urlscan.io logo urlscan.io
SecurityTrails logo

www.gazettextra.com Open in urlscan Pro
192.104.183.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_0...
Submission: On January 07 via api from US — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 36 HTTP transactions. The main IP is 192.104.183.209, located in United States and belongs to LEE-ASN, US. The main domain is www.gazettextra.com. The Cisco Umbrella rank of the primary domain is 398795.
TLS certificate: Issued by WR1 on November 23rd 2024. Valid for: 3 months.
This is the only time www.gazettextra.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 192.104.183.209 10668 (LEE-ASN)
9 142.250.185.232 15169 (GOOGLE)
5 142.250.186.142 15169 (GOOGLE)
2 3 104.17.246.203 13335 (CLOUDFLAR...)
5 99.86.8.175 16509 (AMAZON-02)
1 216.239.34.36 15169 (GOOGLE)
3 216.239.32.36 15169 (GOOGLE)
3 66.102.1.156 15169 (GOOGLE)
2 142.250.185.131 15169 (GOOGLE)
1 142.250.185.142 15169 (GOOGLE)
1 142.250.181.238 15169 (GOOGLE)
36 11
5    192.104.183.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.us-east-1.vip.tn-cloud.net
www.gazettextra.com
9    142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net
www.googletagmanager.com
5    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
www.google-analytics.com
3    104.17.246.203 (None, )

ASN13335 (CLOUDFLARENET, US)
unpkg.com
5    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net
stats.g.doubleclick.net
2    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
www.google.at
1    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
ampcid.google.com
1    142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
ampcid.google.at
Apex Domain
Subdomains		 Transfer
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
765 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 3353
23 KB
5 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1935
41 KB
5 gazettextra.com
www.gazettextra.com — Cisco Umbrella Rank: 398795
35 KB
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4108
ampcid.google.com — Cisco Umbrella Rank: 6635
435 B
3 google.at
www.google.at — Cisco Umbrella Rank: 29383
ampcid.google.at — Cisco Umbrella Rank: 614592
879 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
966 B
3 unpkg.com
unpkg.com — Cisco Umbrella Rank: 740
4 KB
36 8
Domain Requested by
9 www.googletagmanager.com www.gazettextra.com
www.googletagmanager.com
5 cdn.segment.com www.gazettextra.com
cdn.segment.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 www.gazettextra.com www.gazettextra.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 region1.analytics.google.com www.googletagmanager.com
3 unpkg.com 2 redirects www.gazettextra.com
2 www.google.at www.gazettextra.com
1 ampcid.google.at www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
36 11

This site contains links to these domains. Also see Links.

Domain
gdpr-info.eu
Subject Issuer Validity Valid
gazettextra.com
WR1		 2024-11-23 -
2025-02-21		 3 months crt.sh
*.google-analytics.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M02		 2024-10-15 -
2025-11-14		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.at
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html
Frame ID: F3569F2754BEBC1C312BBB103970741F
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nation/World | gazettextra.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

36
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

11
IPs

2
Countries

869 kB
Transfer

2627 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://unpkg.com/web-vitals HTTP 302
  • https://unpkg.com/web-vitals@4.2.4 HTTP 302
  • https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request article_060f287b-77fa-5718-a106-a505a1c20473.html
www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
ececc9c221df6a046e409443d60ead1e349ab3bba34d2059bba1ca88d4e6dbce
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
0
content-encoding
gzip
content-length
2424
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Tue, 07 Jan 2025 05:16:42 GMT
link
<https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000
vary
X-IPCountry, Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-loop
1
x-robots-tag
noarchive
x-tncms
1.84.2; app2; 0.06s; 1.9M
x-ua-compatible
IE=edge
x-vcache
MISS
x-xss-protection
1; mode=block
csrf.js
www.gazettextra.com/shared-content/art/tncms/api/ 		940 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazettextra.com/shared-content/art/tncms/api/csrf.js
Requested by
Host: www.gazettextra.com
URL: https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.gazettextra.com
Referer
https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"67698278-3ac"
age
237
accept-ranges
bytes
content-length
537
date
Tue, 07 Jan 2025 05:12:45 GMT
last-modified
Mon, 23 Dec 2024 15:32:08 GMT
content-type
application/x-javascript
vary
Accept-Encoding
access.3e0b8030b6000aa9a609.js
www.gazettextra.com/shared-content/art/tncms/api/ 		71 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gazettextra.com/shared-content/art/tncms/api/access.3e0b8030b6000aa9a609.js
Requested by
Host: www.gazettextra.com
URL: https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.gazettextra.com
Referer
https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html

