urlscan.io logo urlscan.io
SecurityTrails logo

www.spokesman.com Open in urlscan Pro
2600:9000:21f3:4400:0:b5fb:e6c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.webservice-pp.com/
Effective URL: https://www.spokesman.com/
Submission: On October 26 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 4 countries across 27 domains to perform 125 HTTP transactions. The main IP is 2600:9000:21f3:4400:0:b5fb:e6c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.spokesman.com. The Cisco Umbrella rank of the primary domain is 181920.
TLS certificate: Issued by Amazon on July 20th 2022. Valid for: a year.
This is the only time www.spokesman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.204.70.169 14618 (AMAZON-AES)
1 1 2600:9000:21f... 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
5 2600:9000:20e... 16509 (AMAZON-02)
8 2600:9000:21f... 16509 (AMAZON-02)
11 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:20e... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2 107.178.250.234 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
9 2606:2800:233... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 3.219.38.131 14618 (AMAZON-AES)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.101 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 35.227.203.93 15169 (GOOGLE)
1 2a03:2880:f12... 32934 (FACEBOOK)
18 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 13.225.78.112 16509 (AMAZON-02)
1 2600:1f16:bc:... 16509 (AMAZON-02)
1 34.96.74.203 396982 (GOOGLE-CL...)
2 2606:2800:133... 15133 (EDGECAST)
1 2600:1f14:600... 16509 (AMAZON-02)
1 52.89.126.190 16509 (AMAZON-02)
1 172.67.75.166 13335 (CLOUDFLAR...)
1 3 2600:1f14:600... 16509 (AMAZON-02)
2 52.216.107.12 16509 (AMAZON-02)
1 54.203.81.50 16509 (AMAZON-02)
2 13.69.106.217 8075 (MICROSOFT...)
2 13.85.16.224 8075 (MICROSOFT...)
125 39
1    54.204.70.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-70-169.compute-1.amazonaws.com
www.webservice-pp.com
1    2600:9000:21f3:d600:13:3ce1:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
spokesman.com
1    2600:9000:21f3:4400:0:b5fb:e6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.spokesman.com
5    2600:9000:20eb:4400:2:4597:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
thumb.spokesman.com
8    2600:9000:21f3:7600:1e:dc88:cb00:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.spokesman.com
11    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2600:9000:20eb:6000:18:730a:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.spokesman.com
9    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
9    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
loader-cdn.azureedge.net
cdn.sbgsodufuosmmvsdf.info
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
cdn.czx5eyk0exbhwp43ya.biz
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
588933f7ad1de15d1e87037103fe6cef.safeframe.googlesyndication.com
2    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    3.219.38.131 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-38-131.compute-1.amazonaws.com
www.i.matheranalytics.com
6    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
7    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    13.224.189.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-101.fra2.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
1    2600:9000:20eb:f200:14:c3e7:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aamcftag.aamsitecertifier.com
1    35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com
pymx5.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
18    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    13.225.78.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-112.fra2.r.cloudfront.net
certify.alexametrics.com
1    2600:1f16:bc:1201:750e:b3a:3b3d:43b3 (Columbus, United States)

ASN16509 (AMAZON-02, US)
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    34.96.74.203 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.74.96.34.bc.googleusercontent.com
api.pymx5.com
2    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2600:1f14:600:6e00:f5ab:d4b1:b508:c0cd (Boardman, United States)

ASN16509 (AMAZON-02, US)
aamapi.com
1    52.89.126.190 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-126-190.us-west-2.compute.amazonaws.com
aamcf.aamsitecertifier.com
1    172.67.75.166 (United States)

ASN13335 (CLOUDFLARENET, US)
api-mg2.db-ip.com
3    2600:1f14:600:6e02:fa99:4bc:327d:2aa3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
api-54-203-81-50.aamapi.com
2    52.216.107.12 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
1    54.203.81.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-81-50.us-west-2.compute.amazonaws.com
api-54-203-81-50.aamapi.com
2    13.69.106.217 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-spokesman-proxy-connext.azurewebsites.net
Apex Domain
Subdomains		 Transfer
26 googlesyndication.com
588933f7ad1de15d1e87037103fe6cef.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
355 KB
20 spokesman.com
spokesman.com — Cisco Umbrella Rank: 120721
www.spokesman.com — Cisco Umbrella Rank: 181920
thumb.spokesman.com — Cisco Umbrella Rank: 180524
static.spokesman.com — Cisco Umbrella Rank: 308304
media.spokesman.com — Cisco Umbrella Rank: 268090
6 MB
14 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
190 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2668
40 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
2 KB
7 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 10761
www.i.matheranalytics.com — Cisco Umbrella Rank: 10567
44 KB
5 aamapi.com
aamapi.com — Cisco Umbrella Rank: 23849
api-54-203-81-50.aamapi.com
7 KB
5 czx5eyk0exbhwp43ya.biz
cdn.czx5eyk0exbhwp43ya.biz — Cisco Umbrella Rank: 26321
2 MB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 363
109 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
140 KB
3 azureedge.net
loader-cdn.azureedge.net — Cisco Umbrella Rank: 25747
fp-cdn.azureedge.net — Cisco Umbrella Rank: 30126
g2insights-cdn.azureedge.net — Cisco Umbrella Rank: 29969
108 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
178 KB
2 azurewebsites.net
prod-spokesman-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 411128
1 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 770
408 B
2 amazonaws.com
paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 36674
2 KB
2 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1984
44 KB
2 pymx5.com
pymx5.com — Cisco Umbrella Rank: 80872
api.pymx5.com — Cisco Umbrella Rank: 87433
10 KB
2 aamsitecertifier.com
aamcftag.aamsitecertifier.com — Cisco Umbrella Rank: 59899
aamcf.aamsitecertifier.com — Cisco Umbrella Rank: 35185
26 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8724
www.google.de — Cisco Umbrella Rank: 6045
1 KB
1 db-ip.com
api-mg2.db-ip.com — Cisco Umbrella Rank: 23503
789 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify.alexametrics.com — Cisco Umbrella Rank: 6052
551 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
185 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
5 KB
1 sbgsodufuosmmvsdf.info
cdn.sbgsodufuosmmvsdf.info — Cisco Umbrella Rank: 37796
2 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1404
578 B
1 webservice-pp.com
www.webservice-pp.com
458 B
125 27
Domain Requested by
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.spokesman.com
tpc.googlesyndication.com
cdn.ampproject.org
11 securepubads.g.doubleclick.net www.spokesman.com
securepubads.g.doubleclick.net
www.googletagservices.com
9 www.google-analytics.com www.googletagmanager.com
www.spokesman.com
az416426.vo.msecnd.net
8 static.spokesman.com www.spokesman.com
static.spokesman.com
7 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 www.google.com 1 redirects www.spokesman.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 cdn.czx5eyk0exbhwp43ya.biz loader-cdn.azureedge.net
cdn.czx5eyk0exbhwp43ya.biz
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 www.i.matheranalytics.com www.spokesman.com
5 media.spokesman.com www.spokesman.com
5 thumb.spokesman.com www.spokesman.com
4 api-54-203-81-50.aamapi.com 1 redirects www.spokesman.com
3 www.googletagservices.com securepubads.g.doubleclick.net
3 www.googletagmanager.com www.spokesman.com
www.googletagmanager.com
g2insights-cdn.azureedge.net
2 prod-spokesman-proxy-connext.azurewebsites.net cdn.czx5eyk0exbhwp43ya.biz
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 paywall-ad-bucket.s3.amazonaws.com cdn.czx5eyk0exbhwp43ya.biz
2 az416426.vo.msecnd.net loader-cdn.azureedge.net
cdn.czx5eyk0exbhwp43ya.biz
2 stats.g.doubleclick.net www.google-analytics.com
az416426.vo.msecnd.net
2 js.matheranalytics.com 1 redirects www.spokesman.com
1 api-mg2.db-ip.com fp-cdn.azureedge.net
1 googleads.g.doubleclick.net
1 aamcf.aamsitecertifier.com
1 aamapi.com aamcftag.aamsitecertifier.com
1 g2insights-cdn.azureedge.net loader-cdn.azureedge.net
1 fp-cdn.azureedge.net loader-cdn.azureedge.net
1 api.pymx5.com pymx5.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1 certify.alexametrics.com
1 www.facebook.com
1 pymx5.com www.googletagmanager.com
1 aamcftag.aamsitecertifier.com www.spokesman.com
1 d31qbv1cthcecs.cloudfront.net www.spokesman.com
1 cdn.sbgsodufuosmmvsdf.info loader-cdn.azureedge.net
1 polyfill.io loader-cdn.azureedge.net
1 www.google.de www.spokesman.com
1 588933f7ad1de15d1e87037103fe6cef.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 loader-cdn.azureedge.net static.spokesman.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.spokesman.com
1 spokesman.com 1 redirects
1 www.webservice-pp.com 1 redirects
125 44
Subject Issuer Validity Valid
spokesman.com
Amazon		 2022-07-20 -
2023-08-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-04		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.i.matheranalytics.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
sni22a5egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.aamsitecertifier.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.pymx5.com
Go Daddy Secure Certificate Authority - G2		 2022-09-01 -
2023-09-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-04 -
2022-11-02		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
certify.alexametrics.com
Amazon		 2022-05-30 -
2023-06-28		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2022-09-12 -
2023-10-11		 a year crt.sh
snibe7egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-31 -
2023-03-03		 a year crt.sh
aamapi.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-17 -
2023-05-17		 a year crt.sh
*.aamapi.com
R3		 2022-09-25 -
2022-12-24		 3 months crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 05		 2022-09-07 -
2023-09-02		 a year crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 01		 2022-03-14 -
2023-03-09		 a year crt.sh

This page contains 8 frames:

Primary Page: https://www.spokesman.com/
Frame ID: 18E781EA7508B6F5DB9D5EC9C5847886
Requests: 82 HTTP requests in this frame

Frame: https://588933f7ad1de15d1e87037103fe6cef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 693752E3C929E411C9496A227BCC37C9
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvODMMujqpKo8421-rIQ_3RtgBYzB7v7D2at9c0o74_xx-_IR3-PcJie8PHa6m7wTMxRdOff5zMCMbPg7Rt3GJqUFXQnmaBhGoAfFGUBT-Du8YXR_5a-C4ud6oRrfvslsjwWfzPUJD8UP675FCsVaPoSMLG-kKYeB1DbdQeKGKQNdntdGyA0G8xgE9_S1SHXrpsGhsXY328C9um75jEJOGRvF9UCHvqCXjvx5EGnjYLMJmMIJrhJj0ovjhulgB0zW-Gyva0u7kBuG1qIShs84vPCpYMHZkus9oaIB6lik7u8Fqxk1CUZzXlbQ-INeXmw_OodHm9oM36D-agEU_BzoxHVqr0F042sdbqCsmN5yKIjlGIiK_lBhwaAQ&sai=AMfl-YSBNl8u9MIIVTJ7elDka6SdLFLO1rhAqkYMQdb9Dpx1rQqjQn1b3dAMO6cQBBr11-xUSAykq83cOn5ZL4JqeyqsWdiuDh8i1T3sRJWggw9rgu9sHrj_hg15ij9Y_6MId4si&sig=Cg0ArKJSzLynHXPGMH3XEAE&uach_m=[UACH]&adurl=
Frame ID: 7C60E80CA0CF94870F196C40C576E599
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIQkJfPehTh6Cl6SdVueqyd8y33BVZh9P_rV39orRTSzT7MnaG7xOBUrhF0vICNwvYeUvjpZ_8w2F_NgVsFTVbkdcO8sz1LVg5RNm9d4eStirwLgksuSfm5-AwHFMwVr6OojIZLdCd30pzV64M0G1Q2XU4J28Bx5iQqg39cPM0s4Pf4M5TiGA2qfjDHv0iV3w8KxXSsfMmE77HZsrYewBWlaMBoK25WVaWc3e6s8ZrxhxiQSma5LCYYXrDCvv4BmIByofTF7n2_fLlINq_l7Q5nVkvysN2z1x57Ts1veGjnQuI74jkyFVnQMhtP8IZ1-3obaMiATYCbq9cOoKshhM8ppToy3DQOtuBncrMyg&sai=AMfl-YQku3zUZElpMz2peT5MXZfsp1N20ez7qykxoaIPvL8MexZWbS4axMoZbVAUkUoPZybsDMt37Fsk2pZy-XWaAmobGsh2DZoNOpMRsmTdkrBr9VCHHkOcOXod-RbBDv_A4jQj&sig=Cg0ArKJSzCRzgG7hR1B1EAE&uach_m=[UACH]&adurl=
Frame ID: E3D3A55061B589B1776DA978C2F8FFAF
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaq9vAl2953ahtjnQUCvxeddyTwOZUTHInZB-3CHNHr609d6SyvBnunIydJUyZbw5utmevnGVotR0_yaaGdaXHtTAmu5ZzrtT-yhno2O7UxH_ttE0rMt5KVEOVMUkde4gUbzU4CO1rnzdmanfNVWmruxFTi1JZsnZgNt6z4kQ69Dd3SQ2F1S7s7g6fiPqOI_Ft2rOZxf67XTHGoWQA4vReAOZI9EUmRcqt_DQnfir46ingt6jn8SsPdwe1GmfMeXh-urvUlxLiDKtWWIc-jsgvLC7b3yPe6XSfST7mhZt-H4Q77C4U4QE278dSzVpidEulI5mpCJBIZqbt2e8SgwTGM2FiKw&sai=AMfl-YTn5ba9b1KvmKXRrl0oQusxWnHElV4BnYUZmHgZ_kUJxH4X22YUaPLg6zs7Rtp633Gkh2MkTrm3ey7GTNh-e44qbGG_K-pvFjqwEJa8O2t5TcgftF0gx9ufQwsS0Pyxfz0m&sig=Cg0ArKJSzDZTklLY_aRtEAE&uach_m=[UACH]&adurl=
Frame ID: 383F9B1B47A9CD4F96E2BCBE0AB08BDC
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Frame ID: 7181921898E47A42913B1D3E127BF6FF
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 105BF28790987F126D2E94A2C27453B7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 479F63F87D2090AE3C47C4AF64D415F7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Spokesman-Review | Local News, Business, Entertainment, Sports & Weather for Eastern WashingtonArrow-rightCameraThe Spokesman-Review NewspaperThe Spokesman-Review NewspaperThe Spokesman-ReviewClose

