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		24 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.15.0
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c884ce7741018e5a3dbf12931bd21a5d193d33e9b0cf0dca6c26015e9682239c

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 13 Jul 2022 01:05:37 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.westernjournal.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
openrtb
ex.ingage.tech/v1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/openrtb
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0826a567358fabac283ceabe269b52803af8fba17258201e7ac27f984cd84eaf

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
cf-ray
729e1c81990d90af-FRA
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&pid=lG2gO4CYA038W&cb=1&ws=1600x1200&v=8.1.0&t=3000&slots=%5B%7B%22sd%22%3A%22div-insticator-ad-cmt-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22gpid%22%3A%22westernjournal.com-div-insticator-ad-cmt-1%22%7D%2C%22sn%22%3A%22%2F2507246%2Fwesternjournal.com_Web_300x250_cmt_1%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22gpid%22%3A%22westernjournal.com-div-insticator-ad-cmt-2%22%7D%2C%22sn%22%3A%22%2F2507246%2Fwesternjournal.com_Web_300x250_cmt_2%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22gpid%22%3A%22westernjournal.com-div-insticator-ad-cmt-3%22%7D%2C%22sn%22%3A%22%2F2507246%2Fwesternjournal.com_Web_300x250_cmt_3%22%7D%2C%7B%22sd%22%3A%22div-insticator-ad-cmt-4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22kv%22%3A%7B%22gpid%22%3A%22westernjournal.com-div-insticator-ad-cmt-4%22%7D%2C%22sn%22%3A%22%2F2507246%2Fwesternjournal.com_Web_300x250_cmt_4%22%7D%5D&schain=1.0%2C1!fireflyengagement.com%2C2018001%2C1%2C%2C%2C&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
JG5YGH53393HS5AG9K09
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
8eVSLe7CnrXYoMZLe6rlhf5_MsZJuHQSYVAQYFIJJg0l7XrgUNGh5A==
wrap.js
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202207111600/ 		201 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202207111600/wrap.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d17951bdbedb4a41de7096672e19975764cb935918b2217d4aade5249cd1955f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:37 GMT
Content-Encoding
gzip
Age
646
X-Cache
HIT
Connection
keep-alive
Content-Length
65803
x-amz-id-2
EPMGtOdzvtAd3BeCzo8nC+jr1SEp66jGxes0nQI0LDVhMYIqozb2nnZI1QeAzkyw10lXJPbFVjk=
X-Served-By
cache-fra19130-FRA
Last-Modified
Mon, 11 Jul 2022 20:01:16 GMT
Server
AmazonS3
X-Timer
S1657674337.395301,VS0,VE0
ETag
"5bec7aa3dd6297a36e316e8422c3ca0c"
x-amz-request-id
3CP30GQABV2XHDCW
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
415
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/169822/ Frame A7BB 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/169822/hls.5b3b785f487abbe00eee.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
br
last-modified
Tue, 12 Jul 2022 13:26:40 GMT
age
41637
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
player.css
cds.connatix.com/p/169822/ 		58 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/169822/player.css
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b40f0d5cfa95c272e1a5a6c2ad7b9089ad07d3e938ea0f9f0693ab7f6a175e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
br
last-modified
Tue, 12 Jul 2022 13:26:40 GMT
age
41636
etag
"b07e9f868d1c559a08538d3b52f384bc"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8890
rev2.min.css
cdn.revcontent.com/build/css/ 		83 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.revcontent.com/build/css/rev2.min.css?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 18:42:26 GMT
etag
"1656528146"
x-hw
1657674337.cds206.fr8.hn,1657674337.cds286.fr8.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=37447
accept-ranges
bytes
content-length
23124
rev2.min.js
cdn.revcontent.com/build/js/ 		280 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.revcontent.com/build/js/rev2.min.js?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
last-modified
Wed, 29 Jun 2022 18:42:26 GMT
etag
"1656528146"
x-hw
1657674337.cds206.fr8.hn,1657674337.cds267.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=10866
accept-ranges
bytes
content-length
85555
A-60B151DA8288234CC8284E80-3.js
s3.amazonaws.com/js.revcontent.com/p0/js/ 		696 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/js.revcontent.com/p0/js/A-60B151DA8288234CC8284E80-3.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.64.238 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
baa99b9df6f0df51a1adfb1a17a9b033b0c4f0d01254f790f9a867750d675e33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:38 GMT
Last-Modified
Fri, 17 Jun 2022 15:33:10 GMT
Server
AmazonS3
x-amz-request-id
T1HZ3RH4VD7WCY20
ETag
"a028cabf1b5589693f8d90fe648b5571"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
696
x-amz-id-2
pIfcgcFaGUBgzQJlyInJQPS7/2w7ar+wWU/YT3xnN02JFJbQV3TSxU2uSzRwu+KH9PlV/Q6BtRM=
settings
syndication.twitter.com/ Frame 9261 		580 B
540 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=16127b746a1d92260c65e37bd12fbe4d26c17496
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html?origin=https%3A%2F%2Fwww.westernjournal.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time
113
date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 01:05:37 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
a4e4e01b3b9352a9f072433ba146b72c3ede9de96e54e2e796c6052f2119263b
content-length
260
/
img.revcontent.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
last-modified
Thu, 02 Jun 2022 15:22:42 GMT
etag
"1654183362"
x-hw
1657674337.cds241.fr8.hn,1657674337.cds260.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1351
8fb16b48e880ef44dc24c6e3f8df3b3a.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/8fb16b48e880ef44dc24c6e3f8df3b3a.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
c6d69c7a48ae8edf4aee8b1764b67d75fedc77768e5b8826e8f4a3b014fc83f3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="8fb16b48e880ef44dc24c6e3f8df3b3a.webp"
server-timing
fastly;dur=485;cpu=0;start=2022-04-04T17:19:13.509Z;desc=miss,rtt;dur=0,cloudinary;dur=393;start=2022-04-04T17:19:13.556Z,cld-id;desc=aad02faa97dd59d718a56ddfc0625af9
content-length
20624
x-request-id
aad02faa97dd59d718a56ddfc0625af9
last-modified
Mon, 04 Apr 2022 17:11:35 GMT
server
Cloudinary
etag
"5e40a84dc65715114a63abf89fe49d0e"
vary
Accept
x-hw
1657674337.cds284.fr8.hn,1657674337.cds122.fr8.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
6eac1517612dc8c67c269d5dab9f53d4.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/6eac1517612dc8c67c269d5dab9f53d4.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
dd0d71596405c871776ff22e82930d3fa8ecb4fac40af79f967c5bd769e80d60
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="6eac1517612dc8c67c269d5dab9f53d4.webp"
server-timing
fastly;dur=2;cpu=1;start=2021-10-11T04:42:18.635Z;desc=hit,rtt;dur=0
content-length
16928
x-request-id
32948859b2d97cf9be134a2ff7aac9c9
last-modified
Mon, 27 Sep 2021 17:16:07 GMT
server
Cloudinary
etag
"3bf819beb0cc0fb86003de1de47d3c82"
vary
Accept
x-hw
1657674337.cds284.fr8.hn,1657674337.cds279.fr8.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
56ec5cc3cbad85b65b66ae45bb17d1f9.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/56ec5cc3cbad85b65b66ae45bb17d1f9.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
6cde8eacbf02c1f169c0fcab495b5c9e4350699ee2a2b576bbcbb3cfd5dcfa2b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
content-disposition
inline; filename="56ec5cc3cbad85b65b66ae45bb17d1f9.webp"
server-timing
fastly;dur=2;cpu=1;start=2022-06-06T16:26:40.312Z;desc=hit,rtt;dur=0
content-length
8510
x-request-id
967bda15891276462d192814cf9fd016
last-modified
Mon, 06 Jun 2022 16:03:04 GMT
server
Cloudinary
etag
"73eeff321d734ed7c07d32b98ec584bc"
vary
Accept
x-hw
1657674337.cds284.fr8.hn,1657674337.cds204.fr8.c
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		167 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2547146673214161&correlator=2193064320236454&eid=31068431%2C31068435&output=ldjh&gdfp_req=1&vrg=2022070701&ptt=17&impl=fifs&iu_parts=101957818%3A22550773714%2CWesternJournal%2CWesternJournal_Commentary%2CWesternJournal_Commentary_Direct%2CWesternJournal_Commentary_Direct_BB1%2CWesternJournal_Commentary_Direct_WP1%2CWesternJournal_Commentary_Direct_SB2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6&prev_iu_szs=728x90%7C970x250%7C970x90%2C1x1%2C300x600%7C300x250%7C1x1&ifi=1&adks=3610299459%2C636827648%2C109305028&sfv=1-0-38&ecs=20220713&fsapi=false&prev_scp=ad_h%3D1%26amznbid%3D2%26amznp%3D2%7Cad_h%3D1%26amznbid%3D2%26amznp%3D2%7Cad_h%3D1%26amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_pb_appnexus%3D0.02%26hb_adid_appnexus%3D200e8c61bc9cbcb%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D200e8c61bc9cbcb%26hb_bidder%3Dappnexus&eri=1&cust_params=ADRIZER_DEST%3De91c5d946173b42429a142158dee2b40%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dchild%2520abuse%252Cchildren%252Ccrime%252CDemocrats%252Centertainment%252CHollywood%252CJoe%2520Biden%252Cliberal%2520media%252Cmedia%2520bias%252CUS%2520news%26Category%3DCommentary%26URL%3D%252Fbiden-ally-sexually-assaulted-boy-publi%26GoogleCompliant%3Dtrue%26ip%3D0%26he%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1657674337652&lmt=1657587039&dlt=1657674336436&idt=961&adxs=315%2C-12245933%2C1066&adys=310%2C-12245933%2C1235&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&frm=20&vis=1&psz=1168x268%7C64x19%7C336x18&msz=970x-1%7C0x-1%7C336x0&fws=0%2C128%2C0&ohw=0%2C0%2C0&ga_vid=1760488950.1657674337&ga_sid=1657674338&ga_hid=1171272951&ga_fc=true
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
33761bb1ade29cbf8f1594c9f401a864a2c613eed5c34001caae3a1a89b6a335
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46452
x-xss-protection
0
google-lineitem-id
-1,-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0EFC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 01:05:37 GMT
expires
Thu, 13 Jul 2023 01:05:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
id
googleads.g.doubleclick.net/pagead/ Frame 71B4
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
28f85c5b831f10218b2b3c98bf1c93b22e7d811e014a840d95352cf91517f93c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 13 Jul 2022 01:05:37 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 71B4 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/132602e8/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 00:54:29 GMT
x-content-type-options
nosniff
age
668
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Jul 2022 01:09:29 GMT
pls
capi.connatix.com/core/ Frame A7BB 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=169822&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
10540766b1bbad52951a6e8bb9622b6ca26f65b6887a6b90dfcb5d50a816ed4f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.westernjournal.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
5259
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 13 Jul 2022 01:05:37 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 71B4 		64 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/132602e8/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6729ca74176ae149d3bab418d21f23734fececde18b7c5814f63eaae4f2a2a91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30222
x-xss-protection
0
remote.js
www.youtube.com/s/player/132602e8/player_ias.vflset/de_DE/ Frame 71B4 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/132602e8/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/132602e8/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b0507cd61d838109c9a2e4462a6e8ebf02200cf496b89542e4080531bfe272e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 22:35:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
95437
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37778
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 00:14:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 11 Jul 2023 22:35:00 GMT
9HpepxYYeSPyIh4NV1uMWmjqYU5C3nW55m8c9oTsMhI.js
www.google.com/js/th/ Frame 71B4 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/9HpepxYYeSPyIh4NV1uMWmjqYU5C3nW55m8c9oTsMhI.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/132602e8/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f47a5ea716187923f2221e0d575b8c5a68ea614e42de75b9e66f1cf684ec3212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 17:01:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
29042
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13791
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Jul 2023 17:01:35 GMT
embed.js
www.youtube.com/s/player/132602e8/player_ias.vflset/de_DE/ Frame 71B4 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/132602e8/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/132602e8/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96f5e38b428206dfaba85e7688fa9df0264f3bef72de39996b9446d06e4f8de7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 22:35:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
95437
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8103
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 00:14:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 11 Jul 2023 22:35:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ZhK6G3x2bjBCVnI1ZitzVG1CUDhrWWNONythUy83clV1SU5Ca1pzaHVJNTBSK1lUUndSdmcrbURMck1nWkRtb0tMcmc0TUxuY1VBaGVOTWpUaUZYRVZwejNwYVhoY1dPSFZrQis5aGcxOUxXNW5OT1hSWmlBem9hanRabTdvWW9UbkZ3T3dqZzZBZUk4RmxrVkw3cyt0SFp1TkM3d3hWSXhjVzV6SjYvT3VBeVNpS3NScGR5ZldmSzV3VzJSRHgvQU5oYzh3T0dFOWhTdVhQaHR1RC81NjdSRmRoeGkzL050UXFHb3dYclFKRzE0Q2FNb1I4bGlDc0tyWnZ2SFB0SjZDdkJofA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 13 Jul 2022 01:05:37 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1107
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel;r=884946736;rf=0;a=p-kZpd2WPpvPttS;url=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F;uh=2b2e810c2650318ae57ec03...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=884946736;rf=0;a=p-kZpd2WPpvPttS;url=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F;uh=2b2e810c2650318ae57ec03ce144a48b3c391eec5f4ba97535f7b2f3fafd1234;uht=0;fpan=1;fpa=P0-1884904088-1657674337764;pbc=261152e7-ead3-4762-a76d-683d775c6fde;ns=0;ce=1;qjs=1;qv=623fd1d5-20220628170050;cm=;gdpr=0;ref=;d=westernjournal.com;dst=0;et=1657674337764;tzo=0;ogl=locale.en_US%2Ctype.article%2Ctitle.Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20i%2Cdescription.It%20sure%20seems%20as%20if%20a%20lot%20of%20big%20name%20supporters%20of%20Democrats%20turn%20out%20to%20be%20loa%2Curl.https%3A%2F%2Fwww%252Ewesternjournal%252Ecom%2Fbiden-ally-sexually-assaulted-boy-public-bathroom%2Csite_name.The%20Western%20Journal%2Cimage.https%3A%2F%2Fwww%252Ewesternjournal%252Ecom%2Fwp-content%2Fuploads%2F2022%2F07%2FHarris_Biden-1%252Ejpg%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fjpeg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
trends.revcontent.com/api/demand/ 		52 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=144909
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.242.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-242-12.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:37 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ 		0
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.242.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-242-12.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:37 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
pxusr.gif
c.aaxads.com/ 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.aaxads.com/pxusr.gif
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-105-214.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
last-modified
Mon, 26 Feb 2018 13:29:58 GMT
server
Apache
strict-transport-security
max-age=604800
content-type
image/gif
cache-control
max-age=1085737
accept-ranges
bytes
content-length
43
expires
Mon, 25 Jul 2022 14:41:14 GMT
pxext.gif
www.aaxdetect.com/ 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.aaxdetect.com/pxext.gif
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.70.118 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-70-118.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:38 GMT
Last-Modified
Mon, 26 Feb 2018 13:29:58 GMT
Server
Apache
Content-Type
image/gif
Cache-Control
max-age=931214
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sat, 23 Jul 2022 19:45:52 GMT
truncated
/ Frame 71B4 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
AKedOLSnNNMuwbyE3clXn8FvKiZfBDRxwOe30WNK0DWS=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 71B4 		526 B
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLSnNNMuwbyE3clXn8FvKiZfBDRxwOe30WNK0DWS=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
b55c383d8792f8a454d05f9b72abdb30b6bcb17324ac6d4b4f425e1cd816dfe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
526
x-xss-protection
0
server
fife
etag
"v2b"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 08 Jul 2022 02:13:40 GMT
sddefault.webp
i.ytimg.com/vi_webp/7nses9-w5BU/ Frame 71B4 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/7nses9-w5BU/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8ce173508dbc458eb9b33adf58feb3cb6d87d38360d07807573757d6e8e818f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12502
x-xss-protection
0
server
sffe
etag
"1600380775"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 13 Jul 2022 03:05:37 GMT
getContentIdByUrl
comment.instiengage.com/live/comments/api/comments/ 		79 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://comment.instiengage.com/live/comments/api/comments/getContentIdByUrl?integrationId=9af198ff-22cf-4d4b-80d5-b58d0f23e539&pageUrl=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&pageTitle=Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20in%20Federal%20Prison&extPageId=3086439&imageUrl=https://www.westernjournal.com/wp-content/uploads/2022/07/Harris_Biden-1.jpg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:49cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1076fec1fc07913955e0071439d8bfac2230ede302f5e0c2a87dc5a2ee0094de
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
requestid
0a313624-3019-4bf6-adcb-4937592507a2
vary
Origin, Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
strict-transport-security
max-age=15724800; includeSubDomains
cf-ray
729e1c83eb27925f-FRA
insights.bin
ins.connatix.com/5aafac13-13eb-4a3b-9275-db38f5d77b98/3/ Frame A7BB 		128 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/5aafac13-13eb-4a3b-9275-db38f5d77b98/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
38d1103f2c4788d2c5f7ee38e3cfdc63afe90414bafa4897d530e330d044e41c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Sun, 10 Jul 2022 20:23:14 GMT
age
186751
etag
"f79ea137df0bc9f88d55591894132fad"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
130
insights.bin
ins.connatix.com/7bac74e9-1589-4ea1-bc52-0a4c90e20291/3/ Frame A7BB 		137 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/7bac74e9-1589-4ea1-bc52-0a4c90e20291/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e77e99eec4f461a654e03f12d87ac1d866c8f9a8f687f7d1c8cc4607b029a7ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 23:49:01 GMT
age
128
etag
"b2be6ca34ee0486effebab365932f468"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
136
insights.bin
ins.connatix.com/021a8bb5-5c3d-4f6b-8a5c-f8a9e6cc52c2/3/ Frame A7BB 		137 B
220 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/021a8bb5-5c3d-4f6b-8a5c-f8a9e6cc52c2/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1ff35db3b3b2ba19e2dbeaec4e1e1f94acb08726383f0d80103963dbcfc765db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 23:08:45 GMT
age
128
etag
"b513e8c1de99c0e377104880b99167f5"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
135
insights.bin
ins.connatix.com/8ae90d42-f3de-4504-bc53-232a1a53fe20/3/ Frame A7BB 		101 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/8ae90d42-f3de-4504-bc53-232a1a53fe20/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4482bfdb834a0b2836c83b9d8a1a56ecb94777a6d2d65d633f2b024275f4f17e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 23:14:19 GMT
age
6511
etag
"bf7a85cf362f65902e8700e1b05b0a0e"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
118
insights.bin
ins.connatix.com/7e400300-2612-45d9-8191-7bc3daa9dc7e/3/ Frame A7BB 		56 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/7e400300-2612-45d9-8191-7bc3daa9dc7e/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dc53ba77b5154bb55c05f7cbf18390c3ce558071c9022435472a8bc76415c4b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 23:02:59 GMT
age
7113
etag
"52bbb490d18c8f46dde9b532209d6fc9"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
75
insights.bin
ins.connatix.com/847a173e-2b53-4d42-b8c5-64790b9c9679/3/ Frame A7BB 		137 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/847a173e-2b53-4d42-b8c5-64790b9c9679/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5fc46f0a723b90c2c3f8aa4e032dea2a34498a7516c66dcfae9f6127ea90bbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 22:46:01 GMT
age
8137
etag
"aabae2922556cf743ef50b481ff33f69"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
138
insights.bin
ins.connatix.com/e6806bf7-96b9-4abf-a987-d121c007276b/4/ Frame A7BB 		101 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/e6806bf7-96b9-4abf-a987-d121c007276b/4/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8be0248a81b09e34a7202feb370ea72f0d17c1cfb4fc87ebac34830b95a68239