Response headers

x-vcache
HIT
cache-control
public, max-age=600
content-encoding
gzip
service-worker-allowed
/
etag
W/"67214290-11c3d"
age
159
accept-ranges
bytes
content-length
29787
date
Tue, 07 Jan 2025 05:14:03 GMT
last-modified
Tue, 29 Oct 2024 20:16:16 GMT
content-type
application/x-javascript
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		226 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: www.gazettextra.com
URL: https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
19f69b2fcc9e5128448f052df406771a579bf575fc6fa7da82579767ceba9e7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 07 Jan 2025 05:16:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 07 Jan 2025 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
79754
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		326 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M94PR6V
Requested by
Host: www.gazettextra.com
URL: https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
90dcb4a04bea5c42345f4127c7f9656cbed630d75d5d610d2b9d56b58fd6eafc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 07 Jan 2025 05:16:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 07 Jan 2025 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100957
x-xss-protection
0
server
Google Tag Manager
/
www.gazettextra.com/tncms/csrf/token/ 		520 B
873 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.gazettextra.com/tncms/csrf/token/
Requested by
Host: www.gazettextra.com
URL: https://www.gazettextra.com/shared-content/art/tncms/api/csrf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
a3e9d68f1ec03fdd148c38414f18ca26e4add71f0604302ed0042ea7befa9790
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html

Response headers

x-robots-tag
noarchive
content-encoding
gzip
age
0
x-content-type-options
nosniff
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
text/html; charset=UTF-8
vary
X-IPCountry, Accept-Encoding
x-frame-options
SAMEORIGIN
x-vcache
MISS
strict-transport-security
max-age=31536000
link
<https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms
1.84.2; app12; 0.01s; 0.6M
content-security-policy
upgrade-insecure-requests
x-loop
1
referrer-policy
strict-origin-when-cross-origin
content-length
364
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer&gtm=45He4cc1v72758733za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
7f9b02879c535e427ced24470d9a4c06d04a38856e7af2632ce39c3153a00559
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 07 Jan 2025 05:16:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 07 Jan 2025 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78476
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/ 		309 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer&gtm=45He4cc1v72758733za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c72cf2503dfe9223ecd90e43aa20a00a0553735ac73ad5f3cf1a55eb83564eac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 07 Jan 2025 05:16:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 07 Jan 2025 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
88169
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		242 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-250810467&l=dataLayer&cx=c&gtm=45He4cc1v79669307za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M94PR6V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
5f9d90dd65ba3499981cda6bdef490c74d66f788cdd764e3b065312d6df0f2d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 07 Jan 2025 05:16:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 07 Jan 2025 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
89924
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M94PR6V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
gzip
age
2117
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 07 Jan 2025 06:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 04:41:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.googletagmanager.com/gtag/ 		310 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B1FNL7FDM1&l=dataLayer&cx=c&gtm=45He4cc1v79669307za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M94PR6V
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ddfb623c7d20b88a4fa83a303221196bfb6ab1662456c41c53cd04dc0ec558a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 07 Jan 2025 05:16:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106837
x-xss-protection
0
server
Google Tag Manager
web-vitals.iife.js
unpkg.com/web-vitals@4.2.4/dist/
Redirect Chain
  • https://unpkg.com/web-vitals
  • https://unpkg.com/web-vitals@4.2.4
  • https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/web-vitals@4.2.4/dist/web-vitals.iife.js
Requested by
Host: www.gazettextra.com
URL: https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html
Protocol
H2
Server
104.17.246.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"1c3a-LeUC6s/Gcko0wscq5NFJGfOy9Yg"
age
1122283
x-content-type-options
nosniff
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01JFY4STYAERRC0PVDEWBHN6V1-waw
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8fe17a2f9e765ac1-VIE
access-control-allow-origin
*
server
cloudflare

