www.spokesman.com Open in urlscan Pro
2600:9000:24f8:e600:0:b5fb:e6c0:93a1  Public Scan

31 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://sign-amazonaccountupdateegpzawy.duckdns.org/ HTTP 307
   https://spokesman.com/ HTTP 301
   https://www.spokesman.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

• https://idsync.rlcdn.com/712559.gif?partner_uid=7c7b1090-e792-4f9c-929d-ebc04a385acd HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDdjN2IxMDkwLWU3OTItNGY5Yy05MjlkLWViYzA0YTM4NWFjZBAAGg0ImryLqQYSBQjoBxAAQgBKAA HTTP 307
• https://pippio.com/api/sync?pid=5324&it=1&iv=48dbb135e8ecaf2c0872ec7fca54a0711630698286d4b652c78bd6c43f117ea5791426b5417dce21&_=2 HTTP 307
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=48dbb135e8ecaf2c0872ec7fca54a0711630698286d4b652c78bd6c43f117ea5791426b5417dce21&rand=05637311 HTTP 302
• https://px.ads.linkedin.com/db_sync?pid=10339&puuid=48dbb135e8ecaf2c0872ec7fca54a0711630698286d4b652c78bd6c43f117ea5791426b5417dce21&rand=05637311&expected_cookie=130aace1-3ffb-4f80-a7b9-dc71bb806e56

Request Chain 31

• https://js.matheranalytics.com/s/ma20153/575681700/ml.js?cb3=1637 HTTP 301
• https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js

Request Chain 145

• https://securepubads.g.doubleclick.net/pagead/adview?ai=CLm99G94iZYrkMcjS_gSVg4bwAbKJtrpzxfO1r4ASue7wyKoBEAEgqOu9ngFgyYaAgNyjxBCgAaHAmPEoyAEJqQLIyeYGh1-CPuACAKgDAcgDywSqBM0CT9DgTWA-bgtauFtRt_sQsccXhXKEsJwQB_4ltHdkCFa33jtBbg8H1N-U2YMzbYunZ4XirvCL1a4wc-Niv9RHHMO0CPIag13hI4jSv-3sgn9174zf2hHYvFXb8PaF3NI9LwchhFkZVo7HsyH1SarX46OrakvmMf4DDtBVk5uBhazq7iceb4tPQ5hp578IAOH0QebHVolIubIAgMEqGwBNkYK333VQVcvHbdwEq9UNRDsuEQSo8cWSptJvid_AJR5wbyvDzN4QtXXFNGxL4RKDACuDkgzn1wlXl9VwjZ_mhv_9OPQV2NBjbgJtD1zN6aJiofUIglhxW1uwKkMrKK62dN_frdQvLC-F_9m4JV8jgvWr1B4XoimvpjSH27tDLT2yujjTGnYrwZPuXLjXML-N9IsRaU76EESMAxT5qHwbEjaQXkXP2bbY9YDNDW7RwASrtKPLvwTgBAGIBa-L18VMkgUECAQYAZIFBAgFGASgBi6AB_Dq6ZIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEPyHHNIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgn_AWh0dHBzOi8vd3d3LnRlbXUuY29tL2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9MjExfmVuflVTRCZnb29kc19pZD02MDEwOTk1MTc2ODk1MTkmX3BfcmZzPTEmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2Fkc19jaGFubmVsPWdvb2dsZSZfeF9iZ19hZGlkPWdkMTUxMzY5NS0xJnRvcGljX2NsYXNzaWZ5PTEyMYAKA8gLAdoMEAoKELCXiNnwkZ-MVxICAQPiDRMIh-ztzPTmgQMVSKmfCh2VgQEe2BMN0BUBgBcBshceChwIABIUcHViLTk3Nzk2NTIxMjIwMTQ3MjgYuYoG&sigh=mmd26-CO2Y8&uach_m=[UACH]&ase=2&cid=CAQSTADICaaNBIyTDEu3GTqwNF7Xe5AYeOvZtAmXQ_i7qo2H0FeJe7G86r9l8JQ7ZVmzk-xlhKwB4887oFja96xJ9KIMcihwNS65hlLJTyoYAQ&template_id=494&nis=5 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ffcb3ff8b8dff30000000000000000%22,%222%22:%220x37dcef6c53b77b330000000000000000%22,%223%22:%220xfe7d8892d29516920000000000000000%22,%224%22:%220x66a431d79cd131670000000000000000%22,%225%22:%220xe324df5e3386d2db0000000000000000%22},%22debug_key%22:%2213025174825447601524%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2210-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210911041001937312241%22}&andc=true

Request Chain 156

• https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC6o_afKhCwCRiwCTIIyPC0mtCeWjM HTTP 301
• https://tpc.googlesyndication.com/simgad/7775594092382834397

Request Chain 173

• https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx HTTP 302
• https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx HTTP 302
• https://cs.media.net/cksync.html?cs=8&type=opx86b217a4-3a70-0279-02ea-c20f522ca2ed

Request Chain 174

• https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=&gpp=${GPP_STRING_142}&gpp_sid=${GPP_SID}&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
• https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1a758f0d-4bd4-47be-81c7-e2fd86a17522&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=

Request Chain 176

• https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ HTTP 302
• https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=PLhVgFvR1QPx0i5

Request Chain 177

• https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 HTTP 302
• https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=d6e07841-073d-417f-9998-179ace539113&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dmedianet%26user_id%3D%24UID HTTP 302
• https://x.bidswitch.net/sync?dsp_id=440&ssp=medianet&user_id=TQV8oFwmtOGpPFj4ckgg0 HTTP 302
• https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=d6e07841-073d-417f-9998-179ace539113&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 178