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 22:31:50 GMT
age
7113
etag
"9b411b28ab0a725a1d2194677f0eb0a7"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
117
insights.bin
ins.connatix.com/c5fae68f-120d-4931-9365-c3e63431c3d1/3/ Frame A7BB 		245 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/c5fae68f-120d-4931-9365-c3e63431c3d1/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa580658e40e1b4dd3bf58da4644916a3405150d40ca0438e3c922af10ab3853

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 21:48:59 GMT
age
7113
etag
"3d4ed46244579d73ffc669b138131869"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
196
insights.bin
ins.connatix.com/d0d52577-7651-4f4f-b405-7f2c2e55d453/3/ Frame A7BB 		209 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/d0d52577-7651-4f4f-b405-7f2c2e55d453/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8d218f9140e46d9a91f10957e675c47906ce225dbb6e1104dba7f37598d8525d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 21:17:56 GMT
age
7113
etag
"db784980f4a959829c16fdec37ac1ac6"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
163
insights.bin
ins.connatix.com/9dcf3a23-2395-48fe-b9e2-7182f224704a/3/ Frame A7BB 		65 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/9dcf3a23-2395-48fe-b9e2-7182f224704a/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4bb4a958acffca92fc44fc11e00d2d8691bb909f24a0e0765043a132322c1e78

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 20:35:42 GMT
age
14405
etag
"bf82639e81bade6110607f106c2b766e"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
78
insights.bin
ins.connatix.com/ca08cf35-498e-40ca-83a7-7ddcef811aa2/3/ Frame A7BB 		128 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/ca08cf35-498e-40ca-83a7-7ddcef811aa2/3/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5184ebd3fae7aa4e0e754bc975aa1ff06db65f25581c8aaca0077913636d40e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 19:19:39 GMT
age
14404
etag
"21ba10a5ae0257aae05e6341082123f6"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
128
sr
capi-tier-2-us-east-2.connatix.com/tr/ Frame A7BB 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=169822&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.190.5.232 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-190-5-232.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
analytics.js
s.srvsynd.com/2/234175/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=www.westernjournal.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=101514&ti=x1522150385676398632657424547840&de=2&to=3&pv=de5b96be-07f7-4003-9e05-ae211655f715
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e94be7829f08ffaff364aa8974af5db3f6d4c2bd2339454547d9ed15aa7752d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 01:05:38 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2817
Expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
748a6624278596f8a29df383fa1b711cc1108820c608661411b01c7e5e239615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28014
x-xss-protection
0
server
sffe
etag
"1272 / 504 of 1000 / last-modified: 1657663633"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Jul 2022 01:05:37 GMT
3_media.bin
vid.connatix.com/pid-1eba740d-7077-438a-9d6f-8a848d60672b/5aafac13-13eb-4a3b-9275-db38f5d77b98/ Frame A7BB 		393 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-1eba740d-7077-438a-9d6f-8a848d60672b/5aafac13-13eb-4a3b-9275-db38f5d77b98/3_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
15689343d6ebb03815784061de1cbbb04c8da4e87808dc62c9b297a11f71bc11

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Sun, 10 Jul 2022 20:23:14 GMT
age
189604
etag
"de1964d5c1c5d51b11d617231417fe33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
338
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A7BB 		373 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f22d1cd62f219783841aabade1fe350e63a1f220fca96f10aeefc61e85bff4c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127042
x-xss-protection
0
expires
Wed, 13 Jul 2022 01:05:38 GMT
11.png
img.connatix.com/pid-1eba740d-7077-438a-9d6f-8a848d60672b/1eba740d-7077-438a-9d6f-8a848d60672b/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-1eba740d-7077-438a-9d6f-8a848d60672b/1eba740d-7077-438a-9d6f-8a848d60672b/11.png
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
06cec1f5d6ddbd571ebcea93c0d7b118b301b5a90d0dd01cc0fc3ddfcc7c5463

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
br
age
2489098
etag
"DjjaypRQtq3FFoV9W7rtBdyELLrNsBOHtvpNCL6Idsc"
access-control-max-age
86400
fastly-io-info
ifsz=19885 idim=478x478 ifmt=png ofsz=8402 odim=478x478 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
7935
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54260989-7&cid=1760488950.1657674337&jid=659070371&gjid=673034892&_gid=320785424.1657674337&_u=aCDAiUAjBAAAAE~&z=1318707843
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 13 Jul 2022 01:05:38 GMT
content-type
text/plain
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1171272951&t=pageview&_s=1&dl=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&ul=en-us&de=UTF-8&dt=Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20in%20Federal%20Prison&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiUAjB~&jid=659070371&gjid=673034892&cid=1760488950.1657674337&tid=UA-54260989-7&_gid=320785424.1657674337&gtm=2wg7b0K3K9VP&cd1=http%3A%2F%2Fwww.westernjournal.com&cd2=child%20abuse&cd3=700&cd4=Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20in%20Federal%20Prison&cd5=igcolonel&cd6=Commentary&cd7=2022-07-10&cd10=lpurdy&cd11=lpurdy&cd12=Maire%20Clayton&cd14=child%20abuse%2C%20children%2C%20crime%2C%20Democrats%2C%20entertainment%2C%20Hollywood%2C%20Joe%20Biden%2C%20liberal%20media%2C%20media%20bias%2C%20US%20news&cd15=Commentary&cd16=web&cd17=lpurdy&cd23=20&cd24=96&cd25=125&cd29=0&cd33=2022-07-13T01%3A05%3A36.883%2B00%3A00&cd34=1657674336883.wmqx30b&cd37=false&cd38=&cd39=&cd40=Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20in%20Federal%20Prison&cd41=Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20in%20Federal%20Prison&cd42=3086439&cd43=standard&cd44=96&cd45=96&cd46=true&cd47=above_article&z=283597445
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Jul 2022 08:40:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59083
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
969 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-32.fra56.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 16:13:37 GMT
via
1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront), 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
age
31921
x-amzn-requestid
d184a2b3-a5f7-43a1-a1ad-46b681a0cfc1
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P6, FRA56-P5
x-amz-apigw-id
VKWTyE8KCYcFwmg=
content-length
555
x-amz-cf-id
sY_sxBO3QxKJquankt7zJ-cLI6yC3XfotlYbzArkY4wmwIV02W9HCw==
beacon.min.js
signal-beacon.s-onetag.com/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-29.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b174c2de49f6aa7f8b72125c63c163012b9ff34afdbdaea39b4c499e1d16df8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
uiJ1YCXqTfg4YsRV.iQoQhQ_4iTW1U6K
content-encoding
gzip
etag
W/"af8244025b2d978df209bf028c458664"
last-modified
Mon, 04 Apr 2022 13:02:16 GMT
server
AmazonS3
age
79390
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Tue, 12 Jul 2022 03:02:29 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
YEeyhB8Sy8nLhz5aWO-wVqFLfZtZiTVkgoawuU1AR50WM7xCiI0i1w==
%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F
signal-segments.s-onetag.com/desktop/www.westernjournal.com/ 		2 KB
789 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.westernjournal.com/%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-98.fra60.r.cloudfront.net
Software
/
Resource Hash
18f478accd5142e9d60dbc1c273bae3e3a93f814686370365f65092bc3ad9adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 03:00:26 GMT
via
1.1 fb49d852ca52c03c834ce98098b51516.cloudfront.net (CloudFront), 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
age
79512
x-amzn-requestid
6992f270-22c3-41f0-9887-b6d1ced0a180
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amzn-trace-id
Root=1-62cce3ca-0b11ac322a00a7002816c5c3;Sampled=0
x-amz-cf-pop
FRA56-P5, FRA60-P1
content-encoding
gzip
x-amz-apigw-id
VIiHsHrwCYcFRUA=
x-amz-cf-id
uFqOq3VXlf_x9o1czgbsKesQ6MMPlNCnOM-7RAQ9gDssPLxEEttbBw==
www.westernjournal.com
signal-segments.s-onetag.com/desktop/ 		27 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.westernjournal.com
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-98.fra60.r.cloudfront.net
Software
/
Resource Hash
380c652bb1924dedb85e2f4b07f60be59db99afb0b95c518eeeacc0cd1febb1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 02:29:56 GMT
via
1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront), 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
age
81342
x-amzn-requestid
eb1633e8-441f-468a-a13f-c9c010c81ebf
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amzn-trace-id
Root=1-62ccdca4-4aa3d84c2c7d5d8a071673c2;Sampled=0
x-amz-cf-pop
FRA56-P5, FRA60-P1
content-encoding
gzip
x-amz-apigw-id
VIdpxE7OCYcFxXg=
x-amz-cf-id
X4pgLkY_OO9yCuofrssL9V--DSbDuk3eP0y8lqv2G1gJlXl3JkQnmw==
api-errors
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Wed, 13 Jul 2022 01:05:38 GMT
x-envoy-upstream-service-time
1
Server
openresty
Connection
keep-alive
vary
Origin
container.html
4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C460 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 01:05:37 GMT
expires
Thu, 13 Jul 2023 01:05:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D88E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 01:05:37 GMT
expires
Thu, 13 Jul 2023 01:05:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bd217c51f258c4656f1c64c87a959b4f1624c621607dcf3a826cd4c9ce63ec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28012
x-xss-protection
0
server
sffe
etag
"1272 / 720 of 1000 / last-modified: 1657663598"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 13 Jul 2022 01:05:38 GMT
prebid_OaEAJP.js
b2cdn.automatad.com/js/ 		247 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2cdn.automatad.com/js/prebid_OaEAJP.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS-879 /
Resource Hash
4dc25d7dc6b095338c91d832df4b6bf593cb5f6c3b6108a01bdd4c7b7d38a52c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
br
x-openstack-request-id
tx6f0027d0cca44a829f240-0062b70c3f
cdn-edgestorageid
883
access-control-allow-origin
*
x-iplb-instance
28795
cdn-cachedat
07/07/2022 17:49:21
cdn-pullzone
87832
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id
tx6f0027d0cca44a829f240-0062b70c3f
server
BunnyCDN-AMS-879
x-timestamp
1654609520.01260
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Tue, 07 Jun 2022 13:45:21 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
x-iplb-request-id
B95D01F1:40B3_8E2CE366:01BB_62B70C3C_BD03F1:D792
vary
Accept-Encoding
x-object-meta-mtime
1654609479.526554553
cdn-cache
REVALIDATED
cdn-uid
02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control
public, max-age=120
cdn-requestid
3ab085b71355413312375b41aab84639
content-type
application/javascript
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
currency.json
b2cdn.automatad.com/json/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b2cdn.automatad.com/json/currency.json
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-46-53.cdn77.com
Software
BunnyCDN-AMS-879 /
Resource Hash
5cd4de52503b70dbb531c14aeffbc6d468338ef589482e9fe07a1de732cb8ad4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
br
x-openstack-request-id
tx9dd664e1678445b881c9b-0062cd907c
cdn-edgestorageid
879
access-control-allow-origin
*
x-iplb-instance
28795
cdn-cachedat
07/12/2022 16:32:05
cdn-pullzone
87832
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-trans-id
tx9dd664e1678445b881c9b-0062cd907c
server
BunnyCDN-AMS-879
x-timestamp
1657638941.35807
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Tue, 12 Jul 2022 15:15:42 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
x-iplb-request-id
B95D01F6:51F5_8E2CE366:01BB_62CD907B_4A27059:D787
vary
Accept-Encoding
x-object-meta-mtime
1657638902.150722818
cdn-cache
HIT
cdn-uid
02ba462e-865f-4abf-a9cd-22f9021b3a43
cache-control
public, max-age=10800
cdn-requestid
7852616524780391f5c9d80141788950
content-type
application/json
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
/
trends.revcontent.com/api/delivery/ 		25 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=144909&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&icr_url=&va=0&user_uuid=undefined&time=1657674338356&up=pc&bn=chrome&bv=103&widget_width=817&style_id=0&idhub[pubcid]=261152e7-ead3-4762-a76d-683d775c6fde
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.242.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-242-12.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
88006970b70ca355fccdbb35af63f9b69e9c8ba4976306b9a8cd49dbab5ff73b
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
10189
tweet.ea7c441f36b5ff15fa0e6441a8faa51d.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/tweet.ea7c441f36b5ff15fa0e6441a8faa51d.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) /
Resource Hash
c41c6c2da219495e1772875070415d2aa9119c1b9da7ea460fb55df61205c105