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
location
/web-vitals@4.2.4/dist/web-vitals.iife.js
content-encoding
br
cf-cache-status
HIT
age
1208963
x-content-type-options
nosniff
via
1.1 fly.io
cf-ray
8fe17a2f6e635ac1-VIE
access-control-allow-origin
*
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
fly-request-id
01JFVJ4J97NX7GMACVR33Y6AFX-fra
server
cloudflare
js
www.googletagmanager.com/gtag/ 		308 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4cc1v861227858za200zb72758733
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer&gtm=45He4cc1v72758733za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
168890f60964ab24096268b6c9058c6530206ecfbb63ee01290a29da468f6b92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 07 Jan 2025 05:16:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106617
x-xss-protection
0
server
Google Tag Manager
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by
Host: www.gazettextra.com
URL: https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c61fcc1401e2278735bea5d306ca0cc32b93ccdf62ec8179ed0c999545b5502b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
cknvhRie0d.5LSRvFhB35AONaxh2m0FR
etag
W/"ca62e8a5580d4550920a84f5b7875661"
age
63
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
M48J6CAMEGzj6JKzRD3U03knsf0NtV7u9O0hmXEZP1HU0ELvBOPDYw==
date
Tue, 07 Jan 2025 05:15:40 GMT
content-type
text/javascript; charset=utf-8
vary
accept-encoding
last-modified
Tue, 19 Nov 2024 19:35:36 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=120
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-250810467&gtm=45je4cc1z879669307za200zb79669307&_p=1736227002489&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=373760959.1736227003&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1736227002&sct=1&seg=0&dl=https%3A%2F%2Fwww.gazettextra.com%2Fnews%2Fnation_world%2Fprosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details%2Farticle_060f287b-77fa-5718-a106-a505a1c20473.html&dt=Nation%2FWorld%20%7C%20gazettextra.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=755
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-250810467&l=dataLayer&cx=c&gtm=45He4cc1v79669307za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.gazettextra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
text/plain
server
Golfe2
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B1FNL7FDM1&gtm=45je4cc1v881491034z879669307za200zb79669307&_p=1736227002489&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=373760959.1736227003&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1736227002&sct=1&seg=0&dl=https%3A%2F%2Fwww.gazettextra.com%2Fnews%2Fnation_world%2Fprosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details%2Farticle_060f287b-77fa-5718-a106-a505a1c20473.html&dt=Nation%2FWorld%20%7C%20gazettextra.com&en=page_view&_fv=1&_ss=1&ep.e_edition=false&ep.gtm_tag_name=GA4%20-%20Page%20View&tfd=775
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1FNL7FDM1&l=dataLayer&cx=c&gtm=45He4cc1v79669307za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.gazettextra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B1FNL7FDM1&cid=373760959.1736227003&gtm=45je4cc1v881491034z879669307za200zb79669307&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1FNL7FDM1&l=dataLayer&cx=c&gtm=45He4cc1v79669307za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.gazettextra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.at/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.at/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B1FNL7FDM1&cid=373760959.1736227003&gtm=45je4cc1v881491034z879669307za200zb79669307&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1015761542
Requested by
Host: www.gazettextra.com
URL: https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 07 Jan 2025 05:16:42 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
br
age
2894
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Tue, 07 Jan 2025 05:28:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 04:28:28 GMT
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
697
x-xss-protection
0
server
sffe
collect
www.google-analytics.com/j/ 		3 B
424 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=746659520&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gazettextra.com%2Fnews%2Fnation_world%2Fprosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details%2Farticle_060f287b-77fa-5718-a106-a505a1c20473.html&dp=%2Fnews%2Fnation_world%2Fprosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details%2Farticle_060f287b-77fa-5718-a106-a505a1c20473.html&ul=de-at&de=UTF-8&dt=Nation%2FWorld%20%7C%20gazettextra.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUAjAAAAACAFK~&jid=566725127&gjid=1733686739&cid=373760959.1736227003&tid=UA-105251766-1&_gid=1169313875.1736227003&_slc=1&gtm=45He4cc1n81M94PR6Vv79669307za200&cd1=GTM-M94PR6V&cd2=13&cd3=&cd5=2025-01-07%2006%3A16%3A42.677%20GMT%2B0100(GMT%2B1)&cd6=1736227002682.ku75peu&cd7=2025-01-07%2006%3A16%3A42.682%20GMT%2B0100(GMT%2B1)&cd8=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F131.0.0.0%20Safari%2F537.36&cd9=false&cd10=desktop&cd11=unidentified&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&npa=1&z=1669366190
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.gazettextra.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.gazettextra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-105251766-1&cid=373760959.1736227003&jid=566725127&gjid=1733686739&_gid=1169313875.1736227003&npa=1&_u=aCDAgUAjAAAAAGAFKAC~&z=1011711477
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.gazettextra.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://www.gazettextra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
publisher:getClientId
ampcid.google.com/v1/ 		74 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
ESF /
Resource Hash
60e3652be9b9cfdb2227f963d0f4ddb58ad4bdd13c451cadaed6373d89b521ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.gazettextra.com/