Page URL History Show full URLs

  1. https://www.webservice-pp.com/ HTTP 307
    https://spokesman.com/ HTTP 301
    https://www.spokesman.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

125
Requests

98 %
HTTPS

68 %
IPv6

27
Domains

44
Subdomains

39
IPs

4
Countries

9312 kB
Transfer

13818 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.webservice-pp.com/ HTTP 307
    https://spokesman.com/ HTTP 301
    https://www.spokesman.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://js.matheranalytics.com/s/ma20153/575681700/ml.js?cb3=1608 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
Request Chain 95
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 114
  • https://api-54-203-81-50.aamapi.com/api/x?LKqwxm1aAONCmjrT$dXJsJDAkaHR0cHM6Ly93d3cuc3Bva2VzbWFuLmNvbS8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQwIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDEiLCJ3aW5kb3ckMCQxNjAweDEyMDAiLCJpbm5lciQwJDE2MDB4MTIwMCIsIm91dGVyJDAkMTYwMHgxMjAwIiwibG9jYWxTdG9yYWdlJDAkMSIsInNlc3Npb25TdG9yYWdlJDAkMSIsImFwcENvZGVOYW1lJDAkTW96aWxsYSIsImFwcE5hbWUkMCROZXRzY2FwZSIsImFwcFZlcnNpb24kMCQ1LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNi4wLjUyNDkuMTE5IFNhZmFyaS81MzcuMzYiLCJjb29raWVFbmFibGVkJDAkdHJ1ZSIsImRvTm90VHJhY2skMCQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDAkNCIsImxhbmd1YWdlJDAkZW4tVVMiLCJwbGF0Zm9ybSQwJFdpbjMyIiwicHJvZHVjdCQwJEdlY2tvIiwicHJvZHVjdFN1YiQwJDIwMDMwMTA3Iiwic2VuZEJlYWNvbiQwJDEiLCJ1c2VyQWdlbnQkMCRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA2LjAuNTI0OS4xMTkgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQwJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDAkIiwiZm9udHJlbmRlciQxJDEiLCJ3ZWJnbCQ1JDEiLCJ0aW1lJDUkMTY2Njc0NjE2MzkzNCIsInRpbWV6b25lJDUkMCIsInBsdWdpbnMtdGltZSQ1JDAuMSIsInBsdWdpbnMkNSRiNmQwNTU1OCIsIm1lbS10b3RhbEpTSGVhcFNpemUkNSQxNS4yIiwibWVtLXVzZWRKU0hlYXBTaXplJDUkMTAiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDUkMzc2MCIsInRpbWUtZmlyc3RQYWludCQ1JDcxNCIsInRpbWUtZmV0Y2hTdGFydCQ1JDUwMCIsInRpbWUtZG9tYWluTG9va3VwU3RhcnQkNSQ1MDAiLCJ0aW1lLWRvbWFpbkxvb2t1cEVuZCQ1JDUwOSIsInRpbWUtY29ubmVjdFN0YXJ0JDUkNTA5IiwidGltZS1jb25uZWN0RW5kJDUkNTQ3IiwidGltZS1zZWN1cmVDb25uZWN0aW9uU3RhcnQkNSQ1MjUiLCJ0aW1lLXJlcXVlc3RTdGFydCQ1JDU0NyIsInRpbWUtcmVzcG9uc2VTdGFydCQ1JDU2OCIsInRpbWUtcmVzcG9uc2VFbmQkNSQ1ODMiLCJ0aW1lLWRvbUxvYWRpbmckNSQ1NzEiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDUkNzc1IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQ1JDgwNSIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50RW5kJDUkODA1IiwidGltZS1kb21Db21wbGV0ZSQ1JDE0OTkiLCJ0aW1lLWxvYWRFdmVudFN0YXJ0JDUkMTQ5OSIsInRpbWUtbG9hZEV2ZW50RW5kJDUkMTUwMCIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQ2JDAiLCJuYXZpZ2F0aW9uLXR5cGUkNiRuYXZpZ2F0ZSIsImdsb2JhbHMtdGltZSQxMyQwLjUiLCJnbG9iYWxzJDEzJGJhYTc5MmMwIiwiZG9jdW1lbnQtdGltZSQyMCQwLjUiLCJkb2N1bWVudCQyMCQ3OTU5NjA3YSIsImNvbm5lY3Rpb24kMjAkIiwiZG93bmxpbmtNYXgkMjAkIiwiZ2V0VXNlck1lZGlhJDIwJDIiLCJjbG9jayQyNCQ1MzIzIiwiYmF0dGVyeSQ3NSQxIDEgMCBJbmZpbml0eSIsImludGVyc2VjdGlvbi1zaXplJDc2JDE2MDB4MTIwMCIsImludGVyc2VjdGlvbiQ3NiQxMiIsImF1ZGlvY29udGV4dCQ3NiRmN2U3MTJkOSIsInNvcnQkODckMTAuOSIsImZyYW1lcmF0ZSQxMzckNTA HTTP 302
  • https://api-54-203-81-50.aamapi.com:444/api/4?LKqwxm1aAONCmjrT

125 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.spokesman.com/
Redirect Chain
  • https://www.webservice-pp.com/
  • https://spokesman.com/
  • https://www.spokesman.com/
236 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4400:0:b5fb:e6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
52325baf632ab7176ba3797ef81673893280681d5b0248dc53c6ea9107192c9f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
231
cache-control
max-age=300
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 26 Oct 2022 00:58:51 GMT
referrer-policy
same-origin
server
nginx/1.22.1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,Cookie
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-amz-cf-id
Mg05SQ1se2EX9K-uYrdkEE6ESBjPKe5m9O8AaY5bCsuf_RdmT1iSEg==
x-amz-cf-pop
FRA2-C2
x-amzn-trace-id
Root=1-6358864a-038b0d53481cb1324b6ddb6c
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
noarchive

Redirect headers

age
843
content-length
0
date
Wed, 26 Oct 2022 00:48:40 GMT
location
https://www.spokesman.com/
server
AmazonS3
via
1.1 71dbd5706c5b0c7b733248e1171f2d4e.cloudfront.net (CloudFront)
x-amz-cf-id
6ueDrSj5VVKBAgjOo_0Vx8rTROR4K-YUzmXswSS2ozxpksso3IUNJw==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
sr-loader.png
thumb.spokesman.com/uO6q6eDqVn9RLDznlEJuDvMVKgE=/600x0/media.spokesman.com/graphics/2018/07/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/uO6q6eDqVn9RLDznlEJuDvMVKgE=/600x0/media.spokesman.com/graphics/2018/07/sr-loader.png
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4400:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Thumbor/6.7.5 /
Resource Hash
ab2e65cd767ab27b65e3bd2f97ffa0163af196c8a0eceb292f5d57527c9adce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 08 Jul 2022 12:02:11 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
FRA2-C1
age
9464431
etag
"7b6592542ec6d8d4377eb143251c2f5b7d76aad9"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
11662
x-amz-cf-id
BaSoKgqr03Lgi3y0c8iyLb-ljXXW1DSUoz9ifl1o6Vgx1eRsncL5qA==
expires
Mon, 03 Jul 2023 12:02:11 GMT
style.min.ed3b82c84f94.css
static.spokesman.com/sv3/css/ 		319 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/sv3/css/style.min.ed3b82c84f94.css
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7600:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a68eaceb4ef568eb84fed47013d6eb89e75fa21a4b9373aa764fbd9a181b3e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 18:44:53 GMT
content-encoding
gzip
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 18:34:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
1145870
etag
W/"ed3b82c84f946bcc3368fdfd2dda81b3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
x-amz-cf-id
bRZIPd1KpvUYbkRXd697xYa2oomAnGURsSc2IIQXdTNSwvLk5UMTdQ==
jquery.min.12b69d0ae6c6.js
static.spokesman.com/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/js/jquery.min.12b69d0ae6c6.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7600:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 05:58:21 GMT
content-encoding
gzip
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Tue, 21 Jun 2022 23:47:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
10609462
etag
W/"12b69d0ae6c6f0c42942ae6da2896e84"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
KkjqFKtjS_QIOXIKV4kfPj4DXlJ-0DVnOoPrDvLDFwZTD7zIGn-Txw==
critical.min.7f719ef7842f.js
static.spokesman.com/sv3/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/sv3/js/critical.min.7f719ef7842f.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7600:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ba65148259568967389d182b434f97e0da7b6cd83abf926a602433a340ca9d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 17:49:01 GMT
content-encoding
gzip
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Tue, 14 Jun 2022 00:18:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
11344422
etag
W/"7f719ef7842f474e36e669c95955f7b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
9eAkIfSi4nabMTxsnxdqca7_jogpx5wcWJlHVONuHydmyf_IhAzK_w==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b613f403ca62b0729393cfd263745974a7fa73bafbda405040fde013fc328656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27323
x-xss-protection
0
server
sffe
etag
"1374 / 515 of 1000 / last-modified: 1666735637"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 26 Oct 2022 01:02:42 GMT
base_ads.b6d5845dec51.js
static.spokesman.com/ads/spokesman/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/ads/spokesman/base_ads.b6d5845dec51.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7600:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e93c85341a48fbccd80f6d316b0d45b3b951169f4390adfb5cf81609f4160d45

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 00:31:06 GMT
content-encoding
gzip
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Tue, 23 Aug 2022 00:24:44 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
5531497
etag
W/"b6d5845dec51d4391b512b6bb304766d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
hify8GTwER1aE_ep8xHKjN6PgJK9tvkL-okSDy-cOH1c4quSyF1IFA==
1-partly-cloudy-night-000.ae1580129676.png
static.spokesman.com/sv3/img/weather/header-icons/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.spokesman.com/sv3/img/weather/header-icons/1-partly-cloudy-night-000.ae1580129676.png
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7600:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7d628dd59d683f1148f351275ffe0db6089f101b906b1bd1644362b2cc7e2616