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:38 GMT
Content-Encoding
gzip
Age
6514
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length
2619
x-tw-cdn
VZ
Last-Modified
Mon, 11 Jul 2022 22:43:26 GMT
Server
ECS (frb/675D)
Etag
"2973f9ca889a6298c717e07ee28fd5ae+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
api-errors
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/api-errors
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Wed, 13 Jul 2022 01:05:38 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
1
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.11.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-11-137.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.westernjournal.com
access-control-max-age
3600
content-length
0
date
Wed, 13 Jul 2022 01:05:38 GMT
vary
Origin
event
event.insticator.com/v1/ 		0
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.11.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-11-137.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:38 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.westernjournal.com
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		117 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2547146673214161&correlator=845942015933872&eid=31068431%2C31068435&output=ldjh&gdfp_req=1&vrg=2022070701&ptt=17&impl=fifs&iu_parts=2507246%3A22550773714%2Cwesternjournal.com_Web_300x250_cmt_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=4&adks=3366142293&sfv=1-0-38&ecs=20220713&fsapi=false&prev_scp=h%3D1%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.westernjournal.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ADRIZER_DEST%3De91c5d946173b42429a142158dee2b40%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dchild%2520abuse%252Cchildren%252Ccrime%252CDemocrats%252Centertainment%252CHollywood%252CJoe%2520Biden%252Cliberal%2520media%252Cmedia%2520bias%252CUS%2520news%26Category%3DCommentary%26URL%3D%252Fbiden-ally-sexually-assaulted-boy-publi%26GoogleCompliant%3Dtrue%26ip%3D0%26he%3D0&sc=1&cookie=ID%3D226ac669178cfe77-22b09da9cccd00ef%3AT%3D1657674337%3AS%3DALNI_MaYuMZUg3kySjPsP5cN7WsgCMHEqg&abxe=1&dt=1657674338391&lmt=1657587039&dlt=1657674336436&idt=961&adxs=302&adys=6777&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&frm=20&vis=1&psz=807x290&msz=336x-1&fws=0&ohw=0&ga_vid=1760488950.1657674337&ga_sid=1657674338&ga_hid=1171272951&ga_fc=true
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ac09fec7382b90f90c2d0797458ab03444ea45de7863a4ed5cae7baf9bde3d04
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11466345431695369710/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11466345431695369710/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKnd4pDW9PgCFZiT_QcdrH4MKQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/11466345431695369710/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11466345431695369710/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11466345431695369710/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKnd4pDW9PgCFZiT_QcdrH4MKQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/11466345431695369710/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44375
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Wed, 13 Jul 2022 01:05:38 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2547146673214161&correlator=481678941334263&eid=31068431%2C31068435&output=ldjh&gdfp_req=1&vrg=2022070701&ptt=17&impl=fifs&iu_parts=2507246%3A22550773714%2Cwesternjournal.com_Web_300x250_cmt_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&adks=239767260&sfv=1-0-38&ecs=20220713&fsapi=false&prev_scp=h%3D1%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.westernjournal.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ADRIZER_DEST%3De91c5d946173b42429a142158dee2b40%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dchild%2520abuse%252Cchildren%252Ccrime%252CDemocrats%252Centertainment%252CHollywood%252CJoe%2520Biden%252Cliberal%2520media%252Cmedia%2520bias%252CUS%2520news%26Category%3DCommentary%26URL%3D%252Fbiden-ally-sexually-assaulted-boy-publi%26GoogleCompliant%3Dtrue%26ip%3D0%26he%3D0&sc=1&cookie=ID%3D226ac669178cfe77-22b09da9cccd00ef%3AT%3D1657674337%3AS%3DALNI_MaYuMZUg3kySjPsP5cN7WsgCMHEqg&abxe=1&dt=1657674338394&lmt=1657587039&dlt=1657674336436&idt=961&adxs=648&adys=6777&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&frm=20&vis=1&psz=807x290&msz=336x-1&fws=0&ohw=0&ga_vid=1760488950.1657674337&ga_sid=1657674338&ga_hid=1171272951&ga_fc=true
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d7a281a7e30b66676e962eda66c1041a9fdc194929897e4679f9bea8c0d156a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11345
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2547146673214161&correlator=1037319464301693&eid=31068431%2C31068435&output=ldjh&gdfp_req=1&vrg=2022070701&ptt=17&impl=fifs&iu_parts=2507246%3A22550773714%2Cwesternjournal.com_Web_300x250_cmt_3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=1787726081&sfv=1-0-38&ecs=20220713&fsapi=false&prev_scp=h%3D1%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.westernjournal.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ADRIZER_DEST%3De91c5d946173b42429a142158dee2b40%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dchild%2520abuse%252Cchildren%252Ccrime%252CDemocrats%252Centertainment%252CHollywood%252CJoe%2520Biden%252Cliberal%2520media%252Cmedia%2520bias%252CUS%2520news%26Category%3DCommentary%26URL%3D%252Fbiden-ally-sexually-assaulted-boy-publi%26GoogleCompliant%3Dtrue%26ip%3D0%26he%3D0&sc=1&cookie=ID%3D226ac669178cfe77-22b09da9cccd00ef%3AT%3D1657674337%3AS%3DALNI_MaYuMZUg3kySjPsP5cN7WsgCMHEqg&abxe=1&dt=1657674338397&lmt=1657587039&dlt=1657674336436&idt=961&adxs=302&adys=7067&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&frm=20&vis=1&psz=807x290&msz=336x-1&fws=0&ohw=0&ga_vid=1760488950.1657674337&ga_sid=1657674338&ga_hid=1171272951&ga_fc=true
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
f7edeba038e64fde7d388c1bac3946ea7157f6970a54ac828ad16ac874fe0261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11658
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		459 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2547146673214161&correlator=4026798005175633&eid=31068431%2C31068435&output=ldjh&gdfp_req=1&vrg=2022070701&ptt=17&impl=fifs&iu_parts=2507246%3A22550773714%2Cwesternjournal.com_Web_300x250_cmt_4&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&adks=130721338&sfv=1-0-38&ecs=20220713&fsapi=false&prev_scp=h%3D1%26shb%3D1%26tg%3D0%26p%3DBTF%26at%3D1%26hostname%3Dwww.westernjournal.com%26consent%3D0%26Exclude_Adx%3DN%26ib%3Dnofill%26iba%3D0%26iaid%3Dnofill%26it%3Dil&eri=1&cust_params=ADRIZER_DEST%3De91c5d946173b42429a142158dee2b40%26ADRIZER_SOURCE%3D1ac519e4bf2a330822effdfe363760a5%26ADRIZER_SOURCES%3D554838a8451ac36cb977e719e9d6623c%26ADRIZER_DESTS%3D4d1561a0b9559270591a9cb29799197c%26Site%3Dhttp%253A%252F%252Fwww.westernjournal.com%26Tag%3Dchild%2520abuse%252Cchildren%252Ccrime%252CDemocrats%252Centertainment%252CHollywood%252CJoe%2520Biden%252Cliberal%2520media%252Cmedia%2520bias%252CUS%2520news%26Category%3DCommentary%26URL%3D%252Fbiden-ally-sexually-assaulted-boy-publi%26GoogleCompliant%3Dtrue%26ip%3D0%26he%3D0&sc=1&cookie=ID%3D226ac669178cfe77-22b09da9cccd00ef%3AT%3D1657674337%3AS%3DALNI_MaYuMZUg3kySjPsP5cN7WsgCMHEqg&abxe=1&dt=1657674338399&lmt=1657587039&dlt=1657674336436&idt=961&adxs=648&adys=7067&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&frm=20&vis=1&psz=807x290&msz=336x-1&fws=0&ohw=0&ga_vid=1760488950.1657674337&ga_sid=1657674338&ga_hid=1171272951&ga_fc=true
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9b554f797d5c535779e1c5362833845dfcf3d99cb039fe571dcadc2c333ef5e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
231
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
imp.php
trends.revcontent.com/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/imp.php
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.242.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-242-12.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept
*/*
Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:38 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
0
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
v2qtnh3ZeSx4p8ZIHTk75nqsoxD4SHSDGN4LawQCfJs8PNS-m7y_PK60
breadbalance.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://breadbalance.com/v2qtnh3ZeSx4p8ZIHTk75nqsoxD4SHSDGN4LawQCfJs8PNS-m7y_PK60
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.83 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
83.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
75a0ee94691045f4819b31a5ace580b1e0239fbaf001d568394e39182245be09
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"30860e184359c5d86e78d1b0ac6714e5265d17058d21213595d0ea32c27d93d5"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-n4tq
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 13 Jul 2022 01:05:38 GMT
x-buildnumber
586086155
timing-allow-origin
*
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1897937520432117&ev=PageView&dl=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&rl=&if=false&ts=1657674338451&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1657674338450.1076158396&it=1657674337282&coo=false&exp=u0&rqm=GET
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 13 Jul 2022 01:05:38 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1897937520432117&ev=ViewContent&dl=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&rl=&if=false&ts=1657674338453&cd[content_name]=Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20in%20Federal%20Prison&cd[content_tag]=%5B%22child%20abuse%2C%20children%2C%20crime%2C%20Democrats%2C%20entertainment%2C%20Hollywood%2C%20Joe%20Biden%2C%20liberal%20media%2C%20media%20bias%2C%20US%20news%22%5D&cd[content_category]=%5B%22Commentary%22%5D&cd[articleReactions]=%5B%22undefined%22%5D&cd[articleVirtues]=%5B%22undefined%22%5D&cd[siteName]=http%3A%2F%2Fwww.westernjournal.com&cd[wordCount]=700&cd[articleTitle]=Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20in%20Federal%20Prison&cd[articleSocialTitle]=Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20in%20Federal%20Prison&cd[articleSEOTitle]=Biden%20Ally%20Who%20Sexually%20Assaulted%20Boy%20in%20Public%20Bathroom%20Sentenced%20to%2012%20Years%20in%20Federal%20Prison&cd[articleChooser]=lpurdy&cd[articleTitler]=lpurdy&cd[articleTitleLength]=96&cd[articleSocialTitleLength]=96&cd[articleSEOTitleLength]=96&cd[articleAuthor]=igcolonel&cd[articleEditor]=Maire%20Clayton&cd[articleShareTextAuthor]=lpurdy&cd[articleShareTextLength]=125&cd[articlePublishDate]=2022-07-10&cd[paragraphCount]=20&cd[articleID]=3086439&cd[articleFormat]=standard&cd[platform]=web&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.1.1657674338450.1076158396&it=1657674337282&coo=false&exp=u0&rqm=GET
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 13 Jul 2022 01:05:38 GMT
log
l3.aaxads.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&dgw=desktop&flg=AAXBDSLO9&fw=FRANKFURT&ff=DE&xjg=4&dss=0&skw=1200&slg=8PR6YK195&gq=westernjournal.com&vhuyqdph=ssp-serving-54bc6c6bdb-9p6hw&vyu=071110_391_071110_363_ssp&vf=HE&yhuvlrq=4&yk=1200&yz=1600&yvlg=&ylg=00001657674337808029970147843908&vvsDeExfnhw=CONTROL&oz=0&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=0&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control&deg=2&fdeg=0&gdeg=2&ghqg=745&fhqg=27&hqg=91&gvwduw=29&fvwduw=27&vwduw=28&uhtxuo=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&nzui=
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.92.105.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-105-214.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:38 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Wed, 13 Jul 2022 01:05:38 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 71B4 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/132602e8/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Jul 2022 01:05:38 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54260989-7&cid=1760488950.1657674337&jid=659070371&_u=aCDAiUAjBAAAAE~&z=1527000698
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54260989-7&cid=1760488950.1657674337&jid=659070371&_u=aCDAiUAjBAAAAE~&z=1527000698
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sizzle.min.js
cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/sizzle/2.3.3/sizzle.min.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8024728
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6679
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:16:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd4-4dc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v73JqY1%2BK21vuXPGLM2qX2lHfTtcRxkXZuDgF%2BYLkuoCz4ZPEjeNmfcOgmMbfduY8eqlBwXRoPltdpcV%2FiH7w8%2FKe52WqLR5ut%2FMOezFgpRnVRVIpcYpbi8sp3BowpF0heBumqYUfSBWtYZCcHXi458n"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
729e1c87f9f968f8-FRA
expires
Mon, 03 Jul 2023 01:05:38 GMT
generate_204
www.youtube.com/ Frame 71B4 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?z5CTfg
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/7nses9-w5BU?feature=oembed
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css
fonts.googleapis.com/ Frame C460 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 23:45:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Jul 2022 01:05:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Jul 2022 01:05:38 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame C460 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 00:26:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2373
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 00:26:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C460 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkUwFYRrOYo7FK4yE9u8P74C9oAqq_46Ga4e7mreUEOSCu_uaAhABILLvpiJglcr5gZQHoAG_2pjZA8gBCakCnseJFuTTsD7gAgCoAwHIA8sEqgT8Ak_QbaCCcy_LwN1c6oi7ZGyfaMogyXowQVgjU5TDHEFK9lPyPbk6utiRORfrywZ8jr5pEns0-ksXZjcrJ9FExoOn8rWvUiAPqqyVBIg-HJnQ2ej5h-qxjqPVeKcWobKXQDoSqUwM7wXP7zigz3qPcGNugfFENPcp9Yr9vQpfdKs6v5j0R_2VFNvE1AIw3Lylm5f0eg8-QyjPLz9SCHzr6Oa7vX4Df1_Mf7v3i2NL2JEwfqwyjABT3n7q7QMZl-5b7Qvp_cRrKMaLzggEkn-_Oqm7SYGTlv-fLkg9ccuvtylfREfjYygGrleoRlEC7gDVHBcAcumx0ELEy4mw44AiomLmgxt1-l29T_uHqTLwsfiYWZI9IFmpchOHenaFyYk2to2r_0DguO5WjLVk3SQ4HB3lKxGYHQDzUk7bA1O6IDQE53Qj1V_I19G1lyyNAmb2GIO8UerORG2BnU3RgdZSQteA6YpWKIBJCZ_c_kyPl3NxYbyQUV7BNRyUr-MVwATl_aqx_APgBAGSBQQIBBgBkgUECAUYBKAGLoAH_f_6FKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKGrC9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAbgTiCfYEw2IFAPQFQGAFwGyFx4KHAgAEhRwdWItMzQ3NzUzOTEyNzA4MDMwMxj64x8&sigh=bOPQo2UO2gY&uach_m=[UACH]&template_id=5000
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame C460 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 00:47:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1105
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 00:47:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame C460 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 00:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
416
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 00:58:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C460 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Jul 2022 01:05:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame C460 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 00:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 00:17:53 GMT
l
www.google.com/ads/measurement/ Frame C460 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgyElxzdLg-wseZ0Qrar-hLL-EHw61GvBSthHAQEN5wUUKREMzW2ZRk6Mqb01VO8wFpB1J5gW9xSqtEx_nYjP6GsLoRQ
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
9fbfea14cd545ec81bc54d3c558bfb70.js
www.gstatic.com/mysidia/ Frame C460 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9fbfea14cd545ec81bc54d3c558bfb70.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 00:40:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
87901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13103
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:20:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 10 Oct 2022 00:40:37 GMT
container.html
4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D98F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 01:05:37 GMT
expires
Thu, 13 Jul 2023 01:05:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/14545948740298773044/ Frame C460 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14545948740298773044/downsize_200k_v1?w=600&h=314
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
961325bc8a289111e01023a62a34a0113243590cc37e1edab69fed4f8ae17b45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 08 Jul 2022 13:39:41 GMT
x-content-type-options
nosniff
age
386757
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24520
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 13:01:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 08 Jul 2023 13:39:41 GMT
truncated
/ Frame C460 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C460 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d29a0edd5f55c965f72331218d94428fa5fcaec361f94850cd9869b35af8228