• https://gum.criteo.com/sid/json?origin=publishertag&domain=spokesman.com&sn=ChromeSyncframe&so=0&topUrl=www.spokesman.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
• https://mug.criteo.com/sid?cpp=Fxwep3xwWmhxUU11TXRzZk9TeThtWEd2UXRWQk5LeCtRa2IxeXRxZlVsempmWVBzRlAwNiszU1ROSFlOelIzcW5RZ2hOcm9ScmhmTG5LcjlWKy91RUNFTGtMWk01dFB4ZHFSWkhuSG1WTXZ5NUF4dFNqWExjSG56bVA2TTY3ajFUTXNreGNtWERNRDBwUHlORzhtWTdXbUQxcXU4cmdzSnVITFkxS3E5K2NWWDhzQzV1NnhneDNZMXpDZ2MweXdCajdGRytoVXh4cTBTUkduYXF0cGhtY2xzU09jRlJLQXBrblI1ZldEWDRuVWZTcnBFOXQ3ZC9rTWhQUDUwS05yUkgxNUhSckV6M2ZpYzZ5bjlnS0NnY2ZZVlpldz09fA&cppv=2

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.spokesman.com/ Redirect Chain https://sign-amazonaccountupdateegpzawy.duckdns.org/ https://spokesman.com/ https://www.spokesman.com/	247 KB 49 KB	453ms 175ms	Document text/html	2600:9000:24f8:e600:0:b5fb:e6c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f8:e600:0:b5fb:e6c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.24.0 / Resource Hash 4641346a406c6bd5fc755b4556cd9d9299b72235ea34b03c199588e4e04d01b3 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 65 cache-control max-age=300 content-encoding gzip content-security-policy upgrade-insecure-requests content-type text/html; charset=utf-8 date Sun, 08 Oct 2023 16:50:31 GMT referrer-policy same-origin server nginx/1.24.0 strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding,Cookie via 1.1 2f743a0ca9cc9da3bb8d81eb8b012916.cloudfront.net (CloudFront) x-amz-cf-id 9DETCdLZ_bxsrOb4C7nh78CDADjnF2C714cX3o5H7bWr1Ob2nU0aRg== x-amz-cf-pop MCI50-P1 x-amzn-trace-id Root=1-6522ddd7-08cb87c03e5223e7071d8dc2 x-cache Miss from cloudfront x-content-type-options nosniff x-frame-options DENY x-robots-tag noarchive Redirect headers age 2850 content-length 0 date Sun, 08 Oct 2023 16:04:07 GMT location https://www.spokesman.com/ server AmazonS3 via 1.1 1297ec043592c7b1473e5982c5d90ea2.cloudfront.net (CloudFront) x-amz-cf-id 5KEHtwDVJLdrQSl5jCjoNKOPEgIpm0vPJviCrbg9lYp9uuxp-O4CwQ== x-amz-cf-pop MCI50-P1 x-cache Hit from cloudfront
GET H2	200	sr-loader.png thumb.spokesman.com/uO6q6eDqVn9RLDznlEJuDvMVKgE=/600x0/media.spokesman.com/graphics/2018/07/	11 KB 12 KB	396ms 82ms	Image image/webp	2600:9000:24f8:a200:2:4597:5e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://thumb.spokesman.com/uO6q6eDqVn9RLDznlEJuDvMVKgE=/600x0/media.spokesman.com/graphics/2018/07/sr-loader.png Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f8:a200:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Thumbor/6.7.5 / Resource Hash ab2e65cd767ab27b65e3bd2f97ffa0163af196c8a0eceb292f5d57527c9adce8 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 27 May 2023 12:39:41 GMT via 1.1 8812178a174bf0625299e1bd0e9ac280.cloudfront.net (CloudFront) server Thumbor/6.7.5 x-amz-cf-pop MCI50-P1 age 11592715 etag "7b6592542ec6d8d4377eb143251c2f5b7d76aad9" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31104000,public content-length 11662 x-amz-cf-id qGBJUYXpaJ5ZiMGU_drpjMqzCW_qXfWbCWIH_X7V3jwc7NYvvAjpRg== expires Tue, 21 May 2024 12:39:41 GMT
GET H2	200	style.min.0f607ecff4a8.css static.spokesman.com/sv3/css/	421 KB 88 KB	392ms 78ms	Stylesheet text/css	2600:9000:2514:e00:1e:dc88:cb00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.spokesman.com/sv3/css/style.min.0f607ecff4a8.css Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:e00:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 32e8edbe0e2e15591a390bbb441e6c92e6af0a3fabcaeeaf62ee9a75c1a94089 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 11 Sep 2023 22:50:10 GMT content-encoding gzip via 1.1 368bc8b1f5073a6f7cdb40029e9a5a88.cloudfront.net (CloudFront) last-modified Mon, 11 Sep 2023 22:49:57 GMT server AmazonS3 x-amz-cf-pop JFK50-P8 age 2311287 etag W/"0f607ecff4a84cb516e3a45fb2b843c9" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=31536000,public x-amz-cf-id HZKUAg9c0KOo8CBQrgkqvJB1x2ffGaOa-FEv6h9JXZxzNo7BbsUjbw==
GET H2	200	jquery.min.12b69d0ae6c6.js Show response static.spokesman.com/js/	87 KB 31 KB	517ms 204ms	Script application/javascript	2600:9000:2514:e00:1e:dc88:cb00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.spokesman.com/js/jquery.min.12b69d0ae6c6.js Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:e00:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 04 Sep 2023 11:44:50 GMT content-encoding gzip via 1.1 368bc8b1f5073a6f7cdb40029e9a5a88.cloudfront.net (CloudFront) last-modified Fri, 01 Sep 2023 16:15:07 GMT server AmazonS3 x-amz-cf-pop JFK50-P8 age 2956008 etag W/"12b69d0ae6c6f0c42942ae6da2896e84" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000,public x-amz-cf-id VgDqSWuKy_mL2XENE_HHAyloHtN1QkI0PdRCUyuc34cBTk-gQWXxUg==
GET H2	200	critical.min.7f719ef7842f.js Show response static.spokesman.com/sv3/js/	21 KB 7 KB	71ms 70ms	Script application/javascript	2600:9000:2514:e00:1e:dc88:cb00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.spokesman.com/sv3/js/critical.min.7f719ef7842f.js Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:e00:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5ba65148259568967389d182b434f97e0da7b6cd83abf926a602433a340ca9d0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 05 Sep 2023 11:22:01 GMT content-encoding gzip via 1.1 368bc8b1f5073a6f7cdb40029e9a5a88.cloudfront.net (CloudFront) last-modified Fri, 01 Sep 2023 16:16:13 GMT server AmazonS3 x-amz-cf-pop JFK50-P8 age 2870977 etag W/"7f719ef7842f474e36e669c95955f7b0" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000,public x-amz-cf-id TcCFR-vbqcGLfrk_cD3OdJn-mqBl3FqWJ4M4ttnndhiv_zwNlUlToQ==