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:24:12 GMT
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Thu, 13 Oct 2022 20:22:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
236311
etag
"ae158012967631aaf95a561a843bc9bb"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
9275
x-amz-cf-id
et7TKNcVXyvXusxqa2-g0xnZLDQAyWBZ9RBkNnB74h899weYhdXqrQ==
gtm.js
www.googletagmanager.com/ 		135 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3e77d5671f0049d53d09515be6ac7a24c1bedc389c6df72161c32b6059de1a33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51053
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 00:11:56 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Oct 2022 01:02:42 GMT
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4890a3c7a6d70985e71fb7178c58b8c3ff183e6edbb3f07a41affe5b897d3ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
710wmain1960stease.jpg
media.spokesman.com/then_now_images/ 		586 KB
587 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/then_now_images/710wmain1960stease.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6000:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
934ac61f1a429d3c14da7c8d9244d26a07c740d871ba45eca88f875ae993ad5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
DD9sIipX6S8aLjAe1pufCjjPzjBEqP7A
date
Wed, 26 Oct 2022 00:22:57 GMT
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 03:44:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
2386
etag
"007f23442139c885c06376d34529ae07"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
599769
x-amz-cf-id
ou6tGq0qNxQnQeQBMEgKNiLk5IQmf5W5B0PhbVgjfuA8YmAxF2nMng==
6355db677ebf1.hires.jpg
media.spokesman.com/photos/2022/10/23/ 		585 KB
586 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/photos/2022/10/23/6355db677ebf1.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6000:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ff6f6a06f75a380876dc767007368d7a2e22633ea1ca28387e0b39aee5367e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
D1oDTtQTCliEdBsPsVRJUlv_K39CXLc1
date
Wed, 26 Oct 2022 00:22:57 GMT
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 01:36:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
2386
etag
"86569666b35bb367ec5ced9b6aab1bde"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
598587
x-amz-cf-id
4zWqYVKHBYrnmjKW-EUiI1RxfR8LCeUR0dQ-I0MuASx_qzuBfllRuA==
63531df534a05.hires.jpg
media.spokesman.com/photos/2022/10/21/ 		307 KB
308 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/photos/2022/10/21/63531df534a05.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6000:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a805f6700024751629195f182c0b1f61db560ccdcdb18d6e66d8609f925fbb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
F7lMWhh3BYJ9QEPQV_LS0LQs.sNopVtd
date
Wed, 26 Oct 2022 00:22:57 GMT
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
last-modified
Sat, 22 Oct 2022 01:08:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
2386
etag
"4aca8e121d1cd5990e8fbceb2d645a12"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
314865
x-amz-cf-id
mEFv5N8mwRPdUyUS4YvLsO70XqfaDXKt9ZAAF9utzBUP4z2Bj22ZmQ==
63506f2361518.hires.jpg
media.spokesman.com/photos/2022/10/19/ 		827 KB
829 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/photos/2022/10/19/63506f2361518.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6000:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42fe0c8d1d2f2b0091966ccace2a0d3c28aa644f32181f46b4e29b8bdd1eca97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
F3HwDlMkBBAZ0RCdP3S7n8N97brpi75b
date
Wed, 26 Oct 2022 00:22:57 GMT
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
last-modified
Wed, 19 Oct 2022 23:10:59 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
2386
etag
"6703d509d3a78af52dfd2789f55b2244"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
846997
x-amz-cf-id
Hj9MIL47cuhKnuYYk25BFJHk0NhhuFjc9NuRH0CfTdPSdjg81YlItA==
634b6a25a8543.hires.jpg
media.spokesman.com/photos/2022/10/15/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/photos/2022/10/15/634b6a25a8543.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6000:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
437785da1268f775e78e7e9fc19a7bc6a9e5d2d61bfb984b4b95c6f7dae033ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id
WM2bbqL.MNN8cD3LcO7E4mGgisyttVBo
date
Wed, 26 Oct 2022 00:22:58 GMT
via
1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
last-modified
Sun, 16 Oct 2022 03:16:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
2385
etag
"63cbfaa90a0bf9807c07b909d0f26000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
3403257
x-amz-cf-id
YYa74teEbEJ4z9jHR3_HCt5AoJnYvAe3zEIQA_IEv-Mv9rW415PYeQ==
truncated
/ 		172 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44c448205f15c4f82a4dfe267d5a2efac45224543d44a7c073b167813d449fce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
MercuryTextG3-Italic-Pro.edfe4723e09e.otf
static.spokesman.com/sv3/fonts/mercury/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/sv3/fonts/mercury/MercuryTextG3-Italic-Pro.edfe4723e09e.otf
Requested by
Host: static.spokesman.com
URL: https://static.spokesman.com/sv3/css/style.min.ed3b82c84f94.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7600:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dfc02a8e6f295102871d721f23120a13077e491345a93614fcbb43867de3301

Request headers

Referer
https://static.spokesman.com/sv3/css/style.min.ed3b82c84f94.css
Origin
https://www.spokesman.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 00:54:37 GMT
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
4234085
x-cache
Hit from cloudfront
content-length
98936
last-modified
Fri, 02 Sep 2022 21:30:06 GMT
server
AmazonS3
etag
"edfe4723e09ee8d5e8b042a82c5a2ef2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
https://www.spokesman.com
cache-control
max-age=31536000,public
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
SyP4Vy4IeB6QZXgJYvhecSfl6sgoPJFll0DRgWQGpjXoC2FC16IcvQ==
pubads_impl_2022102001.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 21:04:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130516
x-xss-protection
0
last-modified
Thu, 20 Oct 2022 08:34:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 25 Oct 2023 21:04:57 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		95 B
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.spokesman.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e15f20e9ef9afb2d807e387e719bf1e183ac72a1ff378d2b28f79cc33efd9ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88
x-xss-protection
0
expires
Wed, 26 Oct 2022 01:02:42 GMT
noncritical.min.21be32a1957d.js
static.spokesman.com/sv3/js/ 		1 MB
377 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/sv3/js/noncritical.min.21be32a1957d.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7600:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a2aee262821f014d61d9949b24dd6e194a702ae23c9e3661824e512e550ec09

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 08:42:48 GMT
content-encoding
gzip
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
last-modified
Tue, 07 Jun 2022 21:13:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
12068395
etag
W/"21be32a1957dfe9740992b69551e2dbc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
SI2nnqaGYTKkvgYroX78j_oXVaCROkYHGS1xCvK-Lk5OtLhh-0aGkQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 23:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6408
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 26 Oct 2022 01:15:54 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma20153/575681700/20/
Redirect Chain
  • https://js.matheranalytics.com/s/ma20153/575681700/ml.js?cb3=1608
  • https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
148 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
a77ccf47a61b8eb1d83a4101826726c3b2b0e5b34eb9f2601785b4d1e513932c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 11:47:25 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Aug 2022 08:39:28 GMT
server
nginx
age
47717
etag
"0033e6720ea8d009cad21d1cffea7a41"
vary
Accept-Encoding
x-cache
HIT Fri, 05 Aug 2022 08:49:46 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43903

Redirect headers

date
Wed, 26 Oct 2022 01:02:42 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
0-gc-euw1-10928
js
www.googletagmanager.com/gtag/ 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ed84af90a416c874f7afd29d3384881cdb10c49ff99c9bc4501eea44870c23a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76733
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 26 Oct 2022 01:02:42 GMT
6358592cda6c8.hires.jpg
thumb.spokesman.com/HJLnUhCcjr-qgKQ5CWnf1LwSog0=/1170x658/smart/media.spokesman.com/photos/2022/10/25/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/HJLnUhCcjr-qgKQ5CWnf1LwSog0=/1170x658/smart/media.spokesman.com/photos/2022/10/25/6358592cda6c8.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4400:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Thumbor/6.7.5 /
Resource Hash
c0b6afc13fff61b327bfa4173a2cf32898a9f623c0cb69eabde3174e11b18a89

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 23:13:48 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
FRA2-C1
age
6534
etag
"1fce39be7134e128ecea4b985000ad0a4573e887"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
43208
x-amz-cf-id
_G9Ecs5HfSPnXQLXfUWEqbUTKFCywl8NyMj4a3ZlfLTRiZrJr1D3aQ==
expires
Fri, 20 Oct 2023 23:13:48 GMT
63586f591dba0.hires.jpg
thumb.spokesman.com/naXB6oVhBhoKF-ICnetPni_7pOE=/530x298/smart/media.spokesman.com/photos/2022/10/25/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/naXB6oVhBhoKF-ICnetPni_7pOE=/530x298/smart/media.spokesman.com/photos/2022/10/25/63586f591dba0.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4400:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Thumbor/6.7.5 /
Resource Hash
c715c077337241dea25237c75896ceb0ace0795851c03efb40bd8464eea9f5d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 23:33:32 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
FRA2-C1
age
5350
etag
"d444f7d7d01d89953b13118a9b968c79c6120855"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
36282
x-amz-cf-id
7JLLCbQ-k7jRE5uWl9nA1Hyccx3CZ5PZqcn-voDocIZOVs1k88b1PQ==
expires
Fri, 20 Oct 2023 23:33:32 GMT
6317ed5019349.hires.jpg
thumb.spokesman.com/S4C6qthFzxCdWaI1U_MHl762SRI=/530x298/smart/media.spokesman.com/photos/2022/10/25/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/S4C6qthFzxCdWaI1U_MHl762SRI=/530x298/smart/media.spokesman.com/photos/2022/10/25/6317ed5019349.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4400:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Thumbor/6.7.5 /
Resource Hash
655b5f5287f2dfb379f966d30e1ed29de52979ba4fc34ef3cd90535e72edd946

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 22:17:43 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
FRA2-C1
age
9899
etag
"ef1652dd4b5cdc3bded5963ebfb2299f3093325c"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
20044
x-amz-cf-id
v-4aUoLtu_giDh1pxkzohTUmgHm1TrP7OCKy9rBxkE7Fk_uZi9lOaQ==
expires
Fri, 20 Oct 2023 22:17:43 GMT
6355987788d9d.hires.jpg
thumb.spokesman.com/_sbO3TAP453cfVAG0Cv5Sbn6rhU=/530x298/smart/media.spokesman.com/photos/2022/10/24/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/_sbO3TAP453cfVAG0Cv5Sbn6rhU=/530x298/smart/media.spokesman.com/photos/2022/10/24/6355987788d9d.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:4400:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Thumbor/6.7.5 /
Resource Hash
3fd492fb82403f50e1207e5574498044db25d49b410ab111baf51e0971bcf813

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 20:52:33 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
FRA2-C1
age
101409
etag
"ae9d981ff96c45d04ae26272e2eac83b6c0ee0ae"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
24634
x-amz-cf-id
33fXT5Sb-D-ZXxW5cLxTJQxINkvzwoFQbgqgYKPkQPbEzc14qnfN1w==
expires
Thu, 19 Oct 2023 20:52:33 GMT
homepage.ba1889af7be1.json
static.spokesman.com/ads/spokesman/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/ads/spokesman/homepage.ba1889af7be1.json
Requested by
Host: static.spokesman.com
URL: https://static.spokesman.com/ads/spokesman/base_ads.b6d5845dec51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:7600:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79fc30a3a4b255c915bba01c0691a5653ec71151821aedb5147898821927e362

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 02:45:58 GMT
content-encoding
gzip
via
1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
2672205
x-cache
Hit from cloudfront
last-modified
Sat, 24 Sep 2022 00:04:30 GMT
server
AmazonS3
etag
W/"ba1889af7be1a2a7e8f93d1af49b39ef"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
https://www.spokesman.com
cache-control
max-age=31536000,public
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
x-amz-cf-id
-Hha1MSG-LNueEa7DPgM2hubkmRsc8brEf7dDqLhpjpmT6hR-Id3Ig==
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G3BY0LGVDL&gtm=2oeao0&_p=440859140&cid=309465307.1666746163&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sid=1666746162&sct=1&seg=0&dl=https%3A%2F%2Fwww.spokesman.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=homepage
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:02:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spokesman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.min.js
loader-cdn.azureedge.net/prod/spokesman/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Requested by
Host: static.spokesman.com
URL: https://static.spokesman.com/sv3/js/noncritical.min.21be32a1957d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC23) /
Resource Hash
4258ee1a0fa59580f3bea33f5fdfa57a35d952ae96806c7c79148013ecd56e05