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/svg+xml
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/169822/ Frame A7BB 		162 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/169822/hls.5b3b785f487abbe00eee.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
br
last-modified
Tue, 12 Jul 2022 13:26:40 GMT
age
41638
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
adview
securepubads.g.doubleclick.net/pagead/ Frame D88E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CgF22YRrOYo_FK4yE9u8P74C9oAqVvKWUa8SbqM_KD4-v_drPMRABILLvpiJglcr5gZQHoAHNhZPzAsgBAuACAKgDAcgDyQSqBP0CT9C_u9OFVLZE1TzuH9ythpnxTcu8PVLaKp6MTPXW1EZzGKKrs8p9qVx_uJ1Tux0EDH3gwPkLjDTJ48rHWs2YCmcyOZLZ2sVV7qMMgf-MQp1ZFKP2-PrP2JtfPu-jTE_6-rr7qr4D4k98_pPPlc9dpvvxvN_KweUxuO1ManL3eUnzGsQOv_TV_m5Ic2DFO1-lBsFvIwL3qDUibGNnbIZ6lFpqeDrlwpfa0-tn7ERyGicqAUeo1LtxquzhYZZWj6DfzdNb9KkRvqrDb2VYDzmCrdcjMYwYYrl1PJuM06OjxPxHMAfOXtnaJZC4IL5KLs8ECCMJph-CdBxcxv49zZvxlGIi8WcYclWgl_5D-BfAQX6MjdhaVZzsgWJBy6yfMUt5Ejks0v01lrrhQY1Qi-Zixnml3NyeNVTICDq6aeGehWM32uyX8HPKxV7hmwNxjjG9lYnJbdyiR2fmG6e1f_UobWe_g5qlLDQEvQvfVj4rGCXUT55lDZo7U8rkDbgkwATzy8TFjgTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHxaKsmQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD5oA_SCBIIiOGAEBABGB0yA6qCAToCgECACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItMzQ3NzUzOTEyNzA4MDMwMxj64x8&sigh=Kku1KUiUlJE&uach_m=[UACH]
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame D88E 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 00:47:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1105
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 00:47:13 GMT
10375682624819973659
tpc.googlesyndication.com/simgad/ Frame D88E 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10375682624819973659?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkTfD53wHbi-GhaJdJGN2_kZkSMpg
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1f0d7b95b7c3a483a32f005012663dc8a69162fc37f0fef3b0a5a4b643c14e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 08 Jul 2022 17:59:32 GMT
x-content-type-options
nosniff
age
371166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116433
x-xss-protection
0
last-modified
Thu, 19 May 2022 10:11:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 08 Jul 2023 17:59:32 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame D88E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:03:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 01:03:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D88E 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43266
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1657539323716025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 13 Jul 2022 01:05:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame D88E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 00:17:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 27 Jul 2022 00:17:53 GMT
l
www.google.com/ads/measurement/ Frame D88E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSXYcfMvIB--Ii-LIHJgYznoQKNEtuogzN-zfViWtXNlnBNIHaqgNyRpWJ1ihlDsSnLmLLP-EqcEXeslwsLyFQFTyt8Lw
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame D88E 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: 4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 09:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56601
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12985
x-xss-protection
0
server
cafe
etag
7466239315051897255
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 26 Jul 2022 09:22:17 GMT
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.242.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-242-12.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:38 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
articleCirculation.delivery.js
assets.revcontent.com/master/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/articleCirculation.delivery.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92e9c463b95089dc457cfe1701a39536e8f1e98ecdd58f3e2476472de956dc77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 16:22:44 GMT
server
AmazonS3
x-amz-request-id
SH7T6AVB3GVZQX7W
etag
"995a5a6b43ca1b7791db45854d0e02b2"
x-hw
1657674338.cds160.fr8.hn,1657674338.cds291.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
7085
x-amz-id-2
dV//+aqOo3UIYOHGtUZnDLBXNE31Bb156a6TdH9VUOE5GGkn3VFFuEIY9JgoYA5iX4aLyecIsvU=
brandWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/brandWidget~feedWidget.delivery.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3a65d5133b75e37e484c90c52b2697289cb96570b91174243560c2fb5ead2b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 16:22:43 GMT
server
AmazonS3
x-amz-request-id
WD77KA30GYRD50RB
etag
"80629c7e2af8994df2ebec85b5e894bf"
x-hw
1657674338.cds160.fr8.hn,1657674338.cds208.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
17000
x-amz-id-2
GmBRx4v5RL6UdJmU35oPMKYepcgw5Of8+sZg8zay7WrHmspH19lNpZQj+BEAl1Jt1Scyi4P/Rjo=
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2edd686552f00d8b45575259cb3095f4d6d262c9c8162a7f1a4ca7a9a3fece2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 16:22:43 GMT
server
AmazonS3
x-amz-request-id
WD71GJD9S85D1WHW
etag
"d180dd26b5059952491edbd9db6ef484"
x-hw
1657674338.cds160.fr8.hn,1657674338.cds154.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
6477
x-amz-id-2
cVZMIUef8EpxhlsXAtPVW35zOQ1ZsiEOh1szZe7iGxdPXa4iIStixll6w51nEkCfQYK3xcTViX0=
feedWidget.delivery.js
assets.revcontent.com/master/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/feedWidget.delivery.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34d1f8f0ac039e8471438b510f70c864cb4c5cfa74c83a0209175efc80590a30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 16:22:40 GMT
server
AmazonS3
x-amz-request-id
WD75STMBXNTQ763X
etag
"745a47600bb1cdb3b3c2efb819d890f9"
x-hw
1657674338.cds160.fr8.hn,1657674338.cds266.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
8995
x-amz-id-2
OLdbVRDXpWOzJUMnTpLN0lA2rMsbbuehLXotdrar2SYmqmm0xQlAFYv60uuo6EkaEK5FkxbPDKI=
commonModal.delivery.js
assets.revcontent.com/master/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/commonModal.delivery.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d1ecf5ae0e3b93cc6c6e093288d6b13cdc347c581f0bdabf8aef428909526c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:38 GMT
content-encoding
gzip
last-modified
Tue, 12 Jul 2022 16:22:42 GMT
server
AmazonS3
x-amz-request-id
WD70SB2YZJANPKE1
etag
"c1d1db404617f6768e3d1dd436ac670f"
x-hw
1657674338.cds160.fr8.hn,1657674338.cds002.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
1651
x-amz-id-2
Ld4Qk6KV5D+NqCUPTKt5dtnQhjoyYMrTeMOOdNSwOhHsGeM3jlqOTxi9d6WhR+1HmfFNPrWkJAI=
A-60B151DA8288234CC8284E80-1.js
s3.amazonaws.com/js.revcontent.com/p0/js/ 		696 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/js.revcontent.com/p0/js/A-60B151DA8288234CC8284E80-1.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.64.238 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
62b994e83624d746da4862895d63dd1fda14d7e851270b153f5335a9b74e17ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:39 GMT
Last-Modified
Mon, 23 May 2022 16:07:23 GMT
Server
AmazonS3
x-amz-request-id
QB3HP4WCEKQ7827G
ETag
"0169736fdeced47eca992b1e9814de21"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
696
x-amz-id-2
cY8srJPPIF/zUlzhe1dBfxiaYNnHCAnRB1biM9qh/QXexyuNmaR0NkCfPWt2nmhHcJwFjyDRX+E=
postback
s.srvsynd.com/2/2.64.1/234175/AWJVInMFEPJc9pMg/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.64.1/234175/AWJVInMFEPJc9pMg/postback?oz_pl=1&dt=2341751597675869250012&di=www.westernjournal.com&ui=00000000-0000-0000-0000-000000000000&ti=x1522150385676398632657424547840&to=3&md=2&ap=undefined&sr=connatix.com&pp=101514&de=2&pv=de5b96be-07f7-4003-9e05-ae211655f715&ci=234175&_x=1
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 13 Jul 2022 01:05:39 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.srvsynd.com/2/2.64.1/ 		161 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.64.1/main.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.243.93.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-93-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
88127622cde65813dbd02f354ac8f215b672b1be61bc99a73bee671595febd9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:38 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
51329
Expires
Fri, 20 Mar 2054 23:58:02 GMT
container.html
4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D85F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 01:05:37 GMT
expires
Thu, 13 Jul 2023 01:05:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2549 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 13 Jul 2022 01:05:37 GMT
expires
Thu, 13 Jul 2023 01:05:37 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Tweet.html
platform.twitter.com/embed/ Frame 1AF8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=WestJournalism&dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfcmVmc3JjX3Nlc3Npb24iOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvZmYiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3VzZXJfZm9sbG93X2ludGVudF8xNDQwNiI6eyJidWNrZXQiOiJmb2xsb3ciLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3R3ZWV0X2VkaXRfZnJvbnRlbmQiOnsiYnVja2V0Ijoib2ZmIiwidmVyc2lvbiI6bnVsbH19&frame=false&hideCard=false&hideThread=false&id=1277659344868225031&lang=en&origin=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&sessionId=16127b746a1d92260c65e37bd12fbe4d26c17496&siteScreenName=WestJournalism&theme=light&widgetsVersion=3235bd17138fa%3A1657578976990&width=550px
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
515
Cache-Control
public, max-age=1800
Content-Length
487
Content-Type
text/html; charset=utf-8
Date
Wed, 13 Jul 2022 01:05:39 GMT
Etag
"8fe3a6f46cc6084dc4b49dce310b2e59"
Last-Modified
Tue, 12 Jul 2022 23:06:36 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
bridge3.521.0_en.html
imasdk.googleapis.com/js/core/ Frame 9A97 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
118501
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209264
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 16:10:38 GMT
expires
Tue, 11 Jul 2023 16:10:38 GMT
last-modified
Mon, 04 Jul 2022 16:05:25 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame A7BB 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Jul 2022 01:05:39 GMT
bridge3.521.0_en.html
imasdk.googleapis.com/js/core/ Frame 8E96 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
118501
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209264
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 11 Jul 2022 16:10:38 GMT
expires
Tue, 11 Jul 2023 16:10:38 GMT
last-modified
Mon, 04 Jul 2022 16:05:25 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.521.0_en.html
imasdk.googleapis.com/js/core/ Frame EBB8 		0
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 71B4 		0
0
cast_sender.js
www.gstatic.com/eureka/clank/103/ Frame 71B4 		0
0
skeleton.js
static.adsafeprotected.com/ 		17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age
12740856
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
-2ZXeLpDiVSpqy5zNdEWk3ghXrB9M5eYt__b1C9B_Bupu90dImrd3g==
/
www.facebook.com/tr/ Frame DF3D 		0
0
938.json
id5-sync.com/g/v2/ 		213 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/938.json
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
1e1e0eab8fe8d6228fbcee873963e68958f29f076e59a81bd0401f1835cd44d3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:39 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		63 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.133.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-133-87.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a9b25cb7321b1efed1232b8af3b55620b443f6a3768323e63053f21928fcfdcb

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:39 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache
x-server
10.45.4.248
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0a0a75c635b8ba1fcc0095f0b6a9df2b3415cc1d434242f727af8b4bfb3437b7

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 01:05:39 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 12 Aug 2022 01:05:39 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D98F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLuwdYhrOYuamG8my9u8P1fySuAjJntKxXNWdkfdwwI23ARABIABglcr5gZQHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAdW20uoDyAEJqQKex4kW5NOwPuACAKgDAaoEhANP0BLtJKtb6_Y4gAcw3OwaKPeUgUY5JIUFHY8S92oyKiEl6UI9NJ7B2J_jiRJa9Oz0fMuQ3tSIzHStBg2I9aAH0wyAWsQYgBwNijEVKIaI7FQMiT76LS95E4BkexsSsbYUMN7WCESUFlQkNjrucIE59GRI65DJKouKE4x-UQM4dNeja7xWCgWLDl8s2TgE_yUaomrEspi9tuHG3jx4wyLccEilyoEKMCK5nTy7yVcLSZ0sMTyWW5hPQrkxIMSOwT8nO9uUa9HW_xPMm5aIG-tqLl2_x7Cc6cFAISrvyTh_b0yB7GUX51u5hihhHkPcwG0CIsl9zv0Uyb74cYxW0X4CTakO8ukxJosddP64hfpWLoXf5qAcd4TDZsbB0XaYXH36jhJbMH4usBI3r5v_kQNOPkjsTicrs6B9xjeFbALIZ_MSOpu2HBKtMho1X-RgMqwQ-G5MlYi6quMM1Sr5Iy8sbQKlnZ_UclW34x6-ao2bhAGLHoXvVCsjZUvTT0-OOlEatyop4AQBgAafqav584bY1lOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI2OTc2Nzk1MTg1MTU4ODYY1MQM&sigh=3z6T6HPm-ag&uach_m=[UACH]&cid=CAQSOwCNIrLMvIoXzdhwe4znWZt0efbmZEOX26AGxma5kgTlia6bN4INR7DmEhszYUtqQUS_Ysq4JAkFM2B0GAE
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame D98F 		0
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 6601 		0
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame D98F 		0
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C8BF 		0
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D98F 		0
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame D98F 		0
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D98F 		0
0
pixel
protected-by.clarium.io/ Frame D98F 		0
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A544 		0
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 70B0 		0
0
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame A7BB 		0
0
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.westernjournal.com%2Fbiden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison%2F&pid=lG2gO4CYA038W&cb=2&ws=1600x1200&v=8.1.0&t=1100&slots=%5B%7B%22id%22%3A%22CT_Vid_2%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!fireflyengagement.com%2C2018001%2C1%2C%2C%2C&pubid=da224ee9-07c8-4a80-87e4-528df4ac939e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:39 GMT
via
1.1 fb5610ec56d3f427bcbcfdd851770614.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
MKNQ379R40ZSBASG3CVN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
bCtQmM8Jo1w9yk1bZTkMnFlhUuoszc9OrCyv_j02tsIGkH91LQtnGw==
1_th.jpg
img.connatix.com/pid-1eba740d-7077-438a-9d6f-8a848d60672b/5aafac13-13eb-4a3b-9275-db38f5d77b98/ 		18 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-1eba740d-7077-438a-9d6f-8a848d60672b/5aafac13-13eb-4a3b-9275-db38f5d77b98/1_th.jpg?crop=817:460,smart&width=817&height=460&format=jpeg&quality=60&fit=crop
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4c671a464105c45f90ebc3acceb21b83397f5b65bf1dd6becb3a57daa0989a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:39 GMT
content-encoding
br
age
189851
etag
"/UwNAA1cN8Bw1qk+PNF4QdWv9Q3/uIS139Oa8bMPrDo"
access-control-max-age
86400
fastly-io-info
ifsz=81697 idim=2560x1440 ifmt=jpeg ofsz=18275 odim=817x460 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
17318
s
googleads.g.doubleclick.net/pagead/drt/ Frame AE9E 		0
0
redir.html
p4-hnjgd3wn5zodw-vjlioygtol53x3jo-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 81D1 		0
0
122
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/122
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.153.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-153-52.muc51.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 01:05:39 GMT
via
1.1 8685972bf77e5f24fd436c18e051a434.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC51-C1
x-amzn-requestid
75be3041-298e-4a25-93e1-6e42e1c282ab
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ce1a63-5814e7d83f3dcec017efe14c
x-amz-apigw-id
VLkPpFN0DoEFxwg=
content-length
25
x-amz-cf-id
DHeY-cJ125RxeVREBpFtMBmwv5W2g9DxFS_xp3Et2vHpWzZOczkuHw==
activeview
pagead2.googlesyndication.com/pcs/ Frame D88E 		0
0
atr
www.youtube.com/api/stats/ Frame 71B4 		0
0
log_event
www.youtube.com/youtubei/v1/ Frame 71B4 		0
0
prebid6.20.0-4.js
cds.connatix.com/p/plugins/ 		461 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid6.20.0-4.js
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d6cb3641a88d23be3e45023d313bfd54dd3640a4bfe07b3b88d63e3fba328d19