GET H2	200	flipptag.js Show response cdn-gateflipp.flippback.com/tag/js/	94 KB 35 KB	326ms 120ms	Script application/javascript	108.157.150.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1194406 Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.150.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-150-19.mci50.r.cloudfront.net Software envoy / Resource Hash 4fe0d1308cdb3e9d957057a5c51bb6a78adf7e3dfa8126d9eb779f3bdaf1a30b Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:37 GMT content-encoding gzip via 1.1 cf567e13ca330a067e66491bca1f4e6c.cloudfront.net (CloudFront) server envoy x-amz-cf-pop MCI50-P2 vary Origin,Origin, Accept-Encoding x-cache Miss from cloudfront content-type application/javascript cache-control no-store x-envoy-upstream-service-time 5 x-amz-cf-id Us_wIR36RdhXhxAFIUMthyDYgAZsVnw6Ru8k4SE_S2sl9We3BNzJjg==
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	99 KB 29 KB	347ms 193ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5d162a14d8f41c8175f067a9d90f5306fec7bceb8afd155ae7e5313b4af3c668 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:37 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29506 x-xss-protection 0 server cafe etag 702 / 19638 / 31078562 / config-hash: 4974023841911941900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 08 Oct 2023 16:51:37 GMT
GET H/1.1	200 OK	adb.4364783.min.js Show response prod.adspsp.com/	2 KB 2 KB	203ms 56ms	Script application/javascript	18.160.46.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod.adspsp.com/adb.4364783.min.js Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.160.46.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-70.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 7875ee222574b0864364a8ebf731cc1a7a7b109cfbc586257c60593947f376b2 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 16:30:49 GMT Content-Encoding gzip Via 1.1 edc440dfdd4dccb638ead805c7f4dbfe.cloudfront.net (CloudFront) X-Amz-Cf-Pop IAD55-P2 Age 1249 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Mon, 02 Oct 2023 19:09:36 GMT Server AmazonS3 ETag W/"b6c44ef13b7e9fd3b3628ad541c0f303" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=1800 X-Amz-Cf-Id Lq1Wvx78uyYQacB7anACPEfvHfaYNXAm17eUjV7_z-kpV0uNpXawag==
GET H2	200	base_ads.3d7203f56dfe.js Show response static.spokesman.com/ads/spokesman/	4 KB 2 KB	74ms 73ms	Script application/javascript	2600:9000:2514:e00:1e:dc88:cb00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.spokesman.com/ads/spokesman/base_ads.3d7203f56dfe.js Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:e00:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a120a51667f8a7d4c6202c1ca0df9a2a458633a96f2c1c57116434887a5d3565 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 07 Sep 2023 17:42:47 GMT content-encoding gzip via 1.1 368bc8b1f5073a6f7cdb40029e9a5a88.cloudfront.net (CloudFront) last-modified Thu, 07 Sep 2023 17:41:48 GMT server AmazonS3 x-amz-cf-pop JFK50-P8 age 2675331 etag W/"3d7203f56dfed810ab1f436853ddd579" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000,public x-amz-cf-id aX-eM9G-SPbb7BfdFLvryJaTSIDW8JXqm_yPJdcSIailUl-sy6ZhKQ==
GET H2	200	day-clear.png static.spokesman.com/sv3/img/weather/header-icons/new/	13 KB 14 KB	73ms 72ms	Image image/png	2600:9000:2514:e00:1e:dc88:cb00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.spokesman.com/sv3/img/weather/header-icons/new/day-clear.png Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:e00:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash eaf1a8c6cabdead3a47f6ee65cdf7e397b13afb5c3ba959519cdb144812534a1 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 11 Jul 2023 17:15:38 GMT via 1.1 368bc8b1f5073a6f7cdb40029e9a5a88.cloudfront.net (CloudFront) last-modified Mon, 10 Jul 2023 18:27:02 GMT server AmazonS3 x-amz-cf-pop JFK50-P8 age 7688160 etag "d3b858ea96628e5a88eae296a67f7c74" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/png cache-control max-age=31536000,public accept-ranges bytes content-length 13672 x-amz-cf-id h2W_C5GR9voRdT57ljOuS0G7RHg5uCq2nAO7XpgBvwhMstUeDJmWDg==
GET H2	200	gtm.js Show response www.googletagmanager.com/	206 KB 73 KB	284ms 111ms	Script application/javascript	2607:f8b0:4020:804::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6 Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b361ccf05444c444a329a6bd9abec0341581b7d5556d56edc7dc63af2e32308e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:37 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 74536 x-xss-protection 0 last-modified Sun, 08 Oct 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 08 Oct 2023 16:51:37 GMT