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.gazettextra.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94
date
Tue, 07 Jan 2025 05:16:43 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4cc1v887101457z8861227858za200zb861227858&_p=1736227002489&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=373760959.1736227003&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=Nation%2FWorld&dl=https%3A%2F%2Fwww.gazettextra.com%2Fnews%2Fnation_world%2Fprosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details%2Farticle_060f287b-77fa-5718-a106-a505a1c20473.html&sid=1736227002&sct=1&seg=0&en=exception&_fv=1&_ss=1&ep.content_type=article&ep.canonical_url=null&ep.content_group=%2Fnews%2Fnation_world&epn.townnews_crm_group_id=287&ep.generator=BLOX&ep.generator_version=1.84.2&ep.description=451%3A%20Nation%2FWorld&ep.fatal=true&tfd=879
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4cc1v861227858za200zb72758733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.gazettextra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=373760959.1736227003&gtm=45je4cc1v887101457z8861227858za200zb861227858&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4cc1v861227858za200zb72758733
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.gazettextra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.at/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.at/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=373760959.1736227003&gtm=45je4cc1v887101457z8861227858za200zb861227858&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=805823599
Requested by
Host: www.gazettextra.com
URL: https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 07 Jan 2025 05:16:42 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 		10 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecdef5c78d0a9334f51214a96be27839e202e261051445359328c5e8dd2af13a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
AQinuEJT.z.UEC_DFLs1ij9uoT5_b7cR
etag
W/"fce9f704656b26e62666fed4fc228a18"
age
9239
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
3EA68TGYsh4WQEbnPFD4qPj7eH0-valHKE2Hwn_CwSsjbcOHyYnMxQ==
date
Tue, 07 Jan 2025 02:42:44 GMT
content-type
application/json; charset=utf-8
vary
accept-encoding
last-modified
Tue, 17 Dec 2024 19:16:16 GMT
x-amz-replication-status
COMPLETED
cache-control
public, max-age=10800
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		138 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js
Requested by
Host: www.gazettextra.com
URL: https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dcddcb4486e8df41017fdc06d16777e0609a3053abd3d515449164c8e354ca6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 07 Jan 2025 05:16:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:42 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 07 Jan 2025 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
53551
x-xss-protection
0
server
Google Tag Manager
favicon.ico
www.gazettextra.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gazettextra.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.us-east-1.vip.tn-cloud.net
Software
/
Resource Hash
3cfb2fd264544fdd1f88037c7a6182f670f5ed0a5c743ae91c771502ec45c5c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html