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 13 Jul 2022 01:05:39 GMT
content-encoding
br
last-modified
Fri, 08 Jul 2022 12:47:31 GMT
age
389797
etag
"aacab17b3b3de88c898ee654d218646f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
123905
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Wed, 13 Jul 2022 01:05:39 GMT
x-envoy-upstream-service-time
0
Server
openresty
Connection
keep-alive
vary
Origin
rc-logo.png
cdn.revcontent.com/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:39 GMT
last-modified
Wed, 29 Jun 2022 18:42:26 GMT
etag
"1656528146"
x-hw
1657674339.cds206.fr8.hn,1657674339.cds057.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=63729
accept-ranges
bytes
content-length
2091
v2sxlYWhvCeLNGObb7IY8nP8RwdEElgFOKThq9T4wJCW6haAkMhLWEOk
breadbalance.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://breadbalance.com/v2sxlYWhvCeLNGObb7IY8nP8RwdEElgFOKThq9T4wJCW6haAkMhLWEOk
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.83 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
83.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
ee7fa4e20c8cfad5a0ff8fa180aa8cce7f9f5f1cc1752e8f87d680bcbdcb07b9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"fba2ab24c72b63f23af82889b5cec976ef911fe2e1c87af3510df0698d76732e"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-n4tq
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Wed, 13 Jul 2022 01:05:39 GMT
x-buildnumber
586086155
timing-allow-origin
*
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.25.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-25-188.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.westernjournal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Wed, 13 Jul 2022 01:05:39 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A3D4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158410
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=170122
content-encoding
gzip
content-length
5549
content-type
text/html
date
Wed, 13 Jul 2022 01:05:40 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Jul 2022 00:21:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
PugMaster
image6.pubmatic.com/AdServer/ Frame A3D4 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=73901398&p=158410&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158410
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.82.242.209 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:41 GMT
content-length
0
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
age
29407866
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
zmwhpAOlAXNNH4nXZarxmLAqax9qSSVvXuiZk6fGwoP5Tiych8lohw==
v2vnqm_3MGwPQc8l6_9-vt2QzLkkiIs4rp2ZPND6H1sdMlxyDiaW_IJ3TOE-2GAOKgouW9dAV
breadbalance.com/ 		209 B
667 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://breadbalance.com/v2vnqm_3MGwPQc8l6_9-vt2QzLkkiIs4rp2ZPND6H1sdMlxyDiaW_IJ3TOE-2GAOKgouW9dAV
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.83 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
83.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
b2183e3cf03e64401ae2c79e896fb9f1f8467e3c2ee14747123fabd5e8dbaa5b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-buildnumber
586086155
content-length
209
x-datacenter
gce-europe-west1
date
Wed, 13 Jul 2022 01:05:40 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-n4tq
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 13 Jul 2022 01:05:39 GMT
369.json
id5-sync.com/g/v2/ 		213 B
629 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/369.json
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
f23763dbb48ed484ecb5d1a23242ff78af9fecc4c28b014ced9075646efa0133
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.westernjournal.com
date
Wed, 13 Jul 2022 01:05:40 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=mp4hjl8
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 01:05:41 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.westernjournal.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
expires
Thu, 13 Jul 2023 01:05:41 GMT
envelope
api.rlcdn.com/api/identity/ 		0
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 13 Jul 2022 01:05:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5530 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.189 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-189.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 13 Jul 2022 01:05:41 GMT
ETag
"623de86a-cf34"
Expires
Thu, 14 Jul 2022 01:05:43 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 410F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aBPa4O7Kyr7ioGrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 13 Jul 2022 01:05:41 GMT
server
33XP005
x-33x-status
2000208
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 602E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=95054&userIdMacro=PM_UID&gdpr=0&predirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fpubmatic%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3DPM_UID
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=170121
content-encoding
gzip
content-length
5549
content-type
text/html
date
Wed, 13 Jul 2022 01:05:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Jul 2022 00:21:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
sync.html
cdn.aralego.net/ucfad/cookie/ Frame F9F8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
4752
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
729e1c99dab08fee-FRA
content-encoding
br
content-type
text/html
date
Wed, 13 Jul 2022 01:05:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQjBPrGclal6ZxjDFDIpOe0TvNKrO%2Fhlrtq5cuv41i0%2F7ndh36FxTY8vMIGx6WSwfep5WUS43dMxEDU8h8reaPqFxGlHKVYfjFkRkYASFyvrzP4QVZQIpQhE7jSCVdxsaxJpfxgr6QxgNoNETQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
check.html
biddr.brealtime.com/ Frame 0BFA 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
4611
CF-Cache-Status
HIT
CF-RAY
729e1c99d881693f-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 13 Jul 2022 01:05:41 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Wed, 13 Jul 2022 02:05:41 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
pd
u.openx.net/w/1.0/ Frame F79B 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 13 Jul 2022 01:05:41 GMT
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
via
1.1 google
/
ssc-cms.33across.com/ps/ Frame 7AD3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aISzFq7Kyr7ioGrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 13 Jul 2022 01:05:41 GMT
server
33XP004
x-33x-status
2000208
rubicon
ex.ingage.tech/v1/syncPage/ Frame D056 		951 B
617 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/syncPage/rubicon?userId=0c348f1f-1466-4945-a089-450e93358bb3&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
729e1c99ab4990af-FRA
content-encoding
gzip
content-type
text/html
date
Wed, 13 Jul 2022 01:05:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 329D 		20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_6.15.0
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
c542d54ca710cbb971437bc0b2c8979d90f98ce1fab18854a2acaef225ddfc2e

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
846
cache-control
max-age=900
content-encoding
gzip
content-length
6474
content-md5
KVG+QKveo3+rFAAhSOovjg==
content-type
text/html; charset=utf-8
date
Wed, 13 Jul 2022 01:05:41 GMT
etag
f1845ecc-de6f-4c51-8b13-b501040e6929
expires
Wed, 13 Jul 2022 01:20:41 GMT
last-modified
Fri, 27 May 2022 14:36:20 GMT
opc-request-id
iad-1:cM4yjm3rY_xvFqC7E45sYxDPLlNRhnQm1q4dEohZk4cdFXNQABymqRPjA9H0IGlb
server
ECAcc (frd/E2F8)
storage-tier
Standard
vary
Accept-Encoding
version-id
3ee9dce7-218a-4043-8374-2366a1fe8ea8
x-api-id
native
x-cache
HIT
usync.html
eus.rubiconproject.com/ Frame D42C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 01:05:41 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usermatch
r.casalemedia.com/ Frame 9FF0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192379&cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D
  • https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9502bc183be99d478a90ef8bfaa8a146cb63b9399ea14358a7cd0e1c0f8c654b

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
729e1c9a4c14bc03-FRA
content-encoding
br
content-type
text/html
date
Wed, 13 Jul 2022 01:05:41 GMT
dropped-udsids
45|39|230|241|51|26|57|152
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIKiOSu4UwC6vIOm2MQBaLN4fQvkRtlOyg0V16UtxYvXl%2BNwWuxJTf%2FQLaCa9Rz8aaoNvodnghYs%2FExGMwayGXpvkMKu644phn3set7DZnJHHRTzP3VPjkytScqJcoP9Qduq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
729e1c99e8ec908b-FRA
content-type
text/html; charset=iso-8859-1
date
Wed, 13 Jul 2022 01:05:41 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfgTCvnTzlu%2BRE6%2FTGl1uhSFkWmOGlCpeXQy%2F2NktOvB5mi%2FbadT7FZZr85oL%2FFj2X5qFljLqCwppmnwkw6nIvKjt5Fg0I7fv47ndJ%2BloNgaKO%2Bl4GENSaVXp9p30YO8dTvHFnIYtsZGOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 5E59 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aleOzs7Kyr7ioGrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP003 /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 13 Jul 2022 01:05:41 GMT
server
33XP003
x-33x-status
2000208
/
ssc-cms.33across.com/ps/ Frame 3D1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=asRWdk7Kyr7ioGrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 13 Jul 2022 01:05:41 GMT
server
33XP001
x-33x-status
2000208
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5E89 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=95054
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.90.104.242 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-104-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=170121
content-encoding
gzip
content-length
5549
content-type
text/html
date
Wed, 13 Jul 2022 01:05:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 15 Jul 2022 00:21:02 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
/
sync.aralego.com/idSync/ Frame 472A 		35 B
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idSync/?ucf_nid=par-BE7E7ADB8D34EE2BF7BBD2899BB62A77&gdpr=0&redirect=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fucfunnel%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3DUCFUID
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Norfolk, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
35
Content-Type
image/gif
Date
Wed, 13 Jul 2022 01:05:41 GMT
generic
match.adsrvr.org/track/cmf/ Frame D4CF
Redirect Chain
  • https://ex.ingage.tech/v1/syncPage/unruly?userId=0c348f1f-1466-4945-a089-450e93358bb3&to=https%3A%2F%2Fsync.1rx.io%2Fusersync2%2Frmpssp%3Fsub%3Dinsticator
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator
  • https://sync.1rx.io/usersync2/rmpssp?sub=insticator&zcc=1&cb=1657674341744
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6162062275
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6162062275
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://www.westernjournal.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Wed, 13 Jul 2022 01:05:41 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Wed, 13 Jul 2022 01:05:41 GMT
etag
RX9dc11beff440493c881c241ab63f6e47003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6162062275
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
9.gif
id5-sync.com/s/441/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:40 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
idsync
sync.aralego.com/ Frame F9F8 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Norfolk, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:41 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
async_usersync
ib.adnxs.com/ Frame 5530 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 01:05:41 GMT
X-Proxy-Origin
178.162.209.134; 178.162.209.134; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1557382b-72e2-41e9-b9d8-a020fdb2ddb4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame D056
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=us-east&p=insticator
  • https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Requested by
Host: ex.ingage.tech
URL: https://ex.ingage.tech/v1/syncPage/rubicon?userId=0c348f1f-1466-4945-a089-450e93358bb3&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ex.ingage.tech/v1/syncPage/rubicon?userId=0c348f1f-1466-4945-a089-450e93358bb3&to=https%3A%2F%2Fsecure-assets.rubiconproject.com%2Futils%2Fxapi%2Fmulti-sync.html%3Fendpoint%3Dus-east%26p%3Dinsticator
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 13 Jul 2022 01:05:41 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 13 Jul 2022 01:05:41 GMT
location
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame D42C 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8de229a29f3d1d84a03d0db201830a9d336475f406367d608b83947beb251507

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12415
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9455
Expires
Wed, 13 Jul 2022 04:32:36 GMT
crum
dsum-sec.casalemedia.com/ Frame 9FF0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Ys4aZRFEV2BhvTwOIyOcwgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE8sgknjeEA05UrRo9ZrKUs&google_cver=1&gdpr=1
43 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE8sgknjeEA05UrRo9ZrKUs&google_cver=1&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
729e1c9bd83c695b-FRA
pragma
no-cache
date
Wed, 13 Jul 2022 01:05:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tlK9ErdzTpbX5fuL8tKdUgumgH6tzYKUWsrUIB8KTxg2fBJDcekmdv%2FKWiignOT6A%2F6%2BlnBMZ0Xfq8lvRuc5vHBV2sHdkgff0%2Bydrgq4uviGOwgBfKgEiG79CMeoBpEr3ibDh8LMoW5CjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEE8sgknjeEA05UrRo9ZrKUs&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9FF0 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9FF0 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ys4aZRFEV2BhvTwOIyOcwgAABHgAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9FF0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys4aZRFEV2BhvTwOIyOcwgAABHgAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys4aZRFEV2BhvTwOIyOcwgAABHgAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys4aZRFEV2BhvTwOIyOcwgAABHgAAAIB&dcc=t
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 01:05:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
H3WC3FJHPMKNKRTKABMN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 01:05:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
QPTBNKMNVVFEGM58Q3XH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ys4aZRFEV2BhvTwOIyOcwgAABHgAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame 9FF0 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.200.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-200-182.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:41 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
sync.taboola.com/sg/indexscod/1/cm/ Frame 9FF0 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=Ys4aZRFEV2BhvTwOIyOcwgAA%261144
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:41 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12294
crum
dsum-sec.casalemedia.com/ Frame 9FF0
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588520808044868
43 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588520808044868
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
729e1c9bd83d695b-FRA
pragma
no-cache
date
Wed, 13 Jul 2022 01:05:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enBhPPWM8GDcltT62HSNMRjnhVZoY5iGaAd69wRNB38ygDwB119n9cwdQm1pDYl8RezFO5GvixQUbbIjCoBIpiFMBTm7Vszf7YhSec8iWF9aODlDce10oQphg1MSD3T494RL1z21HIwxUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5144588520808044868
Date
Wed, 13 Jul 2022 01:05:41 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 9FF0
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f5c79cb8-a065-4aa1-a848-2fd8285e0ac2
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f5c79cb8-a065-4aa1-a848-2fd8285e0ac2
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
729e1c9d193c695b-FRA
pragma
no-cache
date
Wed, 13 Jul 2022 01:05:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0eGaL0gotGjS4leGBC43I0uYPTUx3HmvCnCbdWIt44m19HeXhSyCz9lD%2F8mb0JMIPVgSSW95nvmhJDwQ5FuU5h4cpT%2BThBl6n150q2mUhPryYTp7zQlL4oiOv3OBn1RsE0g3nShygbKAmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 01:05:41 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=f5c79cb8-a065-4aa1-a848-2fd8285e0ac2
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
0c348f1f-1466-4945-a089-450e93358bb3
ex.ingage.tech/v1/sync/ix/ Frame 9FF0 		0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ex.ingage.tech/v1/sync/ix/0c348f1f-1466-4945-a089-450e93358bb3?uid=Ys4aZRFEV2BhvTwOIyOcwgAABHgAAAIB
Requested by
Host: r.casalemedia.com
URL: https://r.casalemedia.com/usermatch?cb=https%3A%2F%2Fex.ingage.tech%2Fv1%2Fsync%2Fix%2F0c348f1f-1466-4945-a089-450e93358bb3%3Fuid%3D&s=192379&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://r.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
cache-control
private, max-age=604800
access-control-allow-credentials
true
cf-ray
729e1c9a8ba490af-FRA
usync.js
eus.rubiconproject.com/ Frame D056 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
8de229a29f3d1d84a03d0db201830a9d336475f406367d608b83947beb251507