GET H2	200	sr-loader.png thumb.spokesman.com/uO6q6eDqVn9RLDznlEJuDvMVKgE=/600x0/media.spokesman.com/graphics/2018/07/	11 KB 12 KB	82ms 82ms	Image image/webp	2600:9000:24f8:a200:2:4597:5e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://thumb.spokesman.com/uO6q6eDqVn9RLDznlEJuDvMVKgE=/600x0/media.spokesman.com/graphics/2018/07/sr-loader.png Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f8:a200:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Thumbor/6.7.5 / Resource Hash ab2e65cd767ab27b65e3bd2f97ffa0163af196c8a0eceb292f5d57527c9adce8 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 27 May 2023 12:39:41 GMT via 1.1 8812178a174bf0625299e1bd0e9ac280.cloudfront.net (CloudFront) server Thumbor/6.7.5 x-amz-cf-pop MCI50-P1 age 11592715 etag "7b6592542ec6d8d4377eb143251c2f5b7d76aad9" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31104000,public content-length 11662 x-amz-cf-id Du2aNeFISfb6ycTHLHPp-_YKPWYEjOq34hWR-nnsKb1vrUI4VJ-oBQ== expires Tue, 21 May 2024 12:39:41 GMT
GET DATA	200 OK	truncated /	157 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3b5325c8198b46a1f04b64e166cfd31781b2b397f503bea8aed9356e6426b09b Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	651de204f24ca.hires.jpg media.spokesman.com/photos/2023/10/04/	1 MB 1 MB	344ms 148ms	Image image/jpeg	2600:9000:24f9:ea00:18:730a:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.spokesman.com/photos/2023/10/04/651de204f24ca.hires.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f9:ea00:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5bc8a0c259198b5125ded189cd837c16a18c588e46d8032001e6b80a8227156a Request headers accept-language en-US,en;q=0.9 Referer https://www.spokesman.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-amz-version-id MKJpiFGvAnOIQoEduOMmyKRfwmBKfRAc date Sun, 08 Oct 2023 16:11:25 GMT via 1.1 c68b898f33c21dc320564e472e8aaad2.cloudfront.net (CloudFront) x-amz-cf-pop MCI50-P2 age 2413 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 1263043 last-modified Wed, 04 Oct 2023 22:25:14 GMT server AmazonS3 etag "78f1d9ae981fa34bab9df2beb032f3b6" vary Accept-Encoding content-type image/jpeg accept-ranges bytes x-amz-cf-id Azii9yMDTxgWGAB4gndKPrvXzg_1dO5jM4agH2DnS9IrqAMRparhcg==
GET H2	200	651ca7b174b6f.hires.jpg media.spokesman.com/photos/2023/10/03/	5 MB 5 MB	728ms 532ms	Image image/jpeg	2600:9000:24f9:ea00:18:730a:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.spokesman.com/photos/2023/10/03/651ca7b174b6f.hires.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f9:ea00:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4af9948c3c4807d13090c1e058550b754b78244ae85678ea446f798c839c5810 Request headers accept-language en-US,en;q=0.9 Referer https://www.spokesman.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-amz-version-id U7LItp8NIRLCP9OSSAc9tgf3yceKHHCy date Sun, 08 Oct 2023 16:51:38 GMT via 1.1 c68b898f33c21dc320564e472e8aaad2.cloudfront.net (CloudFront) last-modified Wed, 04 Oct 2023 03:33:22 GMT server AmazonS3 x-amz-cf-pop MCI50-P2 x-amz-server-side-encryption AES256 etag "92cd10094f35f4d1e5067e300b961d4b" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type image/jpeg x-amz-replication-status COMPLETED accept-ranges bytes content-length 4981264 x-amz-cf-id Fd3xQ7XLailNu2WznFTv4Cgn3LDPG5erh--2SgeY75qCTxBA13mItA==
GET H2	200	6519ed28a1132.hires.jpg media.spokesman.com/photos/2023/10/01/	829 KB 830 KB	729ms 533ms	Image image/jpeg	2600:9000:24f9:ea00:18:730a:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.spokesman.com/photos/2023/10/01/6519ed28a1132.hires.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f9:ea00:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9e993193aa8422041c7125faea23efff3248725331d9e32c9770252170f4315f Request headers accept-language en-US,en;q=0.9 Referer https://www.spokesman.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-amz-version-id yRZDg54YbS8IhCwllv3cCSu3KA6QAi3e date Sun, 08 Oct 2023 16:51:38 GMT via 1.1 c68b898f33c21dc320564e472e8aaad2.cloudfront.net (CloudFront) last-modified Sun, 01 Oct 2023 22:09:19 GMT server AmazonS3 x-amz-cf-pop MCI50-P2 x-amz-server-side-encryption AES256 etag "f04a7590a5953e1289b10d576840f158" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type image/jpeg x-amz-replication-status COMPLETED accept-ranges bytes content-length 848975 x-amz-cf-id hRP1K_WJFRxdr4GIklbgYrMqT0jApYgoT3C--vNF5UctJMAitZc0-A==
GET H2	200	6517aaabee29d.hires.jpg media.spokesman.com/photos/2023/09/29/	1 MB 1 MB	727ms 531ms	Image image/jpeg	2600:9000:24f9:ea00:18:730a:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.spokesman.com/photos/2023/09/29/6517aaabee29d.hires.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f9:ea00:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 594dbaa0dda6971e439ad0cc46b60ccf0a26f382829d6445277d578a846f89d7 Request headers accept-language en-US,en;q=0.9 Referer https://www.spokesman.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-amz-version-id 4rmwktp0NsFJ_nRiQvlIpbnplC6GpDBE date Sun, 08 Oct 2023 16:51:38 GMT via 1.1 c68b898f33c21dc320564e472e8aaad2.cloudfront.net (CloudFront) last-modified Sat, 30 Sep 2023 04:59:48 GMT server AmazonS3 x-amz-cf-pop MCI50-P2 x-amz-server-side-encryption AES256 etag "f0f23df6bbb554561246d8fda4160abf" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type image/jpeg x-amz-replication-status COMPLETED accept-ranges bytes content-length 1212763 x-amz-cf-id -1FnR4bCzE4sBWx9x9MolUNH0m1FRLEq7uz3jDKffWbJezhFfKNbRw==