Response headers

x-vcache
HIT
cache-control
public, max-age=43200
etag
"592721cd-47e"
age
10199
accept-ranges
bytes
content-length
1150
date
Tue, 07 Jan 2025 02:26:43 GMT
last-modified
Thu, 25 May 2017 18:26:21 GMT
content-type
image/x-icon
tsub-middleware.bundle.c0f5511a001f780f591f.js
cdn.segment.com/analytics-next/bundles/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/tsub-middleware.bundle.c0f5511a001f780f591f.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"f7b3d2021df83853b191aefa39a74b15"
x-amz-version-id
ot1syIPz_4SEEXctAcFzoJMAfu_hQEig
age
14298744
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
FOFyPqZ078DMb1rU5SJf54F0sb8L5H_g62J6ePtaqJOHHgNkaCAeUg==
date
Thu, 25 Jul 2024 17:24:20 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 23 Jul 2024 22:02:58 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id
7HrcoEDii4CJjqNCahwryaG4L.vk9kns
age
9527352
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
OiRvolnc7o1pE-nZt0F2SIL8QlcYpOjTQrFofy7b4mm5YnvReiF4wQ==
date
Wed, 18 Sep 2024 22:47:32 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Wed, 18 Sep 2024 22:21:40 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id
u16VcQlfwBtHRZyWZ3J5lA.kF3ts0Fc8
age
9691513
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
roV_sV1aa4HXLboBG3PIaaB1FdUshNVHbi_fausWQLts0cGDX4gRgg==
date
Tue, 17 Sep 2024 01:11:31 GMT
content-type
application/javascript
vary
Accept-Encoding
last-modified
Mon, 16 Sep 2024 16:03:18 GMT
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,immutable
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		211 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-105251766-1&l=dataLayer&cx=c&gtm=45He4cc1v72758733za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0da316b950aa5b80f371418dbcc4e639831748a7d91c043fadf4f1fea9217a26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 07 Jan 2025 05:16:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:43 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 07 Jan 2025 03:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
77442
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105251766-1&l=dataLayer&cx=c&gtm=45He4cc1v72758733za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

content-encoding
gzip
age
2117
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 07 Jan 2025 06:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 04:41:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
publisher:getClientId
ampcid.google.at/v1/ 		3 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.at/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.gazettextra.com/

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.gazettextra.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Tue, 07 Jan 2025 05:16:43 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
ESF
x-frame-options
SAMEORIGIN
collect
www.google-analytics.com/j/ 		3 B
26 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=746659520&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.gazettextra.com%2Fnews%2Fnation_world%2Fprosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details%2Farticle_060f287b-77fa-5718-a106-a505a1c20473.html&ul=de-at&de=UTF-8&dt=Nation%2FWorld%20%7C%20gazettextra.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=browser_info&ea=incognito&el=false&_u=aCDAAUAjAAQCAGAFKAC~&jid=535978768&gjid=1926969472&cid=373760959.1736227003&tid=UA-NULL&_gid=1169313875.1736227003&_r=1&_slc=1&gtm=45He4cc1n81M94PR6Vv79669307za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&npa=1&z=1286227016
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.gazettextra.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:43 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.gazettextra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B1FNL7FDM1&gtm=45je4cc1v881491034za200zb79669307&_p=1736227002489&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=373760959.1736227003&ul=de-at&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1736227002&sct=1&seg=0&dl=https%3A%2F%2Fwww.gazettextra.com%2Fnews%2Fnation_world%2Fprosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details%2Farticle_060f287b-77fa-5718-a106-a505a1c20473.html&dt=Nation%2FWorld%20%7C%20gazettextra.com&en=scroll&ep.e_edition=false&epn.percent_scrolled=90&_et=5&tfd=5781
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B1FNL7FDM1&l=dataLayer&cx=c&gtm=45He4cc1v79669307za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.gazettextra.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.gazettextra.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 07 Jan 2025 05:16:47 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer boolean| tncms_access_control_sync object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| TNCMS object| analytics object| gaGlobal function| onYouTubeIframeAPIReady object| gaplugins object| gaData object| webVitals number| randomInt number| percentToSample function| sendToGTM object| googletag object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext function| gtag function| _asGetYouTubeIframes object| _asVideos string| sUserId