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Wed, 13 Jul 2022 01:05:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=12415
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9455
Expires
Wed, 13 Jul 2022 04:32:36 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame D056 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=insticator&khaos=L5IWI0T5-28-64PH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=us-east&p=insticator
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Content-Type
image/gif
709414.gif
id.rlcdn.com/ Frame D42C 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
tap.php
pixel.rubiconproject.com/ Frame D42C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/R24AOzju_WWnm3CP8ZzG48n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8609829194155222922
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8609829194155222922
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Wed, 13 Jul 2022 01:05:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8609829194155222922
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame D42C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECs_Oh7nHTw2kS92Hx-HkJA&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECs_Oh7nHTw2kS92Hx-HkJA&google_cver=1
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECs_Oh7nHTw2kS92Hx-HkJA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame D42C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5IWI0T5-28-64PH&sigv=1&esig=2~d95affe5a0bb4662a323b543d1157375c2bd8d5b
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5IWI0T5-28-64PH&sigv=1&esig=2~d95affe5a0bb4662a323b543d1157375c2bd8d5b
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:41 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5IWI0T5-28-64PH&sigv=1&esig=2~d95affe5a0bb4662a323b543d1157375c2bd8d5b
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame D42C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VJ02xURxS4WqZ6q_Qaw_PQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VJ02xURxS4WqZ6q_Qaw_PQ
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VJ02xURxS4WqZ6q_Qaw_PQ
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 01:05:42 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZJK14FA6APDHTW288K46
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=VJ02xURxS4WqZ6q_Qaw_PQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame D42C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:41 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame D42C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVJV0kwVDUtMjgtNjRQSA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVJV0kwVDUtMjgtNjRQSA==
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jul 2022 01:05:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVJV0kwVDUtMjgtNjRQSA==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame D42C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5IWI0T5-28-64PH
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5IWI0T5-28-64PH
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 01:05:41 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 3EB92ED06AEF443398537490DF5D196B Ref B: FRAEDGE1109 Ref C: 2022-07-13T01:05:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXjpWJM5KKlxvHhbIsUbg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5IWI0T5-28-64PH
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v2pgovjEEpXefj0j4DnFW0HQN_dJvaWu5Ff3puj6QzZ1W0Qd2wvs_ZKn-n9RmVTTTmEumzWPQ
partplanes.com/ 		191 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://partplanes.com/v2pgovjEEpXefj0j4DnFW0HQN_dJvaWu5Ff3puj6QzZ1W0Qd2wvs_ZKn-n9RmVTTTmEumzWPQ
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
cd7dce285011008c3bceb148c344b820c652aa0d2c6546d644a8c0cb07e32a8c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-buildnumber
586086155
content-length
191
x-datacenter
gce-europe-west1
date
Wed, 13 Jul 2022 01:05:41 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-n4tq
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 13 Jul 2022 01:05:40 GMT
v2jvpbqI3QiIsiQbXMMvUpMZvU-GfvJQ-hF2LHsi2FdRoyj6tL8T471_bgzLKTLUU7mZ8VX0_
partplanes.com/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://partplanes.com/v2jvpbqI3QiIsiQbXMMvUpMZvU-GfvJQ-hF2LHsi2FdRoyj6tL8T471_bgzLKTLUU7mZ8VX0_
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3a27e85e057bc540dfe50d8fe1333e6e7ee3e0510c39b1c9f94ba545185447b1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
x-hostname
fen-hoothoot-europe-west1-spot-n4tq
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
access-control-allow-credentials
true
access-control-allow-methods
POST, OPTIONS
x-buildnumber
586086155
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
1703
date
Wed, 13 Jul 2022 01:05:42 GMT
async_usersync
ib.adnxs.com/ Frame 5530 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 13 Jul 2022 01:05:42 GMT
X-Proxy-Origin
178.162.209.134; 178.162.209.134; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
99850838-0e94-4d50-937d-fad3f7f474cb
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ModalEngage
partplanes.com/v2qymC0_j71BJVc27r_SS-A2wYUzF9IqhFfcMgAN3YGSCYCHObp5NiBIcb5pMbccNHcIhAMk/ 		108 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partplanes.com/v2qymC0_j71BJVc27r_SS-A2wYUzF9IqhFfcMgAN3YGSCYCHObp5NiBIcb5pMbccNHcIhAMk/ModalEngage
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.135.5 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
5.135.149.34.bc.googleusercontent.com
Software
/
Resource Hash
8f337115384d2ac049691ede2669e7a0c53239aaa3a5e358d6b95128c9096efe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.westernjournal.com/
Origin
https://www.westernjournal.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
etag
"918ffd1795669cecc8fbb9b59fc9ecc9b9e9f4eab907ddd9aa675851c1aedd7d"
x-buildnumber
586086155
x-datacenter
gce-europe-west1
date
Wed, 13 Jul 2022 01:05:42 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language, Origin
access-control-allow-methods
POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
private, must-revalidate, max-age=21600
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-n4tq
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
css2
fonts.googleapis.com/ 		2 KB
489 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow+Condensed:wght@500;900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
80c272f49af5ad94205c5fbfd4c99b9c3ca821f01c9d7a2c71cd737e6d837dcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 00:56:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Jul 2022 01:05:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Jul 2022 01:05:42 GMT
css
fonts.googleapis.com/ 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300
Requested by
Host: d3l320urli0p1u.cloudfront.net.
URL: https://d3l320urli0p1u.cloudfront.net./script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6997099ab540c7bb41efc285603a07adc11e07b5f3b58a540559e414a40a096
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.westernjournal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 23:54:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Jul 2022 01:05:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Jul 2022 01:05:42 GMT
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/42a30fdd-c1da-4d85-ab06-c212412bd9ab/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 13 Jul 2022 01:05:49 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 13 Jul 2022 01:05:50 GMT
content-length
0
vary
Origin
v2irxty5ASc9EJsVBsoFPCgDurCFDO6a-A0JDaysw5dXWTD0OTnwcmufmlDfVvYs3I-IdGq3i
breadbalance.com/ 		191 B
275 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://breadbalance.com/v2irxty5ASc9EJsVBsoFPCgDurCFDO6a-A0JDaysw5dXWTD0OTnwcmufmlDfVvYs3I-IdGq3i
Requested by
Host: www.westernjournal.com
URL: https://www.westernjournal.com/biden-ally-sexually-assaulted-boy-public-bathroom-sentenced-12-years-federal-prison/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.83 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
83.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
d5bd7cb0e98941f356c2c57d53904b1278926972f764f3b6d4287ef94056c77a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.westernjournal.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-buildnumber
586086155
content-length
191
x-datacenter
gce-europe-west1
date
Wed, 13 Jul 2022 01:05:54 GMT
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.westernjournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
fen-hoothoot-europe-west1-spot-n4tq
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 13 Jul 2022 01:05:53 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/core/bridge3.521.0_en.html
Domain
jnn-pa.googleapis.com
URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Domain
www.gstatic.com
URL
https://www.gstatic.com/eureka/clank/103/cast_sender.js
Domain
www.facebook.com
URL
https://www.facebook.com/tr/
Domain
rtb.fr.eu.criteo.com
URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k9KND8c1rAL6AZ2DYgICAAAAjHpUtF8JFGcdWo-BqhT5vhBgGs5igqmEeXHBA_9Xs-4AEgAA&wp=Ys4aYgAG02YH_ZlJAAS-VcIxSBpQCcxGVqlYpg
Domain
ads.eu.criteo.com
URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ys4aYgAG02YH_ZlJAAS-VcIxSBpQCcxGVqlYpg&u=%7CDjoFNrpw8fOzbhJNJTnMLYy%2FMbaofpj%2Fmi9y3jVvznY%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5MCkYQDzO89rvOncPEPJVvW98NsCrMubiPTVw4MZ3TPXOmrRwuuwNyo7bEzcxS114xmyiODf0zWMtzYJiD8d3z5xTTVwa7ouTUA7SOFEXn5Nw1e8AjhFiN6YqQ_xvmHjAYWK7W6BiT1YaxqrWN3Et2e2IQNK9SXOHKEUR_VBN9Xee7kgjj8uMAvp8_xEJkFd7p83BspXZ_Zq_3cDnQo0s23vnUn6gw4USHMhBqI1eKG38R3mjCUB6I5RHGHOCciIZZXeBmXSL8NKs6IyXiraDPgPBXgnS7DwLNIB9YhqLTI8wi-6SbZY1R0v5NsDvAcFBeMBRrtstxQ-wa7g4Zl3Y8NcoqRrY4Optcs8QLPE4zMAzPapn5xNrz0iEg8Bn60aw-dkCxZw9VZ7n2TFAlcudZM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9fQZYhrOYuamG8my9u8P1fySuAjJntKxXNWdkfdwwI23ARABIABglcr5gZQHggEXY2EtcHViLTI2OTc2Nzk1MTg1MTU4ODagAdW20uoDyAEJqQKex4kW5NOwPuACAKgDAaoEhwNP0BLtJKtb6_Y4gAcw3OwaKPeUgUY5JIUFHY8S92oyKiEl6UI9NJ7B2J_jiRJa9Oz0fMuQ3tSIzHStBg2I9aAH0wyAWsQYgBwNijEVKIaI7FQMiT76LS95E4BkexsSsbYUMN7WCESUFlQkNjrucIE59GRI65DJKouKE4x-UQM4dNeja7xWCgWLDl8s2TgE_yUaomrEspi9tuHG3jx4wyLccEilyoEKMCK5nTy7yVcLSZ0sMTyWW5hPQrkxIMSOwT8nO9uUa9HW_xPMm5aIG-tqLl2_x7Cc6cFAISrvyTh_b0yB7GUX51u5hihhHkPcwG0CIsl9zv0Uyb74cYxW0X4CTakO8ukxJosddP64hfpWLoXf5qAcd4TDZsbB0XaYXH36jhJbMH4usBI3r5v_kQNOPkjsTicrs6B9xjeFbALIZ_MSOpu2HBKtMho1X-RgMqwQ-G5MlYi6quMM1Sr5I20uTJAiEgPHzcmjQM6DzHWSkAs9FKv31p_rWO0h8FGiItSwMzmWDq2y4AQBgAafqav584bY1lOgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0smZjO2LyvieyXBHORxRS4jhBFgw%26client%3Dca-pub-2697679518515886%26adurl%3D
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/pixel?tag=wt_R2tFa1FpZjZJTlpLWEFFLVBOUUVTUlNyRE5rLzI4OTYyMTcyNDA6MzAweDI1MA==&v=5&s=v31g7qhe56j&id=eyJkZnAiOnsiYWQiOjQ5NzM3Mzc2LCJjIjpudWxsLCJsIjowLCJvIjoyODk2MjE3MjQwLCJBIjoiLzI1MDcyNDYsMjI1NTA3NzM3MTQvd2VzdGVybmpvdXJuYWwuY29tX1dlYl8zMDB4MjUwX2NtdF8zIiwieSI6MzMwNzIyLCJjbyI6MCwicyI6ImRpdi1pbnN0aWNhdG9yLWFkLWNtdC0zIn19&sb=undefined&cb=7336439&h=www.westernjournal.com&d=eyJ3aCI6IlIydEZhMUZwWmpaSlRscExXRUZGTFZCT1VVVlRVbE55UkU1ckx6STRPVFl5TVRjeU5EQTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyODk2MjE3MjQwLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Domain
capi-tier-2-us-east-2.connatix.com
URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=169822&cid=9dd181c7-3fdc-4552-b455-a4484892c82c
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Domain
p4-hnjgd3wn5zodw-vjlioygtol53x3jo-if-v6exp3-v4.metric.gstatic.com
URL
https://p4-hnjgd3wn5zodw-vjlioygtol53x3jo-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMnlLDnR0s29EsTygjVmtFBkoMPoA6TIuNqyG_RQFk2bRv_gMwLjeIJIH3j1ehJa_YJ0NoQwa-ahzhhVsnXoGK2PQa512J8m0TUVAkuCR6eCJfyj4ONzHINaAHdFoIerhzrOocsIz29C5nKQ&sai=AMfl-YTr5QPMHXNJB4tjBqAwE7GbC1ISEVCZZgMfmeJmVsVCGaBDZWz3zPGvzTusFDUJ0YQN1xv24UAGlk4v3wY04Cnqh_ELw07nBjMXwNettNCdYMAvpEcgE2uGxSW6QHQ&sig=Cg0ArKJSzAFZduJVERwhEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=4&adk=109305028&rs=4&la=0&cr=0&vs=3&r=b&rst=1657674338294&rpt=1448&ec=0&met=mue&wmsd=0
Domain
www.youtube.com
URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=soP896MOOYiLp_KW&ver=2&cmt=0&fs=0&rt=0&euri=https%3A%2F%2Fwww.westernjournal.com%2F&lact=2085&cl=460087346&mos=0&volume=100&cbr=Chrome&cbrver=103.0.5060.53&c=WEB_EMBEDDED_PLAYER&cver=1.20220710.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&epm=1&hl=de_DE&cr=DE&len=28&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24027699%2C24080738%2C24135310%2C24135692%2C24169501%2C24170045%2C24198982%2C24221532%2C24226334%2C24237817%2C24238983%2C24240670%2C24245009%2C39321934&feature=oembed&muted=0&docid=7nses9-w5BU
Domain
www.youtube.com
URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Verdicts & Comments Add Verdict or Comment

234 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| NREUM object| newrelic function| __nr_require object| dataLayer function| getParameterByName function| getCookie object| PWT object| Insticator object| google_tag_manager object| google_optimize object| _atrk_opts object| core object| __core-js_shared__ object| googletag object| ADRIZER function| admiral object| advBidxc number| ff_current_page number| FF_REP_COUNT object| FF_EXCLUDE_ADS function| firefly_setTargeting function| firefly_size_list_to_max_wh object| FFADS object| pbjs function| sendInitialAdserverRequest function| sendSingleAdserverRequest function| firefly_pbjs_bids_back_single function| firefly_a9_bids_back_single object| a9_slot_arr string| ad_unit object| Adomik object| apstag object| _comscore string| captchaPublicKey object| a2a_config function| cnx object| InsticatorXmess function| ffp_getCookie function| ffp_setCookie string| voted_cookie_name function| ff_poll_submit undefined| emailField boolean| ff_poll_voted object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet function| firefly_sc function| atrk boolean| _atrk_fired boolean| headerTagInjected number| insticator_tg boolean| abpStatus function| firefly_set_ff_utms object| atsScript function| fireflyStickySbSetScrollEventListener function| fireflyStickySbScrollListener function| fireflyPreventWidgetOverlap function| firefly_global_loaded string| firefly_loading_gif_url string| firefly_ajax_url number| firefly_post_id boolean| firefly_global_loaded_v object| wp object| _qevents function| ff_open_close_list function| ff_list_toggle function| ff_create_subscriber function| firefly_update_subscriber function| ff_check_list_checkbox function| ff_unsubscribe_all_list function| ff_subscribe_all_list function| ff_select_all_list function| ff_open_subscriber_form function| ff_open_preference_page function| validateEmail function| ff_update_subscriber_email_inputs function| checkAlmostVisible function| setCookie function| firefly_ma function| isMobile object| ff_source undefined| deferredPrompt undefined| $ function| jQuery object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| 4dm1r11545242527 object| jeengConfig function| setImmediate function| clearImmediate function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault object| jeeng object| InsticatorApp string| insticatorHeaderCodeVersion object| __webpack_exports__ object| instBid object| ads_list object| embeds_list boolean| isPageviewSent object| federatedObj object| confiant object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| COMSCORE function| udm_ object| ns_p function| onYouTubeIframeAPIReady object| gaGlobal object| regeneratorRuntime object| aax object| __twttrll object| twttr object| __twttr object| wpJsonRciWidget object| ua_result function| __NEXT_PRELOADREADY object| revcontent function| renderRCWidget object| ats object| InsticatorCommenting boolean| isCommentingRequested function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| gaplugins object| gaData function| owpbjsChunk object| owpbjs function| instBidChunk undefined| google_measure_js_timing object| cnx_usr_storage boolean| rioc_required object| rc_head object| rc_body object| rc2css object| rc2js object| rc2js_beacon_62ce1a615ef3b object| rcel object| rcds object| beaconNoScript object| rc_loaded_widgets undefined| rc_chosen_interests number| rc_loader_limit number| rc_loader_runs object| rc_loaded_hashes object| rcsc object| RevContentLoader string| rc_p_uuid number| provider string| do_branding object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| dspCriteoRTUSCallback object| $SO object| player_instance_aa7cbd988f1547d98d85910d3f624084 object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins object| __connect function| _docReady object| atdpbjs boolean| isUserActive boolean| windowActive object| _yetiAXTInstances object| _yetiAXTUnitConfig object| Base64 function| rcjq boolean| scrolled boolean| swiped boolean| resized function| Hammer object| jQuery110208553834371795097 function| Sizzle object| atdpbjsChunk boolean| ozoki_sv object| $$$ number| google_global_correlator function| cnxProxyTask object| admrlWpJsonP function| cnxAddEventListener