GET H2	200	651495d9086f2.hires.jpg media.spokesman.com/photos/2023/09/27/	760 KB 762 KB	727ms 532ms	Image image/jpeg	2600:9000:24f9:ea00:18:730a:3f00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://media.spokesman.com/photos/2023/09/27/651495d9086f2.hires.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f9:ea00:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 64d7a64f145ab9ccccf294cae40e5d3a3ce344d84af70ddbbaee631e2c1b7ffe Request headers accept-language en-US,en;q=0.9 Referer https://www.spokesman.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-amz-version-id lphzHS8gt4L3eZGSDvA7jyTfW_6eZ4m2 date Sun, 08 Oct 2023 16:51:38 GMT via 1.1 c68b898f33c21dc320564e472e8aaad2.cloudfront.net (CloudFront) last-modified Wed, 27 Sep 2023 21:51:51 GMT server AmazonS3 x-amz-cf-pop MCI50-P2 x-amz-server-side-encryption AES256 etag "a4b8d4e3aadb05575eaed8a5ac5a7b1d" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type image/jpeg x-amz-replication-status COMPLETED accept-ranges bytes content-length 778516 x-amz-cf-id iV5Vr6NVrFDrUinoRJv_0pKrnpvOLVF5PAnyQYNPvDnr142VffGe-Q==
GET DATA	200 OK	truncated /	172 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c5f447a758b6d804a0ce3fedcad0d237cf8cc8310a003ee473fdff0b9b8da056 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	651cb51f2ccd2.hires.jpg thumb.spokesman.com/kUddkMwfbFQJjoRTyCuyYIZJltg=/1170x658/smart/media.spokesman.com/photos/2023/10/06/	318 KB 319 KB	156ms 155ms	Image image/webp	2600:9000:24f8:a200:2:4597:5e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://thumb.spokesman.com/kUddkMwfbFQJjoRTyCuyYIZJltg=/1170x658/smart/media.spokesman.com/photos/2023/10/06/651cb51f2ccd2.hires.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f8:a200:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Thumbor/6.7.5 / Resource Hash 1575c63e7a93c8767404591027fe0b8012c7fa29a813bafb97b52a140ef606ff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 12:09:03 GMT via 1.1 8812178a174bf0625299e1bd0e9ac280.cloudfront.net (CloudFront) server Thumbor/6.7.5 x-amz-cf-pop MCI50-P1 age 16953 etag "2eb8c093768aee062e6a46ae6a4b4238937ed7ee" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31104000,public content-length 325390 x-amz-cf-id mYg7LNPoh-0vxOUcfCq7GuRg6oE9uswbuSngcb-OC43VqnqAtBAvnA== expires Wed, 02 Oct 2024 12:09:03 GMT
GET H2	200	651c98eede8a4.hires.jpg thumb.spokesman.com/W9C_FVzG-DXSyWgsTGUZJFN81Rk=/530x298/smart/media.spokesman.com/photos/2023/10/05/	52 KB 52 KB	266ms 265ms	Image image/webp	2600:9000:24f8:a200:2:4597:5e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://thumb.spokesman.com/W9C_FVzG-DXSyWgsTGUZJFN81Rk=/530x298/smart/media.spokesman.com/photos/2023/10/05/651c98eede8a4.hires.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f8:a200:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Thumbor/6.7.5 / Resource Hash 6f9d3980195d38ee3b0742953415ba210ac258a27ccc6a7ea5e550e0928fd653 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 07:06:26 GMT via 1.1 8812178a174bf0625299e1bd0e9ac280.cloudfront.net (CloudFront) server Thumbor/6.7.5 x-amz-cf-pop MCI50-P1 age 35111 etag "4ef17131da35337b3d1b213363d2cdc2bee38c63" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31104000,public content-length 52920 x-amz-cf-id Aoea4PIFWu2LtdDHUYdim_cimonGq68IMOB8ndO1fmtlw3XHhkH_Sg== expires Wed, 02 Oct 2024 07:06:26 GMT
GET H2	200	6521ffd73635f.hires.jpg thumb.spokesman.com/yyqoVKmVCJUS7W47F5a04e6DZ_g=/530x298/smart/media.spokesman.com/photos/2023/10/07/	37 KB 38 KB	88ms 88ms	Image image/webp	2600:9000:24f8:a200:2:4597:5e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://thumb.spokesman.com/yyqoVKmVCJUS7W47F5a04e6DZ_g=/530x298/smart/media.spokesman.com/photos/2023/10/07/6521ffd73635f.hires.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f8:a200:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Thumbor/6.7.5 / Resource Hash 8a17b9ec3e5b999a347d07779f6c791c4d10f24c599c4b74cc7218a50b707730 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 02:33:39 GMT via 1.1 8812178a174bf0625299e1bd0e9ac280.cloudfront.net (CloudFront) server Thumbor/6.7.5 x-amz-cf-pop MCI50-P1 age 51478 etag "a2772643680cf67bb3351887fce4b77d39839e2d" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31104000,public content-length 38244 x-amz-cf-id xz1oCv-H_edkUg5rV7ZAFbHOGHJ0zH5mHLKt08dC66-HU-2HPLPwHg== expires Wed, 02 Oct 2024 02:33:39 GMT
GET H2	200	6521f3efa0e03.hires.jpg thumb.spokesman.com/g4sbKklDDfTWEYr2QeXBoYmArp4=/530x298/smart/media.spokesman.com/photos/2023/10/07/	24 KB 24 KB	253ms 253ms	Image image/webp	2600:9000:24f8:a200:2:4597:5e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://thumb.spokesman.com/g4sbKklDDfTWEYr2QeXBoYmArp4=/530x298/smart/media.spokesman.com/photos/2023/10/07/6521f3efa0e03.hires.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f8:a200:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Thumbor/6.7.5 / Resource Hash 5a0810ddecdd5d452028124268e77532c371e1927bf33e023b312b55e276cd94 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 01:22:33 GMT via 1.1 8812178a174bf0625299e1bd0e9ac280.cloudfront.net (CloudFront) server Thumbor/6.7.5 x-amz-cf-pop MCI50-P1 age 55744 etag "8a5a098eb1d925acd9f6b619bd85284c5689d88d" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31104000,public content-length 24208 x-amz-cf-id eHxmUw7d5ZWSDxCkCKaidpo5-D1V20Xq0L-3erLvpI2bwPi6RyiPyA== expires Wed, 02 Oct 2024 01:22:33 GMT