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 01:02:42 GMT
content-encoding
gzip
content-md5
/6jmiLf5GyzcYqAhW59iJQ==
age
25707
x-cache
HIT
content-length
11854
x-ms-lease-status
unlocked
last-modified
Thu, 06 Oct 2022 13:08:19 GMT
server
ECAcc (amc/BC23)
etag
0x8DAA79BD6D204BF
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
878726c5-a01e-0038-5d9a-e8537e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.spokesman.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.spokesman.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		177 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3919495966118040&correlator=3784787500167745&eid=31070233%2C44772496&output=ldjh&gdfp_req=1&vrg=2022102001&ptt=17&impl=fifs&iu_parts=1009641%2CSpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100%2CSpokesmanDesktop_Homepage_Anchor_729x90%2CSpokesman_homepage_top_300x250%2CSpokesmanDesktop_Homepage_Dashboard_300x250%2CSpokesman_homepage_728x90%2CSpokesmanDesktop_homepage_1_728x90%2CSpokesmanDesktop_homepage_2_728x90%2CSpokesmanDesktop_homepage_3_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=1280x100%2C728x90%2C300x600%7C300x250%2C300x250%2C728x90%2C728x90%2C728x90%2C728x90&ifi=1&adks=2404035854%2C1337061979%2C3725654123%2C811898262%2C883754903%2C3635373852%2C2447737946%2C2531107668&sfv=1-0-38&sc=1&cookie_enabled=1&abxe=1&dt=1666746162645&lmt=1666746162&dlt=1666746162240&idt=293&adxs=160%2C436%2C1220%2C1151%2C436%2C244%2C244%2C244&adys=223%2C1110%2C356%2C1845%2C7547%2C4711%2C6110%2C6786&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.spokesman.com%2F&frm=20&vis=1&psz=1600x101%7C1600x-1%7C300x0%7C300x0%7C1600x0%7C1088x0%7C1088x0%7C1088x0&msz=1600x101%7C1600x-1%7C300x0%7C300x0%7C1600x0%7C1088x0%7C1088x0%7C1088x0&fws=4%2C516%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=309465307.1666746163&ga_sid=1666746163&ga_hid=440859140&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54ab27cd8e9c7c14f649b9250d5f3a7b14655aba6bca37c608a54335026c40c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35068
x-xss-protection
0
google-lineitem-id
5239133665,5901494788,4994623904,-1,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138378999432,138339100962,138346926683,-1,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.spokesman.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
588933f7ad1de15d1e87037103fe6cef.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6937 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://588933f7ad1de15d1e87037103fe6cef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:02:42 GMT
expires
Thu, 26 Oct 2023 01:02:42 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-230256-14&cid=309465307.1666746163&jid=295950501&gjid=1634481857&_gid=408321798.1666746163&_u=YCDAiEABBAAAAEACI~&z=663936686
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 26 Oct 2022 01:02:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spokesman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=440859140&t=pageview&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAAAACI~&jid=295950501&gjid=1634481857&cid=309465307.1666746163&tid=UA-230256-14&_gid=408321798.1666746163&gtm=2wgao05P9SH6&cd7=Homepage&cd9=homepage&z=859789229
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:22:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52842
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&hier=Homepage&ptype=homepage&pubname=The%20Spokesman-Review&sec=Homepage&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=0ba9d050-0865-4d38-baec-1453a76e266b&pid=9feff129-c906-4334-af52-9da4743ce3bf&dtm=1666746162730&qnm=_matherq&visible=1&tabid=086c40ff-d1da-4585-800a-f8ecc906903a&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9771&tofa=1666746163&vid=1&lvidt=1666746163&duid=3fc2ec14-c2bb-459d-9c11-a76161249b17&fp=1496457183&cid=ma20153&mrk=575681700&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY2Njc0NjE2MTY2OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxNS4ybWIiLCJmc3RQYWludCI6IjcxNCIsImZldGNoUyI6IjUwMCIsImRvbWFpblMiOiI1MDAiLCJkb21haW5FIjoiNTA5IiwiY29ublMiOiI1MDkiLCJjb25uRSI6IjU0NyIsInNzbFMiOiI1MjUiLCJyZXF1UyI6IjU0NyIsInJlc3BTIjoiNTY4IiwicmVzcEUiOiI1ODMiLCJkb21Mb2FkIjoiNTcxIiwiZG9tSW50ZXIiOiI3NzUiLCJkb21Mb2FkUyI6IjgwNSIsImRvbUxvYWRFIjoiODA1In0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMzA5NDY1MzA3IiwicmVmVGltZSI6IjE2NjY3NDYxNjI3MjkifV19
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 26 Oct 2022 01:02:43 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-230256-14&cid=309465307.1666746163&jid=295950501&_u=YCDAiEABBAAAAEACI~&z=1380971305
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:02:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-230256-14&cid=309465307.1666746163&jid=295950501&_u=YCDAiEABBAAAAEACI~&z=1380971305
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:02:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.spokesman.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Wed, 26 Oct 2022 01:02:43 GMT
age
6029475
detected-user-agent
Chrome/106.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Wed, 17 Aug 2022 02:20:13 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
normalized-user-agent
chrome/106.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
loader-config.json
cdn.sbgsodufuosmmvsdf.info/prod/spokesman/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.sbgsodufuosmmvsdf.info/prod/spokesman/loader-config.json
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC37) /
Resource Hash
903c4bb3fd970c4cf3a557824d8d44f9c9ce0bc25316ccbb5cbb989b18cfe2f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
gzip
content-md5
Lri1In1m7vKVDciwEX0a5w==
age
25672
x-cache
HIT
content-length
1245
x-ms-lease-status
unlocked
last-modified
Thu, 06 Oct 2022 13:31:20 GMT
server
ECAcc (amc/BC37)
etag
0x8DAA79F0DE561E6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
85faf2c1-601e-007a-7d9a-e8eafe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022102001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
afe8bc0a8ef36c6a49b64fdbd256fb4eacf1041a562617179e2f44d2f30c7198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11140
x-xss-protection
0
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Sat, 13 Aug 2022 04:02:04 GMT
Via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C1
Age
6382840
ETag
"d89453438fbf10dcf4c13265c40d5160"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=26920000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4255
X-Amz-Cf-Id
PxibtNItJ4h6vV8zzdsHA-xWJO5coPKcbCnnT5Dal-QB36JTxhvpAA==
aam.js
aamcftag.aamsitecertifier.com/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aamcftag.aamsitecertifier.com/aam.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f200:14:c3e7:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1a476b3442043756f97fc98c480c06c65c74207e12ae6ba150eee21d7eed067