76 Cookies

Domain/Path Name / Value
www.westernjournal.com/ Name: ADRIZER_SOURCE
Value: {%22value%22:%22%22%2C%22expires%22:%222022-07-15T01:05:36.700Z%22}
www.westernjournal.com/ Name: ADRIZER_WIDGET
Value: {%22value%22:%22%22%2C%22expires%22:%222022-07-15T01:05:36.700Z%22}
.westernjournal.com/ Name: __asc
Value: e3d6da32181f5170a478d38a9c7
.westernjournal.com/ Name: __auc
Value: e3d6da32181f5170a478d38a9c7
www.westernjournal.com/ Name: ffpvi
Value: 2
.youtube.com/ Name: YSC
Value: cQu5Y72dIEY
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: C2m3piBl4wA
.adnxs.com/ Name: uuid2
Value: 1071535596331878103
.westernjournal.com/ Name: InstiSession
Value: eyJpZCI6ImU0MjVmYWVhLTdjMzktNDY0Ny04MTAzLTQyMmU2YTM5YTVhNSIsInJlZmVycmVyIjoiIiwiY2FtcGFpZ24iOnsic291cmNlIjpudWxsLCJtZWRpdW0iOm51bGwsImNhbXBhaWduIjpudWxsLCJ0ZXJtIjpudWxsLCJjb250ZW50IjpudWxsfX0=
.westernjournal.com/ Name: _ga_DCR5CPLYCJ
Value: GS1.1.1657674337.1.0.1657674337.0
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: d87454f79b8429e5
www.westernjournal.com/ Name: mnet_session_depth
Value: 1%7C1657674337135
www.westernjournal.com/ Name: plsVisitorGeo
Value: DE
www.westernjournal.com/ Name: plsVisitorCity
Value: Nordrhein-Westfalen
.westernjournal.com/ Name: _ga
Value: GA1.2.1760488950.1657674337
.westernjournal.com/ Name: _gid
Value: GA1.2.320785424.1657674337
www.westernjournal.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.westernjournal.com/ Name: _pubcid
Value: 261152e7-ead3-4762-a76d-683d775c6fde
www.westernjournal.com/ Name: ucf_uid
Value: 4414fa6c-daa7-4048-ae6f-98c7a3536eb3
www.westernjournal.com/ Name: hb_insticator_uid
Value: 0c348f1f-1466-4945-a089-450e93358bb3
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: HAPLB5A
Value: s578|Ys4aZ
.adnxs.com/ Name: icu
Value: ChgI27RDEAoYASABKAEw4LS4lgY4AUABSAEKGAi1m3oQChgBIAEoATDhtLiWBjgBQAFIARDhtLiWBhgB
.prebid.a-mo.net/ Name: __amc
Value: 1_1657674337_1657674337
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlMP1YqU13Q1mr6RHVDCFUQcQ6uWw-wO91mMrM_tcWfg5vtXVpEL2zdeD75ohQ4QwHwukLfQGe5DRCFgeL3T5WVmseR9QdHaP9w
.rubiconproject.com/ Name: khaos
Value: L5IWI0T5-28-64PH
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0+hlbAdcHj7y+IXqvPVzt4X6LBWwGzep3j+CQiMALPWR3ohAXRyDOr/6p8cTWaih7J9eV3Icust5vS3/LLK+yPzG6FmltYou0ml/AExmfaEA==
www.westernjournal.com/ Name: visitorGeo
Value: DE
www.westernjournal.com/ Name: visitorCity
Value: Bochum
www.westernjournal.com/ Name: visitorIP
Value: 178.162.209.134
www.westernjournal.com/ Name: _lr_geo_location
Value: DE
.quantserve.com/ Name: mc
Value: 62ce1a61-bd94a-28e53-0b057
.aralego.com/ Name: sspid
Value: 4414fa6c-daa7-4048-ae6f-98c7a3536eb3
www.westernjournal.com/ Name: aasd
Value: 1%7C1657674337809
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.westernjournal.com/ Name: _dc_gtm_UA-54260989-7
Value: 1
.westernjournal.com/ Name: __qca
Value: P0-1884904088-1657674337764
www.westernjournal.com/ Name: cto_bidid
Value: VdpLiV8xMTBXelhRYzRmZ1A5V1F0SnhqWUE3dTNYcmNZMEdUZ3F6QW51Z1NzU1JkUEFIc09YSHdjYXlNcHM5ZVMzUnF3Ym40SXVLSGdoNHRtNEdwTjZHbEEyZyUzRCUzRA
www.westernjournal.com/ Name: cto_bundle
Value: CFO2HF9kUWtLektHNE8zeSUyRlhPY0huMlpKVjBDVGZ4dGpwNDdEZ0RzJTJCV21JSHo3UkZKdnNEVko0RkNhR2FRd3hqWCUyRkhzbUVub3lKMTFjbSUyQkUlMkJJcUF4V2FIc0x1V3dwZTVmU3NqYlBXJTJCZmVtUXVRQlpvZDUlMkZhTjhaamhaMWVSNFMxb2E4
.westernjournal.com/ Name: _fbp
Value: fb.1.1657674338450.1076158396
www.westernjournal.com/ Name: __aaxsc
Value: 2
www.westernjournal.com/ Name: _yeti_currency_new_3
Value: {"dataAsOf":"2022-07-12T00:00:00.000Z","generatedAt":"2022-07-12T15:00:47.111Z","conversions":{"USD":{"USD":1,"JPY":136.73571001792473,"BGN":1.9476199960167297,"CZK":24.479187412865965,"DKK":7.409679346743677,"GBP":0.8446823341963753,"HUF":408.2652857996415,"PLN":4.7988448516231825,"RON":4.920633339972118,"SEK":10.584544911372236,"CHF":0.9841665006970722,"ISK":138.51822346146184,"NOK":10.232423819956184,"HRK":7.485560645289784,"TRY":17.366261700856402,"AUD":1.4837681736705837,"BRL":5.378311093407688,"CAD":1.3039235212109141,"CNY":6.72356104361681,"HKD":7.849830711013742,"IDR":14991.087432782313,"ILS":3.4840669189404503,"INR":79.5623381796455,"KRW":1309.5996813383788,"MXN":20.80093606851225,"MYR":4.4369647480581555,"NZD":1.6326428998207527,"PHP":56.41107349133639,"SGD":1.4067914758016333,"THB":36.23979286994623,"ZAR":17.07916749651464,"EUR":0.9958175662218681},"GBP":{"USD":1.1838770144889947,"JPY":161.87826415005364,"BGN":2.3057425462433536,"CZK":28.980347311460335,"DKK":8.772149063343669,"GBP":1,"HUF":483.33588767197574,"PLN":5.681242115935536,"RON":5.825424707921201,"SEK":12.530799429400044,"CHF":1.165132098605331,"ISK":163.9885408438749,"NOK":12.113931362955801,"HRK":8.86198318852198,"TRY":20.55951805524445,"AUD":1.7565990356389185,"BRL":6.367258880256534,"CAD":1.5436850854131543,"CNY":7.959869375051578,"HKD":9.293234146398971,"IDR":17747.603833865815,"ILS":4.12470674227509,"INR":94.19202338988246,"KRW":1550.4049609186186,"MXN":24.62575009136673,"MYR":5.252820579324004,"NZD":1.9328484019664476,"PHP":66.7837732690426,"SGD":1.6654680923806042,"THB":42.9034577885715,"ZAR":20.21963382573123,"EUR":1.178925527274442}}}
.doubleclick.net/ Name: IDE
Value: AHWqTUlJYG9ndZ_lfDEEe1BqxvmctXyyiud1kyJMkL4bYWSdHsMbEsZK0Tdfg9jCx20
.westernjournal.com/ Name: __gads
Value: ID=226ac669178cfe77:T=1657674337:S=ALNI_MYd6VrFH6EX_x21CIgAZPaNoyO1LQ
www.westernjournal.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-13T01%3A05%3A39%22%7D
.westernjournal.com/ Name: panoramaId_expiry
Value: 1657760739895
www.westernjournal.com/ Name: _lr_sampling_rate
Value: 100
www.westernjournal.com/ Name: _lr_retry_request
Value: true
www.westernjournal.com/ Name: _lr_env_src_ats
Value: false
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.casalemedia.com/ Name: CMID
Value: Ys4aZRFEV2BhvTwOIyOcwgAA
.casalemedia.com/ Name: CMPS
Value: 1219
ex.ingage.tech/ Name: instUid
Value: 0c348f1f-1466-4945-a089-450e93358bb3
.casalemedia.com/ Name: CMPRO
Value: 1144
.casalemedia.com/ Name: CMRUM3
Value: 9862ce1a6505a00&2762ce1a650b40&3962ce1a6505a0&e662ce1a652760&3362ce1a6505a0&2d62ce1a6505a0&f162ce1a6505a0&1a62ce1a6505a0
.casalemedia.com/ Name: CMST
Value: Ys4aZWLOGmUA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmpuZm5ibGJoamkBANVZinMQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1MrAAQhMTCzMLIT5DXfccCwMvR48czwqLNACd4_6RJQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTG1sDA1MrAAQhMTCzMLIT5DXfccCwMvR48czwqLNACd4_6RJQAAAA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9dc11bef-f440-493c-881c-241ab63f6e47-003%22%2C%22zdxidn%22%3A%222069.50%22%2C%22nxtrdr%22%3Afalse%7D
.aralego.com/ Name: gdpr
Value: 1
.casalemedia.com/ Name: CMTS
Value: 1153
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&cf232dee-fc17-4c6d-86de-0e7e48697b57"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTc2NzQzNDE7MjswMjFVlXggRDXtpwWV+qpZ7MN9zYuc/Zl6CsTq21OAP5/cKw==
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2698:u=1:x=1:i=1657674341:t=1657760741:v=2:sig=AQFtSaXV1h1Sv8iqdRBFB6WKo3FBUUbY"
.yahoo.com/ Name: A3
Value: d=AQABBGYazmICEEM6tAcTG-R51Py9p5i-L-0FEgEBAQFrz2LXYgAAAAAA_eMAAA&S=AQAAAp_evAMF9yex5lcefNkrCnk
.amazon-adsystem.com/ Name: ad-id
Value: A6ULkSMqh0vitJvE03V-weQ
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.westernjournal.com/ Name: _awl
Value: 2.1657674354.0.5-a68b0b4b78a450e8a9754070c08b47ae-6763652d6575726f70652d7765737431-0