GET H2	200	db_sync px.ads.linkedin.com/ Redirect Chain https://idsync.rlcdn.com/712559.gif?partner_uid=7c7b1090-e792-4f9c-929d-ebc04a385acd https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDdjN2IxMDkwLWU3OTItNGY5Yy05MjlkLWViYzA0YTM4NWFjZBAAGg0ImryLqQYSBQjoBxAAQgBKAA https://pippio.com/api/sync?pid=5324&it=1&iv=48dbb135e8ecaf2c0872ec7fca54a0711630698286d4b652c78bd6c43f117ea5791426b5417dce21&_=2 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=48dbb135e8ecaf2c0872ec7fca54a0711630698286d4b652c78bd6c43f117ea5791426b5417dce21&rand=05637311 https://px.ads.linkedin.com/db_sync?pid=10339&puuid=48dbb135e8ecaf2c0872ec7fca54a0711630698286d4b652c78bd6c43f117ea5791426b5417dce21&rand=05637311&expected_cookie=130aace1-3ffb-4f80-a7b9-dc71bb806e56	0 142 B	78ms 77ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/db_sync?pid=10339&puuid=48dbb135e8ecaf2c0872ec7fca54a0711630698286d4b652c78bd6c43f117ea5791426b5417dce21&rand=05637311&expected_cookie=130aace1-3ffb-4f80-a7b9-dc71bb806e56 Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:38 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 1A4E2A89A8284B2DBB285747B9107C57 Ref B: MIAEDGE1719 Ref C: 2023-10-08T16:51:38Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYHN0mMRDWyWDUQXtDY1g== Redirect headers date Sun, 08 Oct 2023 16:51:38 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 1DC2420A175F4B6C87EE055C3D8C885F Ref B: MIAEDGE1719 Ref C: 2023-10-08T16:51:38Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location /db_sync?pid=10339&puuid=48dbb135e8ecaf2c0872ec7fca54a0711630698286d4b652c78bd6c43f117ea5791426b5417dce21&rand=05637311&expected_cookie=130aace1-3ffb-4f80-a7b9-dc71bb806e56 x-li-proto http/2 content-length 0 x-li-uuid AAYHN0mKvOq4GYh5XdkDRw==
GET H2	200	652055f8063a8.hires.jpg thumb.spokesman.com/qgyTRrLUKnOaT6rQDOBkVO2ijps=/530x298/smart/media.spokesman.com/photos/2023/10/06/	38 KB 38 KB	86ms 85ms	Image image/webp	2600:9000:24f8:a200:2:4597:5e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://thumb.spokesman.com/qgyTRrLUKnOaT6rQDOBkVO2ijps=/530x298/smart/media.spokesman.com/photos/2023/10/06/652055f8063a8.hires.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f8:a200:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Thumbor/6.7.5 / Resource Hash 12388b97061cddd1a580091518249a15638f6d53522b6bdc9a3cd2710269c441 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 21:12:32 GMT via 1.1 8812178a174bf0625299e1bd0e9ac280.cloudfront.net (CloudFront) server Thumbor/6.7.5 x-amz-cf-pop MCI50-P1 age 157146 etag "d03dae680d536c1cd0093f65ff46d3e6029e80d6" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31104000,public content-length 38600 x-amz-cf-id uNEC4c7OYVKQ3HFpSsCji1tAwIHvKOkIl4daKpAyRRX2Pbm-ILcA2w== expires Mon, 30 Sep 2024 21:12:32 GMT
GET H2	200	grip-on-sports2.jpg thumb.spokesman.com/X9YpXuP9mS6P4yFTxMbZNDU_UZs=/530x298/smart/media.spokesman.com/photos/2022/08/09/	26 KB 27 KB	93ms 91ms	Image image/webp	2600:9000:24f8:a200:2:4597:5e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://thumb.spokesman.com/X9YpXuP9mS6P4yFTxMbZNDU_UZs=/530x298/smart/media.spokesman.com/photos/2022/08/09/grip-on-sports2.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f8:a200:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Thumbor/6.7.5 / Resource Hash 44940b1b803aad40ba3ac5b13c9d27069dfb737f379e9d1845ef45fe5b39b734 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 13 May 2023 15:03:24 GMT via 1.1 8812178a174bf0625299e1bd0e9ac280.cloudfront.net (CloudFront) server Thumbor/6.7.5 x-amz-cf-pop MCI50-P1 age 12793694 etag "4d2bef5361b702baafe093a0e087acd12c1c9ca6" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31104000,public content-length 27088 x-amz-cf-id mJ3ifpNUiEJ6KvuonPLnG6j-m-iormT5KxJk0m9VGA7cFZqV7fUcUw== expires Tue, 07 May 2024 15:03:24 GMT
GET H2	200	652052028d5e6.image.jpg thumb.spokesman.com/1f_Y4rC9s7XUtacK7jxu-HTRaLw=/530x298/smart/media.spokesman.com/photos/2023/10/06/	32 KB 32 KB	99ms 98ms	Image image/webp	2600:9000:24f8:a200:2:4597:5e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://thumb.spokesman.com/1f_Y4rC9s7XUtacK7jxu-HTRaLw=/530x298/smart/media.spokesman.com/photos/2023/10/06/652052028d5e6.image.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f8:a200:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Thumbor/6.7.5 / Resource Hash 581087b3f94fa274ca60118f85b1ba52557ce64a373094df1b1e89cedce6785e Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 19:25:35 GMT via 1.1 8812178a174bf0625299e1bd0e9ac280.cloudfront.net (CloudFront) server Thumbor/6.7.5 x-amz-cf-pop MCI50-P1 age 163563 etag "766c4660094bc9183fdf8314c08f52850169dee5" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31104000,public content-length 32384 x-amz-cf-id 5TYkYN_IbxqfmJdC0et9vBdLddHXfcSbfE--eBA9qiNfPgtWkeqsuA== expires Mon, 30 Sep 2024 19:25:35 GMT