9 Cookies

Domain/Path Name / Value
.gazettextra.com/ Name: _ga_250810467
Value: GS1.1.1736227002.1.0.1736227002.0.0.0
.gazettextra.com/ Name: _ga_B1FNL7FDM1
Value: GS1.1.1736227002.1.0.1736227002.60.0.0
.gazettextra.com/ Name: _gid
Value: GA1.2.1169313875.1736227003
.gazettextra.com/ Name: _dc_gtm_UA-105251766-1
Value: 1
.gazettextra.com/ Name: _ga_4T2EB147B8
Value: GS1.1.1736227002.1.0.1736227002.60.0.0
.gazettextra.com/ Name: ajs_anonymous_id
Value: fdb0bdb1-abbd-4c1f-869f-3ac966bf8833
.gazettextra.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.gazettextra.com/ Name: _ga
Value: GA1.2.373760959.1736227003
.gazettextra.com/ Name: _gat_UA-NULL
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://www.gazettextra.com/news/nation_world/prosecutors-at-donald-trumps-hush-money-trial-zero-in-on-the-details/article_060f287b-77fa-5718-a106-a505a1c20473.html
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://www.gazettextra.com/tncms/csrf/token/
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.at
ampcid.google.com
cdn.segment.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
unpkg.com
www.gazettextra.com
www.google-analytics.com
www.google.at
www.googletagmanager.com
104.17.246.203
142.250.181.238
142.250.185.131
142.250.185.142
142.250.185.232
142.250.186.142
192.104.183.209
216.239.32.36
216.239.34.36
66.102.1.156
99.86.8.175
0da316b950aa5b80f371418dbcc4e639831748a7d91c043fadf4f1fea9217a26
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
168890f60964ab24096268b6c9058c6530206ecfbb63ee01290a29da468f6b92
19f69b2fcc9e5128448f052df406771a579bf575fc6fa7da82579767ceba9e7c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
3cfb2fd264544fdd1f88037c7a6182f670f5ed0a5c743ae91c771502ec45c5c5
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81
5f9d90dd65ba3499981cda6bdef490c74d66f788cdd764e3b065312d6df0f2d2
60e3652be9b9cfdb2227f963d0f4ddb58ad4bdd13c451cadaed6373d89b521ce
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7f9b02879c535e427ced24470d9a4c06d04a38856e7af2632ce39c3153a00559
90dcb4a04bea5c42345f4127c7f9656cbed630d75d5d610d2b9d56b58fd6eafc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4
a3e9d68f1ec03fdd148c38414f18ca26e4add71f0604302ed0042ea7befa9790
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba
c61fcc1401e2278735bea5d306ca0cc32b93ccdf62ec8179ed0c999545b5502b
c72cf2503dfe9223ecd90e43aa20a00a0553735ac73ad5f3cf1a55eb83564eac
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
dcddcb4486e8df41017fdc06d16777e0609a3053abd3d515449164c8e354ca6a
ddfb623c7d20b88a4fa83a303221196bfb6ab1662456c41c53cd04dc0ec558a6
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecdef5c78d0a9334f51214a96be27839e202e261051445359328c5e8dd2af13a
ececc9c221df6a046e409443d60ead1e349ab3bba34d2059bba1ca88d4e6dbce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f759996a85b1ddf539ef3f16fdca3d39e48f670aef69e82c6200cc2b5f9f47bd