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 03:47:16 GMT
content-encoding
gzip
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
last-modified
Mon, 01 Feb 2021 19:46:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
76528
etag
"d01602293dda6546ca8f8ededd0e44e8"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
25648
x-amz-cf-id
stlir-3nWZ9JWM2jBle8DKl9TeILJDvRGX2q0mogtGKxdudg4Hrw6w==
x-amz-meta-s3b-last-modified
20210201T194158Z
load_tags.js
pymx5.com/scripts/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/load_tags.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 00:37:48 GMT
age
1495
x-guploader-uploadid
ADPycdvWxbM3uSEfvXftAV7FKUxvrVkF_3y7FtijwJShK4HJSyGbtpKGm-y6J6YAdgFECg1Vmkd3clo6UcLyji3nYvBzFls5Fv7_
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8946
last-modified
Fri, 15 Jul 2022 06:19:11 GMT
server
UploadServer
etag
"f6b06694767e707999eecbe9538b403a"
x-goog-generation
1657865951655064
x-goog-hash
crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
8946
accept-ranges
bytes
content-type
application/javascript
tr
www.facebook.com/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=260139058256176&ev=PageView
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Oct 2022 01:02:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=440859140&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=10%25&_u=aCDAiEABBAAAAEACI~&jid=&gjid=&cid=309465307.1666746163&tid=UA-230256-14&_gid=408321798.1666746163&gtm=2wgao05P9SH6&cd7=Homepage&cd9=homepage&z=956815002
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:22:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52843
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7C60 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvODMMujqpKo8421-rIQ_3RtgBYzB7v7D2at9c0o74_xx-_IR3-PcJie8PHa6m7wTMxRdOff5zMCMbPg7Rt3GJqUFXQnmaBhGoAfFGUBT-Du8YXR_5a-C4ud6oRrfvslsjwWfzPUJD8UP675FCsVaPoSMLG-kKYeB1DbdQeKGKQNdntdGyA0G8xgE9_S1SHXrpsGhsXY328C9um75jEJOGRvF9UCHvqCXjvx5EGnjYLMJmMIJrhJj0ovjhulgB0zW-Gyva0u7kBuG1qIShs84vPCpYMHZkus9oaIB6lik7u8Fqxk1CUZzXlbQ-INeXmw_OodHm9oM36D-agEU_BzoxHVqr0F042sdbqCsmN5yKIjlGIiK_lBhwaAQ&sai=AMfl-YSBNl8u9MIIVTJ7elDka6SdLFLO1rhAqkYMQdb9Dpx1rQqjQn1b3dAMO6cQBBr11-xUSAykq83cOn5ZL4JqeyqsWdiuDh8i1T3sRJWggw9rgu9sHrj_hg15ij9Y_6MId4si&sig=Cg0ArKJSzLynHXPGMH3XEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 26 Oct 2022 01:02:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 7C60 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38221
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:25:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 7C60 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 15:30:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
34350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 15:30:13 GMT
l
www.google.com/ads/measurement/ Frame 7C60 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQEfQDALyasXsQiZLd1knk1ZtNQoL04zrGo2--OyyQYwmUY4mLdFqW_u8YPFctn1Fc42LKxOMYJLa-jgZeAHCvYZ9n1DQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7C60 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 01:02:43 GMT
9910311747957117906
tpc.googlesyndication.com/simgad/ Frame 7C60 		136 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9910311747957117906
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a4c45d4d453a388e383e5960ea14b6f751325512c8a6e59b6f065b30dfabaf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139311
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 16:43:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 26 Oct 2023 01:02:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E3D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIQkJfPehTh6Cl6SdVueqyd8y33BVZh9P_rV39orRTSzT7MnaG7xOBUrhF0vICNwvYeUvjpZ_8w2F_NgVsFTVbkdcO8sz1LVg5RNm9d4eStirwLgksuSfm5-AwHFMwVr6OojIZLdCd30pzV64M0G1Q2XU4J28Bx5iQqg39cPM0s4Pf4M5TiGA2qfjDHv0iV3w8KxXSsfMmE77HZsrYewBWlaMBoK25WVaWc3e6s8ZrxhxiQSma5LCYYXrDCvv4BmIByofTF7n2_fLlINq_l7Q5nVkvysN2z1x57Ts1veGjnQuI74jkyFVnQMhtP8IZ1-3obaMiATYCbq9cOoKshhM8ppToy3DQOtuBncrMyg&sai=AMfl-YQku3zUZElpMz2peT5MXZfsp1N20ez7qykxoaIPvL8MexZWbS4axMoZbVAUkUoPZybsDMt37Fsk2pZy-XWaAmobGsh2DZoNOpMRsmTdkrBr9VCHHkOcOXod-RbBDv_A4jQj&sig=Cg0ArKJSzCRzgG7hR1B1EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 26 Oct 2022 01:02:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame E3D3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38221
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:25:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame E3D3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 15:30:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
34350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 15:30:13 GMT
l
www.google.com/ads/measurement/ Frame E3D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXfiOglKlTslx_m8zShhCYZIY-z5A-l-YySwb37Vn0pTRxlPrwfqhaqa9k9ibzr98nLKKZ-IFRbDDOWuvkeANd1MDxiA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E3D3 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 01:02:43 GMT
4049148580905421613
tpc.googlesyndication.com/simgad/ Frame E3D3 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4049148580905421613
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ab653c06f099d89a710112a2eae9ea1cfcbabcace357575b09eac3556be2f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 00:15:47 GMT
x-content-type-options
nosniff
age
2816
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80955
x-xss-protection
0
last-modified
Sat, 06 Feb 2021 00:32:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 26 Oct 2023 00:15:47 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 383F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaq9vAl2953ahtjnQUCvxeddyTwOZUTHInZB-3CHNHr609d6SyvBnunIydJUyZbw5utmevnGVotR0_yaaGdaXHtTAmu5ZzrtT-yhno2O7UxH_ttE0rMt5KVEOVMUkde4gUbzU4CO1rnzdmanfNVWmruxFTi1JZsnZgNt6z4kQ69Dd3SQ2F1S7s7g6fiPqOI_Ft2rOZxf67XTHGoWQA4vReAOZI9EUmRcqt_DQnfir46ingt6jn8SsPdwe1GmfMeXh-urvUlxLiDKtWWIc-jsgvLC7b3yPe6XSfST7mhZt-H4Q77C4U4QE278dSzVpidEulI5mpCJBIZqbt2e8SgwTGM2FiKw&sai=AMfl-YTn5ba9b1KvmKXRrl0oQusxWnHElV4BnYUZmHgZ_kUJxH4X22YUaPLg6zs7Rtp633Gkh2MkTrm3ey7GTNh-e44qbGG_K-pvFjqwEJa8O2t5TcgftF0gx9ufQwsS0Pyxfz0m&sig=Cg0ArKJSzDZTklLY_aRtEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 26 Oct 2022 01:02:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/ Frame 383F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 14:25:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38221
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 14:25:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/ Frame 383F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221020/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 15:30:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
34350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1238
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 08 Nov 2022 15:30:13 GMT
l
www.google.com/ads/measurement/ Frame 383F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3TAguNAW2JCwGldaT4WS1SPlgoaz8WFTtJxoCbPiYkamdwqTKzGaI3yK_NkqZNQrjQ_CCoklEc57GO6fOS98YxSzzJQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 383F 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47514
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666611803224388"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 01:02:43 GMT
6785863553572946904
tpc.googlesyndication.com/simgad/ Frame 383F 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6785863553572946904
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6432852ea423ad2e1cd329085871ee31091a94ad5676bfcd46ba872f22684a6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 21:18:47 GMT
x-content-type-options
nosniff
age
186236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32016
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 16:47:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 21:18:47 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012210071758000/ Frame 7181 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 10:05:17 GMT
age
140246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61557
x-xss-protection
0
server
sffe
etag
"6f919b986f193e5c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 10:05:17 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 7181 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 17:09:22 GMT
age
114801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5208
x-xss-protection
0
server
sffe
etag
"79c6a9d24c248711"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 17:09:22 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 7181 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 17:09:22 GMT
age
114801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28805
x-xss-protection
0
server
sffe
etag
"61ef65d2d2d03d2c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 17:09:22 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 7181 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Oct 2022 22:59:37 GMT
age
7386
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1904
x-xss-protection
0
server
sffe
etag
"cd31ad97eaf70e3d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 25 Oct 2023 22:59:37 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012210071758000/v0/ Frame 7181 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210071758000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Oct 2022 17:09:22 GMT
age
114801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12962
x-xss-protection
0
server
sffe
etag
"81bd7ae64421add4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 24 Oct 2023 17:09:22 GMT
truncated
/ Frame 7181 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac5baa1f2e819affcac06a49335f85874506e6d8f5cb9d8300f2df5fe1a8b9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
14242240876667337224
tpc.googlesyndication.com/simgad/ Frame 7181 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14242240876667337224?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qko8MXHCSwc8XE1JlwBAzxgZbvGew
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eb022bbca485fb341456ac35ad8bfc2d1ac9e73a78fd6c2bd6315b7101f41d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:41:39 GMT
x-content-type-options
nosniff
age
58864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13823
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 12:30:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 08:41:39 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7181 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:16:18 GMT
x-content-type-options
nosniff
server
cafe
age
53185
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 26 Oct 2022 10:16:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7181 		295 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 11:12:30 GMT
x-content-type-options
nosniff
server
cafe
age
49813
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 26 Oct 2022 11:12:30 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 7181 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFzamModYY_3XK_n77_UPhIyFyASrrMSNbe7P3-HjEBQQASDDoPwBYJXikIKgB6ABz5TVkgLIAQLgAgCoAwHIAwiqBJYCT9DpHg-M4xE0a5SbsKNfOGBS-6Mg2YMP-RN4q6YQf7Hp_X5-GQNlR8qjmnp-a2HTVrxkoxr0mY35AIkPtU-zm6js3vS-w7ZJ0PzUQTBfTZ_P1OxxyHjQ2OVB7TND12xVAU_SjSrMJCyGNzYZXHLiy1zWXqqaa_sndzUWaQM7nydq08_Clrsu4uzmaRcxBXOGCg1eeTN4z67cDHzxoCVrrwG_z2LjFNzXtnxmtbexW0Ask9jE3u_lP_fgsUWuLUZ2fNxCA4HuHxBFRvtUPuCgdAIt7yRKT5eW_xGYF9Z0jzbMQAdkEHOYq7fNVAhJe-oDzjmk8O0LfVTT2g8z0EdnK8Nl7V_9urYgXeMWcekvfMMBsv4AAwLABPDIksCVBOAEAZIFBAgEGAGSBQQIBRgEoAYCgAeZ66rtAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMLBA9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi05Nzc5NjUyMTIyMDE0NzI4GLmKBg&sigh=YxgzP_QUhAQ&uach_m=[UACH]
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTIzOTEzMzY2NSIsImVidXkiOiIyMzEzNzk1NzgxIiwiZWFkdiI6IjQ1NzEwODI5NDAiLCJlY2lkIjoiMTM4Mzc4OTk5NDMyIiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvU3Bva2VzbWFuRGVza3RvcF9TdXBlckxlYWRlckJvYXJkX0hvbWVQYWdlXzEyODB4MTAwIiwiZXNpZCI6bnVsbCwic2l6ZSI6IjEyODB4MTAwIiwicmVuZGVyZWQiOiIxIn0&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=e76bc8fa-da66-4ee7-a058-d083f5e53ddd&pid=9feff129-c906-4334-af52-9da4743ce3bf&dtm=1666746163291&qnm=_matherq&visible=1&tabid=086c40ff-d1da-4585-800a-f8ecc906903a&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9771&tofa=1666746163&vid=1&lvidt=1666746163&duid=3fc2ec14-c2bb-459d-9c11-a76161249b17&fp=1496457183&cid=ma20153&mrk=575681700
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 26 Oct 2022 01:02:43 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022102001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 26 Oct 2022 01:02:43 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&time=1666746163308&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.spokesman.com%2F&random_number=4353445588&sess_cookie=e62bf67c18411d0206bc0a95a17&sess_cookie_flag=1&user_cookie=e62bf67c18411d0206bc0a95a17&user_cookie_flag=1&dynamic=true&domain=spokesman.com&account=TEMji1aUCm00qs&jsv=20130128&user_lang=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-112.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Tue, 25 Oct 2022 02:09:37 GMT
Via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
Age
82387
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
x-amz-meta-alexa-last-modified
20110117123941
Accept-Ranges
bytes
Content-Length
43
X-Amz-Cf-Id
lHy6JpVoRv0gqCmhpH_NJiBX2zO02ZHyiMsK7UqC9FHdUZslmUhQaQ==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:bc:1201:750e:b3a:3b3d:43b3 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
server
Server
load_optional_tags
api.pymx5.com/v1/sites/ 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pymx5.com/v1/sites/load_optional_tags
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.74.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.74.96.34.bc.googleusercontent.com
Software
nginx/1.13.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
via
1.1 google
server
nginx/1.13.7
allow
GET, HEAD, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC75) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
131
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (amc/BC75)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7514946d-d01e-00f7-6dd6-e8ecd0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 26 Oct 2022 01:32:43 GMT
fp.min.js
fp-cdn.azureedge.net/prod/spokesman/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp-cdn.azureedge.net/prod/spokesman/fp.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC19) /
Resource Hash
af44b91aee646d43b9687c2f00450dd0ade50f4b8c7a78e6b99257f1d5e8984c

Request headers

Referer
Origin
https://www.spokesman.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
gzip
content-md5
lgzPoyz75nle9SCu4zir4w==
age
13563
x-cache
HIT
content-length
21083
x-ms-lease-status
unlocked
last-modified
Tue, 07 Dec 2021 09:14:15 GMT
server
ECAcc (amc/BC19)
etag
0x8D9B961F0D7C8FB
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5d5dd283-a01e-005a-6eb7-e89159000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
g2insights-cdn.azureedge.net/prod/spokesman/ 		527 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g2insights-cdn.azureedge.net/prod/spokesman/g2i.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC8A) /
Resource Hash
9437490e4f56c98a9918b0e8f8f077f9e83f27ee69c1547ac1f229fcb4470fae

Request headers

Referer
Origin
https://www.spokesman.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
gzip
content-md5
hWVpf+tV9C2V7tkaq/lTzA==
age
18395
x-cache
HIT
content-length
75960
x-ms-lease-status
unlocked
last-modified
Tue, 07 Dec 2021 09:14:45 GMT
server
ECAcc (amc/BC8A)
etag
0x8D9B96202A01F05
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
28f2a0cd-901e-0023-2eab-e86d7d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.czx5eyk0exbhwp43ya.biz/prod/spokesman/ 		853 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/spokesman/t8y9347t.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC8B) /
Resource Hash
5a0ab648e06a71046651d509fc6e3201f8a7875fb19edfabc4e2955b383fca16

Request headers

Referer
Origin
https://www.spokesman.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
gzip
content-md5
Jb+gGXPvjosL/lZesASgSw==
age
149755
x-cache
HIT
content-length
202029
x-ms-lease-status
unlocked
last-modified
Mon, 20 Jun 2022 06:56:38 GMT
server
ECAcc (amc/BC8B)
etag
0x8DA528A05F484DE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
a29a155e-801e-003f-0a79-e73f1d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
t8y9347t.min.css
cdn.czx5eyk0exbhwp43ya.biz/prod/spokesman/ 		348 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/spokesman/t8y9347t.min.css
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC9D) /
Resource Hash
c1577ba94752b8302f8a5518b1ccd8b21507a7da67cd613dc990e8fd10f8ab5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
gzip
content-md5
HBagnSR9fGL2/9/2zSnVqw==
age
18395
x-cache
HIT
content-length
35356
x-ms-lease-status
unlocked
last-modified
Tue, 07 Dec 2021 09:15:10 GMT
server
ECAcc (amc/BC9D)
etag
0x8D9B96211AC9D6C
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
eab2ea4b-401e-001f-57ab-e844ba000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
init-5499fsal6gpaz5tx8ut.js
aamapi.com/api/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aamapi.com/api/init-5499fsal6gpaz5tx8ut.js
Requested by
Host: aamcftag.aamsitecertifier.com
URL: https://aamcftag.aamsitecertifier.com/aam.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:600:6e00:f5ab:d4b1:b508:c0cd Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
c204d74510df805aa19f5d51e7a2eddf4ce52f543a84271b936e81b41135bb22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type
text/javascript
pragma
no-cache
date
Wed, 26 Oct 2022 01:02:43 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
server
openresty
expires
-1
i
aamcf.aamsitecertifier.com/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aamcf.aamsitecertifier.com/i?stm=1666746163391&e=pv&url=https%3A%2F%2Fwww.spokesman.com%2F&page=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=210&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=90382b3b-c1dd-4756-9cfe-4e5af5bd6bc2&dtm=1666746163388&vp=1600x1200&ds=1600x9771&vid=1&sid=ab6c0d44-cdf4-48e9-8cc2-0eefaa52abf1&duid=c393b76d-82f6-4e51-966a-102c3673d7bb&fp=2915972519&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4yLjMwOTQ2NTMwNy4xNjY2NzQ2MTYzIn19XX0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.89.126.190 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-126-190.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:02:44 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
truncated
/ Frame 7C60 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cba08c0a48721ca3ce0ffc3abd06c6d0a7194a31de0b899b6c62eef75c5d1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E3D3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc424c21077c5d9c6bcff2835d2cc8b608fb23a97ef07918d3af89ca34c2a896