GET H2	200	GettyImages-147521591.jpg thumb.spokesman.com/uw5ybYlfZ1rW2-5kDQiP91YXb4A=/530x298/smart/media.spokesman.com/photos/2023/09/27/	31 KB 32 KB	98ms 97ms	Image image/webp	2600:9000:24f8:a200:2:4597:5e80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://thumb.spokesman.com/uw5ybYlfZ1rW2-5kDQiP91YXb4A=/530x298/smart/media.spokesman.com/photos/2023/09/27/GettyImages-147521591.jpg Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f8:a200:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Thumbor/6.7.5 / Resource Hash dff9f042410e342fd7b1845cacdd5ff3ae7426a344367e7b008f5e17ec1880df Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 02 Oct 2023 09:33:20 GMT via 1.1 8812178a174bf0625299e1bd0e9ac280.cloudfront.net (CloudFront) server Thumbor/6.7.5 x-amz-cf-pop MCI50-P1 age 544698 etag "618fec3a8f5574767bf4ef3db1ca705174621315" vary Accept x-cache Hit from cloudfront content-type image/webp cache-control max-age=31104000,public content-length 31992 x-amz-cf-id mx8pUTRWeyWD1Xr9j2ruly5gknISVaL2bHViCyb2U3tgGHC6T1cOvA== expires Thu, 26 Sep 2024 09:33:20 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/	419 KB 132 KB	65ms 64ms	Script text/javascript	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ebcd7bdb5554e57888241a02b80e12230b08db50cffa39d16002b3726a55806 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 10:36:52 GMT content-encoding br x-content-type-options nosniff age 22486 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 134827 x-xss-protection 0 server cafe etag 8968824880815585736 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 07 Oct 2024 10:36:52 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	83 B 89 B	218ms 86ms	XHR application/json	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.spokesman.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ae20134319d17b057d0de91577a3307f9f4c6c4fd483cd49b7f82b7119c6afc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:38 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64 x-xss-protection 0 expires Sun, 08 Oct 2023 16:51:38 GMT
GET H2	200	noncritical.min.a2481119db6c.js Show response static.spokesman.com/sv3/js/	1 MB 378 KB	87ms 86ms	Script application/javascript	2600:9000:2514:e00:1e:dc88:cb00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.spokesman.com/sv3/js/noncritical.min.a2481119db6c.js Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:e00:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 61db1bffcddf6c0199c957e6ceebf4db9dc97810f8fe2b88bb0e5bd455d659c8 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 11 Sep 2023 22:50:51 GMT content-encoding gzip via 1.1 368bc8b1f5073a6f7cdb40029e9a5a88.cloudfront.net (CloudFront) last-modified Mon, 11 Sep 2023 22:50:45 GMT server AmazonS3 x-amz-cf-pop JFK50-P8 age 2311248 etag W/"a2481119db6c08c001101791df36a378" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=31536000,public x-amz-cf-id s8T4LYAqvAogXQC_kon0YYUuYF2Qae01Bofu-eW4-M7Rf6OG7ZCVHw==
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	272ms 80ms	Script text/javascript	2607:f8b0:4020:807::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 08 Oct 2023 16:12:37 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2341 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 08 Oct 2023 18:12:37 GMT
GET H2	200	ml.br.js Show response js.matheranalytics.com/static/ltm/ma20153/575681700/20/ Redirect Chain https://js.matheranalytics.com/s/ma20153/575681700/ml.js?cb3=1637 https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js	148 KB 43 KB	45ms 43ms	Script application/x-javascript	107.178.250.234 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Server 107.178.250.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 234.250.178.107.bc.googleusercontent.com Software nginx / Resource Hash a77ccf47a61b8eb1d83a4101826726c3b2b0e5b34eb9f2601785b4d1e513932c Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 05:58:54 GMT content-encoding br via 1.1 google last-modified Fri, 05 Aug 2022 08:39:28 GMT server nginx age 39164 etag "0033e6720ea8d009cad21d1cffea7a41" vary Accept-Encoding x-cache HIT Sun, 18 Dec 2022 06:06:39 GMT content-type application/x-javascript cache-control public,max-age=3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43903 Redirect headers date Sun, 08 Oct 2023 16:51:38 GMT via 1.1 google server nginx vary Accept-Encoding location https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js cache-control public, max-age=269200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-served-by 5-gc-useast1-22ng1026
GET H2	200	js Show response www.googletagmanager.com/gtag/	273 KB 91 KB	126ms 124ms	Script application/javascript	2607:f8b0:4020:804::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 32c476c886042f3fe671767fcc7f886427d096ce840d67ef55229a80d6e53863 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:38 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93193 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 08 Oct 2023 16:51:38 GMT
GET H/1.1	200 OK	adb.4364783.cr.js Show response prod.adspsp.com/	115 KB 42 KB	82ms 81ms	Script application/javascript	18.160.46.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod.adspsp.com/adb.4364783.cr.js?c=Cxf48db65:ln99l37s:16:md Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.160.46.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-70.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash ca2d188cadbbac9a2618a679fac58a95e91bb2c7e44e3d8ffefa1c093b2a111d Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Mon, 02 Oct 2023 19:09:41 GMT Content-Encoding gzip Via 1.1 edc440dfdd4dccb638ead805c7f4dbfe.cloudfront.net (CloudFront) X-Amz-Cf-Pop IAD55-P2 Age 510118 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Mon, 02 Oct 2023 19:09:24 GMT Server AmazonS3 ETag W/"9921ca69b1ab139fdff775872a062d8b" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 X-Amz-Cf-Id Ae35Uzc1SmvF4FhrvFUAkGjXPd2Ds15sNOC9h7Y4-aTgHA8CUAqRpg==