6 Console Messages

Source Level URL
Text
network error URL: https://s3-us-west-2.amazonaws.com/files.getemails.com/account/K97HRE0/source/getemails.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other warning URL: https://4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: https://d3l320urli0p1u.cloudfront.net./script.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid6.20.0-4.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://d3l320urli0p1u.cloudfront.net./script.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid6.20.0-4.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4b2c44dea38016bd395e116906edfb14.safeframe.googlesyndication.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ads.eu.criteo.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.rlcdn.com
assets.revcontent.com
ats.rlcdn.com
auth.instiengage.com
b2cdn.automatad.com
bh.contextweb.com
biddr.brealtime.com
breadbalance.com
c.aaxads.com
c.amazon-adsystem.com
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.aralego.net
cdn.revcontent.com
cdnjs.cloudflare.com
cds.connatix.com
certify.alexametrics.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
comment.instiengage.com
confiant-integrations.global.ssl.fastly.net
connect-metrics-collector.s-onetag.com
connect.facebook.net
d31qbv1cthcecs.cloudfront.net
d3l320urli0p1u.cloudfront.net.
d3lcz8vpax4lo2.cloudfront.net
df80k0z3fi8zg.cloudfront.net
dsum-sec.casalemedia.com
eua.instiengage.com
eus.rubiconproject.com
event.insticator.com
ex.ingage.tech
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
geoip.insticator.com
geoip.instiengage.com
get.s-onetag.com
go.automatad.com
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
hb.emxdgt.com
hbopenbid.pubmatic.com
hbx.media.net
i.clean.gg
i.ytimg.com
ib.adnxs.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
img.connatix.com
img.revcontent.com
ins.connatix.com
insticator-d.openx.net
insticator.technoratimedia.com
jnn-pa.googleapis.com
l3.aaxads.com
match.adsrvr.org
mug.criteo.com
onetag-geo.s-onetag.com
p.rfihub.com
p4-hnjgd3wn5zodw-vjlioygtol53x3jo-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partplanes.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
product.instiengage.com
protected-by.clarium.io
px.ads.linkedin.com
r.casalemedia.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
rtb.fr.eu.criteo.com
rules.quantcount.com
run.crtx.info
s.amazon-adsystem.com
s.srvsynd.com
s0.2mdn.net
s3-us-west-2.amazonaws.com
s3.amazonaws.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
signal-segments.s-onetag.com
soapps.net
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.doubleclick.net
static.instiengage.com
stats.g.doubleclick.net
sync.1rx.io
sync.aralego.com
sync.extend.tv
sync.taboola.com
syndication.twitter.com
tag.1rx.io
telemetries.jeeng.com
token.rubiconproject.com
tpc.googlesyndication.com
trends.revcontent.com
u.openx.net
users.api.jeeng.com
vid.connatix.com
www.aaxdetect.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.westernjournal.com
www.youtube.com
x.bidswitch.net
yeet.revcontent.com
yt3.ggpht.com
ads.eu.criteo.com
capi-tier-2-us-east-2.connatix.com
googleads.g.doubleclick.net
imasdk.googleapis.com
jnn-pa.googleapis.com
p4-hnjgd3wn5zodw-vjlioygtol53x3jo-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
protected-by.clarium.io
rtb.fr.eu.criteo.com
tpc.googlesyndication.com
www.facebook.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
104.17.120.107
104.18.18.126
104.18.19.126
104.244.42.8
104.89.20.125
104.90.104.242
104.92.105.214
104.92.70.118
104.92.74.8
108.138.17.48
108.138.36.118
108.138.4.10
13.224.189.125
13.227.153.52
13.32.121.72
13.32.121.98
13.32.99.89
132.226.41.106
141.226.228.48
141.95.98.65
142.250.185.130
142.250.185.98
147.75.85.234
151.101.130.137
151.101.194.137
151.101.2.137
151.101.65.194
151.139.128.11
152.199.22.191
178.162.133.150
178.250.2.146
18.190.5.232
18.205.30.173
18.66.112.29
18.66.112.32
185.64.189.112
192.82.242.209
192.96.200.41
193.0.160.129
198.148.27.139
199.115.117.82
2001:4860:4802:34::36
213.19.147.43
213.19.147.44
216.52.2.39
2600:9000:223c:600:6:44e3:f8c0:93a1
2600:9000:223d:ca00:9:78a:e540:93a1
2600:9000:223e:da00:14:248f:8500:93a1
2600:9000:223f:de00:8:48e:53c0:93a1
2600:9000:2251:2a00:10:3422:3f00:21
2600:9000:225e:b200:17:5bae:c7c0:93a1
2600:9000:2304:5400:d:99dd:3480:21
2600:9000:2491:4400:1c:386f:ec80:21
2602:803:c004:200::140
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:49cd
2606:4700:10::6816:b7
2606:4700:10::ac43:264e
2606:4700:10::ac43:b63
2606:4700:20::ac43:47fe
2606:4700::6811:180e
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:800::200a
2a00:1450:4001:801::2008
2a00:1450:4001:802::2001
2a00:1450:4001:803::200e
2a00:1450:4001:806::2016
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9d
2a02:2638::1c
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d018:d29:3601:11a:a397:8c8e:9db5
3.20.242.89
3.69.42.191
34.107.148.139
34.117.228.83
34.120.133.55
34.120.247.19
34.149.135.5
34.149.20.76
34.227.129.115
34.243.93.43
34.247.242.12
34.252.153.54
34.95.69.49
34.98.64.218
35.158.200.182
35.244.174.68
37.252.173.38
52.204.11.137
52.217.64.238
52.218.182.72
52.222.214.123
52.223.40.198
52.46.128.147
52.48.133.87
52.74.46.15
54.144.223.251
54.80.212.134
67.202.105.24
69.173.144.138
69.173.144.165
8.43.72.97
84.17.46.53
88.221.168.189
95.101.200.23
99.81.25.188
99.83.181.31
008a2141beeeaa12dd8fa27edf7f2ba2181ad709bbdebd578d76e9c4e27ecfb6
03ee0d6058a181a521f9a5930debdb8af46421a31c1cb355b338dee06c29cd6d
0444c9ff63443b03ecfd54c4c68d046803ea86ad281f2cc120ea30958950bb91
04d771c31aa24781903095a150ed529e5504cdfb33154e4c36e7af7f1706484f
05007a28c1f595706be49465c711c266f541b14c439649ae50827939ef89e47f
062b0d22ad022b356e28c693483746d526490b53acedf582d3df368744d35d03
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06cec1f5d6ddbd571ebcea93c0d7b118b301b5a90d0dd01cc0fc3ddfcc7c5463
0826a567358fabac283ceabe269b52803af8fba17258201e7ac27f984cd84eaf
0a0a75c635b8ba1fcc0095f0b6a9df2b3415cc1d434242f727af8b4bfb3437b7
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d1ecf5ae0e3b93cc6c6e093288d6b13cdc347c581f0bdabf8aef428909526c6
0e55ecef515bcf3f1eed39090d481913aa7e27d104f5fd967a92048c2e7ab7c0
10540766b1bbad52951a6e8bb9622b6ca26f65b6887a6b90dfcb5d50a816ed4f
1076fec1fc07913955e0071439d8bfac2230ede302f5e0c2a87dc5a2ee0094de
107efb180fdc839cd0c0d138c64525679bfe24d23a45dfe2d707a3d9ec03ed16
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
123d31532bc0abb2eaf2e1d15028ed425c920dff4bc1712805cf2fee5c2bbaa2
15689343d6ebb03815784061de1cbbb04c8da4e87808dc62c9b297a11f71bc11
156b29047c1b5c585cc523f92a711d29592b95f0e5fc44da6054b409c79a160e
1751af1ad1882c8f739afee6c9199d5bf85c2bb2f808ba45a167df23ff3318aa
18f478accd5142e9d60dbc1c273bae3e3a93f814686370365f65092bc3ad9adb
1b0507cd61d838109c9a2e4462a6e8ebf02200cf496b89542e4080531bfe272e
1b0e249726f2a27bc59bf1dcdc12552d04788cc18f045fdf93f4aa7843a7ac37
1d9411a3eb3af20c314c2ee4bc617596a0347dc0eb50cfeb3c7a1cfb4e87c162
1e1e0eab8fe8d6228fbcee873963e68958f29f076e59a81bd0401f1835cd44d3
1ff35db3b3b2ba19e2dbeaec4e1e1f94acb08726383f0d80103963dbcfc765db
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
28f85c5b831f10218b2b3c98bf1c93b22e7d811e014a840d95352cf91517f93c
2a30ad4f20cc72ac8c00fa6da3153e6086abda21c4d6fc9486a337db542f0b84
2b174c2de49f6aa7f8b72125c63c163012b9ff34afdbdaea39b4c499e1d16df8
3007badc4c359017dcf5ec36f629816437f3522755803670c551d343c9d14278
31918f5f4ce49eaa63265c0b72b9a22886ed6eb95081772a3fbc1a0151a6e63c
33761bb1ade29cbf8f1594c9f401a864a2c613eed5c34001caae3a1a89b6a335
33fc259e4e68eb54430457513e7f6edceeab13f97bd1116375fd829d2fee31dc
34d1f8f0ac039e8471438b510f70c864cb4c5cfa74c83a0209175efc80590a30
380c652bb1924dedb85e2f4b07f60be59db99afb0b95c518eeeacc0cd1febb1a
38d1103f2c4788d2c5f7ee38e3cfdc63afe90414bafa4897d530e330d044e41c
3a27e85e057bc540dfe50d8fe1333e6e7ee3e0510c39b1c9f94ba545185447b1
3bd217c51f258c4656f1c64c87a959b4f1624c621607dcf3a826cd4c9ce63ec7
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f9b04fa4a25f7912b0d89bd04e13754ecaf2e69b95151e998644e012e0cd363
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
40baa59a1995d9784f73502d4667f8ed4d3414c84a36bdf147ba85379d3cd6fc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4482bfdb834a0b2836c83b9d8a1a56ecb94777a6d2d65d633f2b024275f4f17e
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4bb4a958acffca92fc44fc11e00d2d8691bb909f24a0e0765043a132322c1e78
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4dc25d7dc6b095338c91d832df4b6bf593cb5f6c3b6108a01bdd4c7b7d38a52c
4e35b4fad72a5955d3cf90e8ed82c9a6e1102a62e53d849f1dd7d3fd382a06a5
4f0db91aa562bb034d9bad4e936daaaf1d559b7343a43c0242f7d0a84193da13
5184ebd3fae7aa4e0e754bc975aa1ff06db65f25581c8aaca0077913636d40e8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5635608c85a07da967f952dc1d8b0f01354ea5b1af4fcc02941d78ed7c4f98a5
5b3346c170b35963c12dede0b11af46770fc8dec58b211f69eaf2b105f87e271
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cd4de52503b70dbb531c14aeffbc6d468338ef589482e9fe07a1de732cb8ad4
5d048d1ba1fb1f78e38c3e0cc432db86fb8138d98d4b61242b1b7951f62208b1
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2
606e14865f687929a23c8f7329e3553a6536bc84ed6589059eeb2a127a45610e
6249b2ddb95ef35ec44a9f9f5490b3ed9ebc3a0d7aca7f7c782f6995d0505178
62b994e83624d746da4862895d63dd1fda14d7e851270b153f5335a9b74e17ff
6729ca74176ae149d3bab418d21f23734fececde18b7c5814f63eaae4f2a2a91
67315acd47fca91a767aa68f94f8666c7ca01eebf6012326da7edb7e97106502
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b40f0d5cfa95c272e1a5a6c2ad7b9089ad07d3e938ea0f9f0693ab7f6a175e6
6cde8eacbf02c1f169c0fcab495b5c9e4350699ee2a2b576bbcbb3cfd5dcfa2b
6e28a29b0e3bbf50cc0235f435d4d1251bfc888952dfbdebcee042d490c558e5
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
748a6624278596f8a29df383fa1b711cc1108820c608661411b01c7e5e239615
75a0ee94691045f4819b31a5ace580b1e0239fbaf001d568394e39182245be09
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7d4871228653d98c7ab91a884e9f02cd1b79908ecb5db26836db1098edcf3fe1
80c272f49af5ad94205c5fbfd4c99b9c3ca821f01c9d7a2c71cd737e6d837dcf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86d85ef9d429dcff2fd26e97dad7e05a5a69e4c628af757f555674347bf995ed
88006970b70ca355fccdbb35af63f9b69e9c8ba4976306b9a8cd49dbab5ff73b
88127622cde65813dbd02f354ac8f215b672b1be61bc99a73bee671595febd9e
897c8ed302822389fa45468e00618479321e071c84a8706bf7d3425171a4d760
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8be0248a81b09e34a7202feb370ea72f0d17c1cfb4fc87ebac34830b95a68239
8d218f9140e46d9a91f10957e675c47906ce225dbb6e1104dba7f37598d8525d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8de229a29f3d1d84a03d0db201830a9d336475f406367d608b83947beb251507
8f337115384d2ac049691ede2669e7a0c53239aaa3a5e358d6b95128c9096efe
8f3e38a262ae300f7e99e8ab0950ea6e67d7404331b374506bc0cd60e03e69cd
8f9aa8f97529c4bb9b13334e1cf1794392d37859664e5ae5225a1056ee4a71d9
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
92e9c463b95089dc457cfe1701a39536e8f1e98ecdd58f3e2476472de956dc77
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
9502bc183be99d478a90ef8bfaa8a146cb63b9399ea14358a7cd0e1c0f8c654b
961325bc8a289111e01023a62a34a0113243590cc37e1edab69fed4f8ae17b45
96f5e38b428206dfaba85e7688fa9df0264f3bef72de39996b9446d06e4f8de7
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
996cc355b02ca8b07027d89aad116552b619f26a299cdfdce3cc902c55b0c1ed
9ad498922283d143b7abade92e57ea7f0aea2bd35655220dc50a675f463a3c04
9b554f797d5c535779e1c5362833845dfcf3d99cb039fe571dcadc2c333ef5e6
9d29a0edd5f55c965f72331218d94428fa5fcaec361f94850cd9869b35af8228
9e712925468c945fc143153b4bd2ed96dd6397b2115efbc0f40afa21c5e9536c
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2e79845e72a66bbedb76e43644b2246bf2d17f646769e110df62cd07f82b768
a2edd686552f00d8b45575259cb3095f4d6d262c9c8162a7f1a4ca7a9a3fece2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a6456004d9b2021298249f8e2b4b0316fbc3232d4413ee21b201d2fb68ee27df
a6b34418e76b41bb4b0858e36488f170916069c13109a2433309785f4c5eff73
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8fab022958e5b449fc18d22b1f9a167d3d5edddcc7e70b700c97f1a492a937a
a91b27c9bc0af2fd36659e04a6249960e1fa23cac3704fe53cea5910b36d8465
a9b25cb7321b1efed1232b8af3b55620b443f6a3768323e63053f21928fcfdcb
ac09fec7382b90f90c2d0797458ab03444ea45de7863a4ed5cae7baf9bde3d04
ad2cb4bd02aa79aad7809661da0060a903f348a01796c0de08d479245eca6b62
af6c3b631a665bd5927bd8edf37a59596fceb2cba7a048ca784bb5d39ab843ca
b0d88a00bca5c76a2e6bcdd592af3255593bd8972b52585081b005e723a3113c
b119677aab360b1b7905cbc521eba617ec9429c3bff70cd00b9f6ccddcb3e026
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18c5700d0526eb4867705b0907e89d9d51a9f24697782b96cf93abd55aafc34
b1f0d7b95b7c3a483a32f005012663dc8a69162fc37f0fef3b0a5a4b643c14e5
b2183e3cf03e64401ae2c79e896fb9f1f8467e3c2ee14747123fabd5e8dbaa5b
b55c383d8792f8a454d05f9b72abdb30b6bcb17324ac6d4b4f425e1cd816dfe0
b69b721689b44cdc508f67ce808a683ef65851d71ee4b376f0e91044504b1410
b895ff9e811f19d652fc8ffdd7924f2f580859e998a81ae294e0232f805ac0a8
b8ce173508dbc458eb9b33adf58feb3cb6d87d38360d07807573757d6e8e818f
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
ba47c6f03faab24c82885daf886dd14e613761a53105607a620f6b50d391e0e7
baa99b9df6f0df51a1adfb1a17a9b033b0c4f0d01254f790f9a867750d675e33
baef494f7ae268d69fe448d07bb3b3e0ac9f863e25fa649e8ffbc29bad7be8be
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bf014ac987da28da1644134f7e37adf6053af3224f6c264f187383b5d710ed3a
c101692679dd5f24a4fefecb620e1b0107ec4e08c6e6e9e32dbaf1a4868e8c3f
c187b984aa89c6340d574fcb9f3b1882ba025fad66be1eaf689f104cc40cda50
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c41c6c2da219495e1772875070415d2aa9119c1b9da7ea460fb55df61205c105
c4b0d17cd120bef7df65b09e2ef7bba272164a245e318005c535623d246e81b5
c542d54ca710cbb971437bc0b2c8979d90f98ce1fab18854a2acaef225ddfc2e
c6d69c7a48ae8edf4aee8b1764b67d75fedc77768e5b8826e8f4a3b014fc83f3
c884ce7741018e5a3dbf12931bd21a5d193d33e9b0cf0dca6c26015e9682239c
cbff952e8c47bf976906662ac210c3ae9aaf8e10820d404e8f760bc273bcb4fb
cd7dce285011008c3bceb148c344b820c652aa0d2c6546d644a8c0cb07e32a8c
cdf1b9fb710d3dfacf7d95fa1def7a49bf9290cd46b576ea6d3095f567e62880
cf56b9ab02e71124134fe967a552b3df1363722d7b0bee524abda31e403dd397
cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0f3e01f5c6b35ee75f07456af79f93e9477f1d0e167a6d82b11995a9967506c
d17951bdbedb4a41de7096672e19975764cb935918b2217d4aade5249cd1955f
d1d05642e23866a6d7fb1b165615355e7c01fffaf89c61e9c14c0beecb96ae23
d4c671a464105c45f90ebc3acceb21b83397f5b65bf1dd6becb3a57daa0989a3
d5bd7cb0e98941f356c2c57d53904b1278926972f764f3b6d4287ef94056c77a
d6cb3641a88d23be3e45023d313bfd54dd3640a4bfe07b3b88d63e3fba328d19
d7a281a7e30b66676e962eda66c1041a9fdc194929897e4679f9bea8c0d156a0
d9a6e71441811bf8ad12d3fdd93bf7dc4a187a9de4982996189e90cd6ba295b2
dc53ba77b5154bb55c05f7cbf18390c3ce558071c9022435472a8bc76415c4b8
dcd5aff72dd62d42bc1b7dae6dccb1b2d10a3e8ef70d4f6ffe4339a49ab7de46
dd0d71596405c871776ff22e82930d3fa8ecb4fac40af79f967c5bd769e80d60
de088236d4b4043c0ae5dfb65f856b1ed6c81bcfba89513d8c38d105a0e8a416
dea36661bcd2e84495bb6ab5c2b679cde1267f5fd6e9e4f44908b3acb8816ec6
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41da7505a486f1f3ae67e58c3fcc4e4f759106f0747f9f3ec45893562ac4d3f
e77e99eec4f461a654e03f12d87ac1d866c8f9a8f687f7d1c8cc4607b029a7ff
e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48
e94be7829f08ffaff364aa8974af5db3f6d4c2bd2339454547d9ed15aa7752d5
ea1dc07a8462adc1de680c13135b4e0365c1c6bb72ccce3f1899527618af0457
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec50a99f783156f5e61173e6cdef676d1ced23ca1dc07c98ab84c1fe0e261b37
ed534c2ed462b4833b0f970f5b9852f0f0668be80197a04d8c8bbd7b95f3bc71
ed6000ae436062e81c720d3eaa8435f5e5d6c2c1fd732a21a89239833ea8bb9e
eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee7fa4e20c8cfad5a0ff8fa180aa8cce7f9f5f1cc1752e8f87d680bcbdcb07b9
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16d3840dcefb86d1c02a0d53d4da8ad527ad92b1b250ce9d96bcc2722a9ac81
f22d1cd62f219783841aabade1fe350e63a1f220fca96f10aeefc61e85bff4c5
f23763dbb48ed484ecb5d1a23242ff78af9fecc4c28b014ced9075646efa0133
f3a65d5133b75e37e484c90c52b2697289cb96570b91174243560c2fb5ead2b5
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
f47a5ea716187923f2221e0d575b8c5a68ea614e42de75b9e66f1cf684ec3212
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f5fc46f0a723b90c2c3f8aa4e032dea2a34498a7516c66dcfae9f6127ea90bbe
f6997099ab540c7bb41efc285603a07adc11e07b5f3b58a540559e414a40a096
f7edeba038e64fde7d388c1bac3946ea7157f6970a54ac828ad16ac874fe0261
fa580658e40e1b4dd3bf58da4644916a3405150d40ca0438e3c922af10ab3853
fcda8e056167509b7f01d30d2a82a4397735b3cdd673dfd489c6fea141b312e5
fd26d8422c7fa91ebca3a37dd9d891528e7c12496a4d01bc8d13fab36f826d3f