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 7C60 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyJXmy2gCH6e2jjmRmlt2YzGj7Y7fCLdpVn_ZXozT-SsAUO4z4K1vuFllyQr4ngVirTO_n4TF-6agL0KaH7UO1toRypPrzZAEYFAQ1aKodGwMfb-Fggx6F58v3UfZozjpZsXNXqX7WNQO-vvNcoudPJoS6asNwX-f5W3b_NvEzZKu9COLURk20DE2HbFLBg1OXBkeWPX15RjFnjQ_SOmGWJezBF6QdZZK1DeewHsH4b5HOBZbdrH36xYG3bRiw8bTwq9TZOKGtfRmF992N4AgbJ1OeZJWVAl-zCYCbm5sldjlRaNosbrT2l8ATB3z0LM4P91In1JAOFWf8zxEYB8HBn4ZyuP0ZMg48TcTGIm03JI3Aol7IBjZ0tprM&sai=AMfl-YSMM25pZornCv7kvnpWJTr-Ov78L3P7zAFwFCCyjc7hyMMwzf7sEquTnKLmkWe8NqGC7Q1mP4bGTPyFqKL7HWIZVcIfL-6_DWEDl93vQjkK43JCNWgw-GUfB6iXXNggf8Mx&sig=Cg0ArKJSzEP4bKR_GUh_EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 26 Oct 2022 01:02:43 GMT
truncated
/ Frame 383F 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
93574b3908008da37c1a15d3293d748e03dea59abdec95974ca27959fc38cc1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 105B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14035
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Oct 2022 21:08:48 GMT
expires
Wed, 25 Oct 2023 21:08:48 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 479F 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d5ab7a711dbf5b4a5cbc4d94af6322938bdbf8ecc4fcb41846913998ea615468
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m3OCxPtZfRxO-qhJX4FF-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-m3OCxPtZfRxO-qhJX4FF-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:02:43 GMT
expires
Wed, 26 Oct 2022 01:02:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTkwMTQ5NDc4OCIsImVidXkiOiIyOTc1MTYwOTEyIiwiZWFkdiI6IjQ4MjY4MTgwNjkiLCJlY2lkIjoiMTM4MzM5MTAwOTYyIiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvU3Bva2VzbWFuRGVza3RvcF9Ib21lcGFnZV9BbmNob3JfNzI5eDkwIiwiZXNpZCI6bnVsbCwic2l6ZSI6IjcyOHg5MCIsInJlbmRlcmVkIjoiMSJ9&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=1bdd6250-2263-47fc-86bc-d9fd34aace26&pid=9feff129-c906-4334-af52-9da4743ce3bf&dtm=1666746163293&qnm=_matherq&visible=1&tabid=086c40ff-d1da-4585-800a-f8ecc906903a&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9771&tofa=1666746163&vid=1&lvidt=1666746163&duid=3fc2ec14-c2bb-459d-9c11-a76161249b17&fp=1496457183&cid=ma20153&mrk=575681700
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 26 Oct 2022 01:02:43 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 383F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE9xQjwe3dAxNsOVesvDkV1GAvp-z7yPq1zMnu7TbJ71vp5adXP2hf2zxksQIkP14g6dLJbw15lXQJbfOl16XcssOLa-hYfVibEQnNNKgqfrlTewubejIeCnHRVOn65LxofkYEP59jumGfF9VW-dr-6SxWYfimTeJ_NT2wkml4DMr2vTnRCM_SQJaBpAkG8DNvBaplOpU1SO2tyqNgJ7E500PrBKkGTwwwNIYuq0KJRIISfvMEyICLpBooCERDpamoLOwu1nfpop8wKZvL62rr_k7QDjPhszRO3hPf1yyI6mxqgZXtW5LOXbDpmQ40yxvAx2OAoBY8wYchS0XoXfhqLYf4KuUb&sai=AMfl-YQAJMFbonJ2mErpynkY30jnBvQxYG1z8ZCjybN7mnwg_dVi7bkgIZVOg7yRTMJn7Z5i1TavKkcAV8EZ4qpdnWF5Mgv0iuRjp4UdiEztGRjlBEBG5Q9scnYZ65hGPkQ1RE6r&sig=Cg0ArKJSzLB3NRD4yVrUEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 26 Oct 2022 01:02:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E3D3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6WD4y5akUjh2mY-zXfB63c56jim4Jg6RLjDtMkkvYYW2-a1jGUQDPwVVAhxUkU_NpyeBDqyPTEl-5zoCQEyEyjuA5oDd145kT8PaLbM-hslQ8Hk6gYL9AfBm8K4nXuYqvDy9XnGnVC7-JtJnuE_9Oq8EF_cdQn8IEnGxNHlQ1_DoomXQ6dCCUG5VqF-Nu0IEDeakYSHooKpgnzjz0m-DSAUAReAH8KyLRAaBHranfPRFfrmjR6U_FjMVLnEelkAyQL_oq4xAvjImKSF23NDR8JH_PUeKzi1pj6VHu_6GX9xmfzfDHEj93RKVfQDNhKU86wyUE06m7TwsjBHDQeZcO5T9h-et-N9cjJHUmkRla&sai=AMfl-YSKFko2IYNXsAb6m0cIYW_1KoxtOp123jflsAoWD0qoPPF4T2vqMao6-RFzF6QaLT4-Kpu9pxXb2Ca2FzBA_ZKzbnrtf9vG7EltmYGuOVcqv0Ae4RFuul9Ithnv4Jqc_tIV&sig=Cg0ArKJSzBCWcz5wOji3EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 26 Oct 2022 01:02:43 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7181
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H2
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Redirect headers

date
Wed, 26 Oct 2022 01:02:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
14242240876667337224
tpc.googlesyndication.com/simgad/ Frame 7181 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14242240876667337224?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qko8MXHCSwc8XE1JlwBAzxgZbvGew
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8eb022bbca485fb341456ac35ad8bfc2d1ac9e73a78fd6c2bd6315b7101f41d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 08:41:39 GMT
x-content-type-options
nosniff
age
58864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13823
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 12:30:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 25 Oct 2023 08:41:39 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7181 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 10:16:18 GMT
x-content-type-options
nosniff
server
cafe
age
53185
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Wed, 26 Oct 2022 10:16:18 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7181 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210071758000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 11:12:30 GMT
x-content-type-options
nosniff
server
cafe
age
49813
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Wed, 26 Oct 2022 11:12:30 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDk5NDYyMzkwNCIsImVidXkiOiIzODU2NTMwMTEiLCJlYWR2IjoiNDQzMDUzMjExIiwiZWNpZCI6IjEzODM0NjkyNjY4MyIsImVlbnYiOiJqIiwiZXBpZCI6Ii8xMDA5NjQxL1Nwb2tlc21hbl9ob21lcGFnZV90b3BfMzAweDI1MCIsImVzaWQiOm51bGwsInNpemUiOiIzMDB4MjUwIiwicmVuZGVyZWQiOiIxIn0&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=4c93ff63-9096-4bc7-a642-664d0a0c77ee&pid=9feff129-c906-4334-af52-9da4743ce3bf&dtm=1666746163294&qnm=_matherq&visible=1&tabid=086c40ff-d1da-4585-800a-f8ecc906903a&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9771&tofa=1666746163&vid=1&lvidt=1666746163&duid=3fc2ec14-c2bb-459d-9c11-a76161249b17&fp=1496457183&cid=ma20153&mrk=575681700
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 26 Oct 2022 01:02:43 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 		542 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1666746163673
Requested by
Host: fp-cdn.azureedge.net
URL: https://fp-cdn.azureedge.net/prod/spokesman/fp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73f324ffa7c71e72be7d3cf2fb323b27abd2d02f9f3e0ec251d15694d0180bb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 26 Oct 2022 01:02:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPfByyowieyjJYtuaHCFOSD57MQoyHTAUTv4%2FYcfVTa8eMQYclMU%2BysQhJ5GkxRsCYdDWp3R48wghGsfMcoIt1%2BV6YE8lvwaw05RU79%2BatU6LvATdGtWT%2FReOgzgyD%2FX9a3O"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
75ff44a34be6bbe6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/pagead/ Frame 479F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022102001&jk=3919495966118040&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js
pagead2.googlesyndication.com/bg/ Frame 105B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/S59cL8NpNlz03nuQ7M-TG0OvY6nWg2CBBQLmeE6XtI4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 22:34:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15944
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 22:34:24 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMCIsImVhZHYiOiIwIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvU3Bva2VzbWFuRGVza3RvcF9Ib21lcGFnZV9EYXNoYm9hcmRfMzAweDI1MCIsImVzaWQiOm51bGwsInNpemUiOiIzMDB4MjUwIiwicmVuZGVyZWQiOiIxIn0&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=6a082043-b97b-49ef-957e-07b74dfd7e9e&pid=9feff129-c906-4334-af52-9da4743ce3bf&dtm=1666746163295&qnm=_matherq&visible=1&tabid=086c40ff-d1da-4585-800a-f8ecc906903a&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9771&tofa=1666746163&vid=1&lvidt=1666746163&duid=3fc2ec14-c2bb-459d-9c11-a76161249b17&fp=1496457183&cid=ma20153&mrk=575681700
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.38.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-38-131.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Wed, 26 Oct 2022 01:02:43 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
generate_204
tpc.googlesyndication.com/ Frame 105B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?yhc0Hw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ad.gif
api-54-203-81-50.aamapi.com/api/ 		43 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-54-203-81-50.aamapi.com/api/ad.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:600:6e02:fa99:4bc:327d:2aa3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:02:44 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
gtm.js
www.googletagmanager.com/ 		157 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQTQTTW&l=MG2DL
Requested by
Host: g2insights-cdn.azureedge.net
URL: https://g2insights-cdn.azureedge.net/prod/spokesman/g2i.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c6fecbc17abb1bbdcc4f5b1b5c9eb6d0628d9994d6f13e906ed8b84da11bbdee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:02:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53893
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 00:11:56 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Oct 2022 01:02:44 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/spokesman/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC75) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 01:02:44 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
132
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (amc/BC75)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7514946d-d01e-00f7-6dd6-e8ecd0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 26 Oct 2022 01:32:44 GMT
index.js
cdn.czx5eyk0exbhwp43ya.biz/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/index.js
Requested by
Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/spokesman/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC07) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 01:02:44 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
349984
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (amc/BC07)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
5d8434ad-601e-007a-61a7-e5eafe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
SR__SPOKESMAN.json
cdn.czx5eyk0exbhwp43ya.biz/prod/data/spokesman/ 		1 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/prod/data/spokesman/SR__SPOKESMAN.json?_=1666746164065
Requested by
Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/spokesman/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ea758c9f174e49eb299204b9e64fbee4e487ab99487ce5b35fa23629df2349db

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Wed, 26 Oct 2022 01:02:43 GMT
last-modified
Fri, 07 Oct 2022 22:00:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count
1
etag
0x8DAA8AF4E619662
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
46664fbe-701e-0092-25d6-e87368000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
content-length
1450570
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.107.12 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:02:45 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
BD4Q9NZNSJ607WNZ
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
NX2uZzXJ5R6aHRNX7W+I73yDadfsxoIGvDahkP375/E4sEJii+YMyC9BKSzfdzJ2wLdReUQL//Y=
x-amz-meta-s3b-last-modified
20191015T134358Z
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=440859140&t=pageview&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABBAAAAGACI~&jid=263703160&gjid=335000429&cid=309465307.1666746163&tid=UA-230256-42&_gid=408321798.1666746163&_r=1&gtm=2wgao0WQTQTTW&cd1=1666746164158.bj1up4eg&cd2=Not%20Set&cd5=Not%20Set&cd6=Not%20Set&cd7=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd3=Not%20Set&cd4=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=homepage&cd17=Not%20Set&cd18=Default&z=1875189977
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:02:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spokesman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQTQTTW&l=MG2DL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Oct 2022 23:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6410
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 26 Oct 2022 01:15:54 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=440859140&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MetaTagsCollected&el=Not%20Set&_u=aCDACEABBAAAAGACI~&jid=&gjid=&cid=309465307.1666746163&tid=UA-230256-42&_gid=408321798.1666746163&gtm=2wgao0WQTQTTW&cd1=1666746164167.2no50qx9&cd2=cbdd4583a05b9eb671bef42da782b04b&cd5=Not%20Set&cd6=Not%20Set&cd7=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd3=Not%20Set&cd4=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=homepage&cd17=Not%20Set&cd18=Default&z=730005784
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:22:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52844
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
4
api-54-203-81-50.aamapi.com/api/
Redirect Chain
  • https://api-54-203-81-50.aamapi.com/api/x?LKqwxm1aAONCmjrT$dXJsJDAkaHR0cHM6Ly93d3cuc3Bva2VzbWFuLmNvbS8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQwIi...
  • https://api-54-203-81-50.aamapi.com:444/api/4?LKqwxm1aAONCmjrT
43 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-54-203-81-50.aamapi.com:444/api/4?LKqwxm1aAONCmjrT
Protocol
HTTP/1.1
Server
54.203.81.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-81-50.us-west-2.compute.amazonaws.com
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 01:02:45 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
openresty
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
null
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
Expires
-1

Redirect headers

Date
Wed, 26 Oct 2022 01:02:44 GMT
Server
openresty
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Location
https://api-54-203-81-50.aamapi.com:444/api/4?LKqwxm1aAONCmjrT
Access-Control-Allow-Origin
https://www.spokesman.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
142
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-230256-42&cid=309465307.1666746163&jid=263703160&gjid=335000429&_gid=408321798.1666746163&_u=aCDACEABBAAAAGACI~&z=1334278567
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 26 Oct 2022 01:02:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spokesman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ 		223 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
099dab513d8ed4fe5dd80830bd52cbbc4c66a14eb7c96c620f0f64a6ba771f62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
C37C9069-B1A8-434F-B067-D1B116232DCC
strict-transport-security
max-age=31536000
date
Wed, 26 Oct 2022 01:02:43 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
223
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.217 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.spokesman.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 26 Oct 2022 01:02:43 GMT
x-content-type-options
nosniff
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022102001&jk=3919495966118040&bg=!39yl3JjNAAaaxvStusY7ACkAdvg8Wh4ln2A68rpkhG_2kHc5GnWTbvIpGYf8j1a4aX9oOzuapzMquQIAAABRUgAAAAJoAQeZAptHFMg_K7kHnoB3r33S_613cthiK8gF97gAN-d7DhAgutPewLBDZVWoIm-bDGwfsucidiS8NVV3zTRCKpPMuT6knx_jeSDaLnmsYW2XnWqYzznd60lyBhbXxGJKk1pfVnqdAwM_UYTEu7keoGPPj7A44aVAvzEHogMDPusayOwiONgpcLYVz7h8VNCHs_Kju06nZKLAw8UmyF12QuAVajF9wOcAP94Kqr1mfe5ypoD2HHjOEwKBwGPM7qvVFGp1pV0hZNFZ1HQkbxPVIaL574yBULni6L-L8b6dxjTJb3phXa39g_bcPghuvC7jMnasdcXSdVqyNQBkahQdcqskapog7iPIyDeHyUqI2vfzp92NKOCIARNH2nQLzT3d62Na3FmNhYlwBlnxJ3vrGNvgsH36b2PmRafNlm4Q0UJEb85qmZJ0zCsPzPi-zNbNhgMmaMDan2lw55VEWwdlE6X4on1NkaEDOR3q0aQVF0fn9IOvL0mjyxeBNQk9FFCePmNTznvQB-sqKLIjGAfnkob605juaH42PR4t4yJKa1HW0T6kB2VzR3R9FMLNMQmD9vOJMjsQj4ldIrG7VLpWTLohEsL6TGrpewT7ZE6vucmxZXkPG_b1ijpoEkm_XRh67xJcCaerS7_7FLNc9uuz-jAEx-A91Icd9xtNsMLN_yY2EJVsByneOEMOrPahdeg6FouPlImLMpkBeLXqhhL2QRsfDWZlYiZl-MZq-LRVAaQhC8m_QMJKEIpWeUNlMjurpNpMHbmJCAXSaWeS2GcC7uxTV22rlt5keJmoDKZB_F44-Uq-jUSAh1lUEcEROOgfmMsx2F3PeBgvcpLOFzQW6t89kd8HLrAByXq6IaoeyHUvyEKDbWlFl6ElxZuborAO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 7C60 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCwsNUqQ-obAbgdUmLWCYCo8w-3thNwFK_ULdnqy0xeMQK59gKjI3g4FR9BXlJBsW1vtXS4VUyEENE8l1e5ADTx1vdhrDOQyGntTqAiAG-922pAPqx&sig=Cg0ArKJSzJUCe7Q8VdnSEAE&id=lidar2&mcvt=1000&p=223,160,323,1440&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2404035854&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666746163247&rpt=196&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 383F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyi_9roWHFdWtULIEWcwxgens90H2ljc6bTDOz-xc_sFcmNxZp6F0PjMEW6SNUUBXcpqPN4tewhTuFLxJ9YYdpEmMGh9USGE3-oThweE_VXngHzELr&sig=Cg0ArKJSzCf4o4FEhjhaEAE&id=lidar2&mcvt=1000&p=340,1220,590,1520&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221024&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3725654123&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666746163271&rpt=238&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E3D3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTKaBZ82hdcz3zq5Tlzky_-pDUxDMKVXW7SOQR5FdTDAFbhAjmbHdQ6s1UQe5t2DXOmWTho--lscJPSfR96ClSYFiyhVXZPsTDQoaoszBWQnLG7HZg&sig=Cg0ArKJSzL7J_9ti1C1REAE&id=lidar2&mcvt=1001&p=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221024&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1337061979&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666746163261&rpt=285&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:02:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
x
api-54-203-81-50.aamapi.com/api/ 		0
387 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api-54-203-81-50.aamapi.com/api/x?LKqwxm1aAONCmjrT$YWRibG9jayQ3NDYkMA
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:600:6e02:fa99:4bc:327d:2aa3 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 01:02:44 GMT
Server
openresty
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.spokesman.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
-1
views
prod-spokesman-proxy-connext.azurewebsites.net/api/ 		64 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-spokesman-proxy-connext.azurewebsites.net/api/views?UserId=cbdd4583a05b9eb671bef42da782b04b&ConfigCode=SPOKESMAN&SiteCode=SR
Requested by
Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/spokesman/t8y9347t.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
26a3fabdf71141620385737bed9c17655464346664a470a1bdd006c96660d940

Request headers

source-system
Plugin
site-code
SR
autoqa
false
accept-language
de-DE,de;q=0.9
settingskey
null
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3Mzg3NDYxNjR9.OADTXIllhK2JSZVkvxu0XHNbMAqM0nAjuZCLw0KTbLU
ssid
062514d1f842003d4da64fc6851f14ac
environment
prod
config-code
SPOKESMAN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json
access-control-allow-origin
*
accept
application/json
location
System
Referer
version
Version: 2.8.2

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 26 Oct 2022 01:02:47 GMT
Content-Encoding
gzip
X-Server-Time
10/26/2022 1:02:47 AM
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
176
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
views
prod-spokesman-proxy-connext.azurewebsites.net/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-spokesman-proxy-connext.azurewebsites.net/api/views?UserId=cbdd4583a05b9eb671bef42da782b04b&ConfigCode=SPOKESMAN&SiteCode=SR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method
GET
Origin
https://www.spokesman.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin
*
Content-Length
0
Date
Wed, 26 Oct 2022 01:02:47 GMT
X-Powered-By
ASP.NET
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/spokesman/t8y9347t.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.107.12 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:02:48 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
W0Z9EGX5467AG1YX
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
KVEX9a984UeDBZzhaoxw7uJbeGG06W0ezEoFk/E8TVn8kZ4XFmxDupcO/R6dn1sgUgOm8up2E78=
x-amz-meta-s3b-last-modified
20191015T134358Z
index.js
cdn.czx5eyk0exbhwp43ya.biz/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/index.js
Requested by
Host: cdn.czx5eyk0exbhwp43ya.biz
URL: https://cdn.czx5eyk0exbhwp43ya.biz/prod/spokesman/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (amc/BC07) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 26 Oct 2022 01:02:47 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
349987
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (amc/BC07)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
5d8434ad-601e-007a-61a7-e5eafe000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=440859140&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MeterLevelSet&el=%7B%22MeterDetermineMethod%22%3A%22Dynamic%22%2C%22MeterRuleName%22%3A%22Home%20Page%22%2C%22MeterLevel%22%3A%22Free%22%7D&_u=aCDACEABBAAAAGACI~&jid=&gjid=&cid=309465307.1666746163&tid=UA-230256-42&_gid=408321798.1666746163&gtm=2wgao0WQTQTTW&cd1=1666746167991.8srw387&cd2=cbdd4583a05b9eb671bef42da782b04b&cd5=Not%20Set&cd6=Unknown&cd7=Free&cd8=Not%20Set&cd9=Not%20Set&cd3=Not%20Set&cd4=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=homepage&cd17=Not%20Set&cd18=Default&z=206616707
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:22:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52848
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=440859140&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=ConversationDetermined&el=%7B%22ConversationName%22%3A%22Homepage%20Sale%20Promo%22%2C%22MeterLevel%22%3A%22Free%22%2C%22ConversationDateStarted%22%3A%222022-10-26T01%3A02%3A48Z%22%2C%22ConversationDateEnded%22%3A%22Not%20Set%22%2C%22ConversationDateExpiratation%22%3A%222022-11-25T01%3A02%3A48Z%22%2C%22ConversationPaywallLimit%22%3A%22unlimited%22%2C%22ArticleViews%22%3A%221%22%7D&_u=aCDACEABBAAAAGACI~&jid=&gjid=&cid=309465307.1666746163&tid=UA-230256-42&_gid=408321798.1666746163&gtm=2wgao0WQTQTTW&cd1=1666746168145.0fofc4nm&cd2=cbdd4583a05b9eb671bef42da782b04b&cd5=Not%20Set&cd6=Unknown&cd7=Free&cd8=Homepage%20Sale%20Promo&cd9=1&cd3=Not%20Set&cd4=Not%20Set&cd10=unlimited&cd11=unlimited&cd12=2022-10-26T01%3A02%3A48Z&cd13=2022-11-25T01%3A02%3A48Z&cd14=Not%20Set&cd15=Not%20Set&cd16=homepage&cd17=Not%20Set&cd18=Default&z=461384451
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:22:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52848
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=440859140&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=PageView&el=%7B%22Page%22%3A%22The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington%22%2C%22ContentType%22%3A%22Not%20Set%22%2C%22MeterLevel%22%3A%22Free%22%7D&_u=aCDACEABBAAAAGACI~&jid=&gjid=&cid=309465307.1666746163&tid=UA-230256-42&_gid=408321798.1666746163&gtm=2wgao0WQTQTTW&cd1=1666746168219.mxj4w2ph&cd2=cbdd4583a05b9eb671bef42da782b04b&cd5=Not%20Set&cd6=Unknown&cd7=Free&cd8=Homepage%20Sale%20Promo&cd9=1&cd3=Not%20Set&cd4=Not%20Set&cd10=unlimited&cd11=unlimited&cd12=2022-10-26T01%3A02%3A48Z&cd13=2022-11-25T01%3A02%3A48Z&cd14=Not%20Set&cd15=Not%20Set&cd16=homepage&cd17=Not%20Set&cd18=Default&z=724749651
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Oct 2022 10:22:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52848
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer string| PAYMETER_ENV boolean| PAYMETER_DEBUG function| $ function| jQuery string| config_file function| loadScript function| waitForGlobal function| domready object| lazySizesConfig object| lazySizes object| google_tag_manager object| google_tag_data object| googletag object| ggeac object| google_js_reporting_queue object| sr_ads object| slots number| viewportWidth function| viewportResizedHorizontal function| paragraphCount function| debounce function| defineAd function| enableAds function| displayAd function| refreshAds function| showAds function| setupCatfish function| setupSiderail function| setupInstory function| removeEmpty function| setupAds function| startAds string| GoogleAnalyticsObject function| ga undefined| google_measure_js_timing function| At object| n function| t object| SrExpandoBox boolean| authenticated boolean| attemptedAuth function| check_authentication function| sideMenu function| setRefresh function| SRPageInit object| calendarFilters object| TabNav object| SrFilterList object| HideAndSeek object| SRSectionNav object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| Gumshoe function| Splide object| splide function| onYouTubeIframeAPIReady object| gaGlobal object| plinks object| menus object| _matherq object| catfishParent object| button object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaplugins object| gaData object| _mather object| _mg2q object| tid object| MG2Loader object| _atrk_opts object| GlobalAamNamespace function| aamsitecertifier function| ia string| slotElementId object| slotElement object| GoogleGcLKhOms function| atrk boolean| _atrk_fired object| _0x5193 function| _0x27fd function| _typeof object| eventsUUIDGen function| uuidGenv4 function| uuidGenerator object| weightedFilter function| getOGTags object| loadTags object| appInsights object| Snowplow object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AI object| Microsoft function| __extends function| _endsWith object| nxtBundle object| webpackJsonpnxtBundle function| setImmediate function| clearImmediate object| NxtInner object| Connext object| CnnXt string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights function| __$PP object| MG2DL function| _____WB$wombat$assign$function_____ function| __WB_pmw object| gPartners object| google_image_requests

24 Cookies

Domain/Path Name / Value
www.webservice-pp.com/ Name: PHPSESSID
Value: 553b469dfe7abdf758db8aa67461eeaa
.spokesman.com/ Name: _ga_G3BY0LGVDL
Value: GS1.1.1666746162.1.0.1666746162.0.0.0
.spokesman.com/ Name: _ga
Value: GA1.2.309465307.1666746163
.spokesman.com/ Name: _gid
Value: GA1.2.408321798.1666746163
.spokesman.com/ Name: _dc_gtm_UA-230256-14
Value: 1
.spokesman.com/ Name: _sp_id.53c5
Value: 3fc2ec14-c2bb-459d-9c11-a76161249b17.1666746163.1.1666746163.1666746163
.spokesman.com/ Name: _sp_ses.53c5
Value: *
.spokesman.com/ Name: __gads
Value: ID=08466fbe025a69b4-225f9e2157ce00b2:T=1666746162:S=ALNI_MaCa6-Y6qkKFUZcFv36A7s1FnRZcQ
.spokesman.com/ Name: __gpi
Value: UID=00000b78708cbcd3:T=1666746162:RT=1666746162:S=ALNI_MZxnKkocHBGiZT6U5TfYs-GFTcN0g
.spokesman.com/ Name: __asc
Value: e62bf67c18411d0206bc0a95a17
.spokesman.com/ Name: __auc
Value: e62bf67c18411d0206bc0a95a17
.doubleclick.net/ Name: IDE
Value: AHWqTUl7aGXLmQCreWY0aaTRE8-LKesGnCKI6w-DmNsHHeFDOLXau_2-8lt8dYweii8
www.spokesman.com/ Name: _gada_ses.e3de
Value: *
www.spokesman.com/ Name: _gada_id.e3de
Value: c393b76d-82f6-4e51-966a-102c3673d7bb.1666746163.1.1666746163.1666746163.ab6c0d44-cdf4-48e9-8cc2-0eefaa52abf1
www.spokesman.com/ Name: privAu
Value: 0
.pymx5.com/ Name: _ia_uid
Value: eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.1RsHqJjUOrARvvnfi212Q1Bs7Gv2L7wkyCLVCGwUWVQsK33FyemC_Q.Y74Lv1aoc3r_LKSy.cBvcdUQSzVoLGkhBFeXexfI2xWW_qGtGwohFxP1T50F4obwvAIKvAG7oNGk4qY8zf7cJffBKfPjg6B8PP2TPcjuegd46T1cJ1PXg1pFwNyieHN_7SO_5ZGLpuAPVt3sPgnSROor4NJCWuBCxsupDOL62igClyNwLGshPDFosAb60UD74juLLEWfQaYIQdkjNM5lcthhyliMhsYJLUDGPy5akg5woYSKntgfz9p9YuX0naTFSQX1Cid6UWIXtCMEpc6YzBDpgpQXQ6EHpEoeJFRVx5HDo23LW9XKWSeTYv8Xc3fn2jxS5aYor5X7gijOHTSETZq-m_xlwxC11noSYTZT3KPK5fe3JeQ8jnX82q9I.kWRLRa6xjpERuRFHBasnhQ
.pymx5.com/ Name: _ia_version
Value: 2
www.spokesman.com/ Name: ai_user
Value: EgGy1|2022-10-26T01:02:43.618Z
.doubleclick.net/ Name: DSID
Value: NO_DATA
.spokesman.com/ Name: anonDeviceId
Value: cbdd4583a05b9eb671bef42da782b04b
.spokesman.com/ Name: _gat_UA-230256-42
Value: 1
www.spokesman.com/ Name: ai_session
Value: bcUxu|1666746164189.8|1666746164189.8
.spokesman.com/ Name: nxt_upd_ac_SR_SPOKESMAN_PROD
Value: 1
.spokesman.com/ Name: nxt_SR_SPOKESMAN_PROD
Value: {%221%22:{%22100132%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:%222022-10-26T01:02:48.053Z%22}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:100132}}

2 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://cdn.ampproject.org/rtv/012210071758000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

588933f7ad1de15d1e87037103fe6cef.safeframe.googlesyndication.com
aamapi.com
aamcf.aamsitecertifier.com
aamcftag.aamsitecertifier.com
adservice.google.com
adservice.google.de
api-54-203-81-50.aamapi.com
api-mg2.db-ip.com
api.pymx5.com
az416426.vo.msecnd.net
cdn.ampproject.org
cdn.czx5eyk0exbhwp43ya.biz
cdn.sbgsodufuosmmvsdf.info
certify.alexametrics.com
d31qbv1cthcecs.cloudfront.net
dc.services.visualstudio.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
googleads.g.doubleclick.net
js.matheranalytics.com
loader-cdn.azureedge.net
media.spokesman.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
polyfill.io
prod-spokesman-proxy-connext.azurewebsites.net
pymx5.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
securepubads.g.doubleclick.net
spokesman.com
static.spokesman.com
stats.g.doubleclick.net
thumb.spokesman.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.spokesman.com
www.webservice-pp.com
107.178.250.234
13.224.189.101
13.225.78.112
13.69.106.217
13.85.16.224
172.67.75.166
2001:4860:4802:32::36
2600:1f14:600:6e00:f5ab:d4b1:b508:c0cd
2600:1f14:600:6e02:fa99:4bc:327d:2aa3
2600:1f16:bc:1201:750e:b3a:3b3d:43b3
2600:9000:20eb:4400:2:4597:5e80:93a1
2600:9000:20eb:6000:18:730a:3f00:93a1
2600:9000:20eb:f200:14:c3e7:6780:93a1
2600:9000:21f3:4400:0:b5fb:e6c0:93a1
2600:9000:21f3:7600:1e:dc88:cb00:93a1
2600:9000:21f3:d600:13:3ce1:5800:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:801::2004
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9c
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:600::282
3.219.38.131
34.96.74.203
35.227.203.93
52.216.107.12
52.89.126.190
54.203.81.50
54.204.70.169
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
099dab513d8ed4fe5dd80830bd52cbbc4c66a14eb7c96c620f0f64a6ba771f62
0be6f22877adc569a912e863f73a544a719254fb769e5fae863a68a3226a77d7
26a3fabdf71141620385737bed9c17655464346664a470a1bdd006c96660d940
26e336b5a4bcf66f5344dab464263c6379803de92d4643ac2688dfa8190dd7dd
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
3cba08c0a48721ca3ce0ffc3abd06c6d0a7194a31de0b899b6c62eef75c5d1f8
3e77d5671f0049d53d09515be6ac7a24c1bedc389c6df72161c32b6059de1a33
3fd492fb82403f50e1207e5574498044db25d49b410ab111baf51e0971bcf813
4258ee1a0fa59580f3bea33f5fdfa57a35d952ae96806c7c79148013ecd56e05
42fe0c8d1d2f2b0091966ccace2a0d3c28aa644f32181f46b4e29b8bdd1eca97
437785da1268f775e78e7e9fc19a7bc6a9e5d2d61bfb984b4b95c6f7dae033ef
44c448205f15c4f82a4dfe267d5a2efac45224543d44a7c073b167813d449fce
48ab653c06f099d89a710112a2eae9ea1cfcbabcace357575b09eac3556be2f8
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4a805f6700024751629195f182c0b1f61db560ccdcdb18d6e66d8609f925fbb1
4b9f5c2fc369365cf4de7b90eccf931b43af63a9d68360810502e6784e97b48e
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
52325baf632ab7176ba3797ef81673893280681d5b0248dc53c6ea9107192c9f
54ab27cd8e9c7c14f649b9250d5f3a7b14655aba6bca37c608a54335026c40c8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561b1637d8df8588d26f23efe269e2b9eacdf3057aa392f7fd6f47b410061f01
5a0ab648e06a71046651d509fc6e3201f8a7875fb19edfabc4e2955b383fca16
5a2aee262821f014d61d9949b24dd6e194a702ae23c9e3661824e512e550ec09
5ba65148259568967389d182b434f97e0da7b6cd83abf926a602433a340ca9d0
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a6662d57c222f2ddd2a524dad8141679764784629d3c19a4ce438bd180a4fe
6432852ea423ad2e1cd329085871ee31091a94ad5676bfcd46ba872f22684a6f
655b5f5287f2dfb379f966d30e1ed29de52979ba4fc34ef3cd90535e72edd946
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dfc02a8e6f295102871d721f23120a13077e491345a93614fcbb43867de3301
73f324ffa7c71e72be7d3cf2fb323b27abd2d02f9f3e0ec251d15694d0180bb3
79fc30a3a4b255c915bba01c0691a5653ec71151821aedb5147898821927e362
7d628dd59d683f1148f351275ffe0db6089f101b906b1bd1644362b2cc7e2616
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4c45d4d453a388e383e5960ea14b6f751325512c8a6e59b6f065b30dfabaf0
8a68eaceb4ef568eb84fed47013d6eb89e75fa21a4b9373aa764fbd9a181b3e7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8eb022bbca485fb341456ac35ad8bfc2d1ac9e73a78fd6c2bd6315b7101f41d1
8ff6f6a06f75a380876dc767007368d7a2e22633ea1ca28387e0b39aee5367e8
903c4bb3fd970c4cf3a557824d8d44f9c9ce0bc25316ccbb5cbb989b18cfe2f5
934ac61f1a429d3c14da7c8d9244d26a07c740d871ba45eca88f875ae993ad5b
93574b3908008da37c1a15d3293d748e03dea59abdec95974ca27959fc38cc1f
9437490e4f56c98a9918b0e8f8f077f9e83f27ee69c1547ac1f229fcb4470fae
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77ccf47a61b8eb1d83a4101826726c3b2b0e5b34eb9f2601785b4d1e513932c
ab2e65cd767ab27b65e3bd2f97ffa0163af196c8a0eceb292f5d57527c9adce8
ac5baa1f2e819affcac06a49335f85874506e6d8f5cb9d8300f2df5fe1a8b9c8
af44b91aee646d43b9687c2f00450dd0ade50f4b8c7a78e6b99257f1d5e8984c
afe8bc0a8ef36c6a49b64fdbd256fb4eacf1041a562617179e2f44d2f30c7198
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b613f403ca62b0729393cfd263745974a7fa73bafbda405040fde013fc328656
bf0aa24d09af1cf519a71ab5810beada6d9519e92e9203719edae4f47c793630
c0b6afc13fff61b327bfa4173a2cf32898a9f623c0cb69eabde3174e11b18a89
c1577ba94752b8302f8a5518b1ccd8b21507a7da67cd613dc990e8fd10f8ab5e
c1a476b3442043756f97fc98c480c06c65c74207e12ae6ba150eee21d7eed067
c204d74510df805aa19f5d51e7a2eddf4ce52f543a84271b936e81b41135bb22
c6fecbc17abb1bbdcc4f5b1b5c9eb6d0628d9994d6f13e906ed8b84da11bbdee
c715c077337241dea25237c75896ceb0ace0795851c03efb40bd8464eea9f5d5
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc424c21077c5d9c6bcff2835d2cc8b608fb23a97ef07918d3af89ca34c2a896
ce909c4473953c4cb77c836309b8a3c7bcd8c5c75cacd504804e230017c1d8ec
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4890a3c7a6d70985e71fb7178c58b8c3ff183e6edbb3f07a41affe5b897d3ae
d5ab7a711dbf5b4a5cbc4d94af6322938bdbf8ecc4fcb41846913998ea615468
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d9149b5f9e35be0572e7809bbe20cdaca83abaa455747390c2a0a2432736df52
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e15f20e9ef9afb2d807e387e719bf1e183ac72a1ff378d2b28f79cc33efd9ae5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93c85341a48fbccd80f6d316b0d45b3b951169f4390adfb5cf81609f4160d45
ea758c9f174e49eb299204b9e64fbee4e487ab99487ce5b35fa23629df2349db
ed84af90a416c874f7afd29d3384881cdb10c49ff99c9bc4501eea44870c23a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629