GET H/1.1	200 OK	adb.4364783.pb.js Show response prod.adspsp.com/	226 KB 74 KB	160ms 66ms	Script application/javascript	18.160.46.70 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.160.46.70 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-160-46-70.iad55.r.cloudfront.net Software AmazonS3 / Resource Hash 168499341997802ac85813542ab0effdcfb5351948d96cbb9dd982aee5f2412e Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Mon, 02 Oct 2023 19:09:41 GMT Content-Encoding gzip Via 1.1 edc440dfdd4dccb638ead805c7f4dbfe.cloudfront.net (CloudFront) X-Amz-Cf-Pop IAD55-P2 Age 510118 x-amz-server-side-encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Mon, 02 Oct 2023 19:09:30 GMT Server AmazonS3 ETag W/"ad5d34eb733d61f74f38497485bde824" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=2592000 X-Amz-Cf-Id 6TA7C-uxi2nQBmsP8fAEVwuGs8oRVZPWakVvL7Mig-E0zeZZ4CulMA==
POST H2	204	beacons p.flipp.com/	0 0	304ms 105ms	Fetch	108.157.150.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://p.flipp.com/beacons Requested by Host: cdn-gateflipp.flippback.com URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1194406 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.150.54 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-150-54.mci50.r.cloudfront.net Software / Resource Hash Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Sun, 08 Oct 2023 16:51:38 GMT via 1.1 7091de94c49fb9a7aff78e2eb5b5f0ea.cloudfront.net (CloudFront) x-amz-cf-pop MCI50-P2 vary Origin x-cache Miss from cloudfront access-control-allow-origin https://www.spokesman.com access-control-allow-credentials true x-amz-cf-id kU5Z_cwBpEUviWs9a-LyCSqS3kPs6WvHFDugEMzcT9QIx9oo7TPFtw==
GET H2	200	loader.min.js Show response loader-cdn.azureedge.net/prod/spokesman/	40 KB 12 KB	161ms 37ms	Script application/javascript	2606:2800:11f:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js Requested by Host: static.spokesman.com URL: https://static.spokesman.com/sv3/js/noncritical.min.a2481119db6c.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mic/9BF0) / Resource Hash f86632279d90c9d73259e4a4acf59b20bf3afe6d7b5f0278766e1ce7d6645eb4 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 08 Oct 2023 16:51:38 GMT content-encoding gzip content-md5 wroWZyaFsIVsr/c0P2WxbA== age 4973 x-cache HIT content-length 11518 x-ms-lease-status unlocked last-modified Thu, 02 Mar 2023 05:12:02 GMT server ECAcc (mic/9BF0) etag 0x8DB1ADCA8C3E608 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 0920f3be-701e-0076-31fc-f97df6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control max-age=43200 x-ms-version 2009-09-19
POST H2	204	collect analytics.google.com/g/	0 256 B	282ms 98ms	Ping text/plain	2607:f8b0:4020:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-G3BY0LGVDL&gtm=45je3a40&_p=109479718&_gaz=1&cid=840703940.1696783898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sid=1696783898&sct=1&seg=0&dl=https%3A%2F%2Fwww.spokesman.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=homepage Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:38 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.spokesman.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 247 B	191ms 68ms	Ping text/plain	2607:f8b0:4004:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G3BY0LGVDL&cid=840703940.1696783898&gtm=45je3a40&aip=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:38 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.spokesman.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	i www.i.matheranalytics.com/	43 B 245 B	352ms 60ms	Image image/gif	54.159.255.204 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.i.matheranalytics.com/i?e=pv&page=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&hier=Homepage&ptype=homepage&pubname=The%20Spokesman-Review&sec=Homepage&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=7097766a-2f69-4c59-bef8-c91f9caadfb5&pid=70ca35b6-4ff8-469d-9815-585faad55658&dtm=1696783898448&qnm=_matherq&visible=1&tabid=683b7796-c7f9-4e09-8429-de70b609c253&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x10198&tofa=1696783898&vid=1&lvidt=1696783898&duid=ab2d9a3b-e035-4550-a1ed-ef155650b7f7&fp=3142853228&cid=ma20153&mrk=575681700&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY5Njc4Mzg5NDkyOCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMG1iIiwiZnN0UGFpbnQiOiIyODAyIiwiZmV0Y2hTIjoiMTQxMCIsImRvbWFpblMiOiIxNDExIiwiZG9tYWluRSI6IjE0NTciLCJjb25uUyI6IjE0NTciLCJjb25uRSI6IjE2ODkiLCJzc2xTIjoiMTUzMSIsInJlcXVTIjoiMTY4OSIsInJlc3BTIjoiMTg2NCIsInJlc3BFIjoiMTk0MSIsImRvbUxvYWQiOiIxOTUxIiwiZG9tSW50ZXIiOiIyNzc4IiwiZG9tTG9hZFMiOiIzMTI4IiwiZG9tTG9hZEUiOiIzMTI5In0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiODQwNzAzOTQwIiwicmVmVGltZSI6IjE2OTY3ODM4OTg0NDgifV19 Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.159.255.204 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-159-255-204.compute-1.amazonaws.com Software / Resource Hash d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" Date Sun, 08 Oct 2023 16:51:38 GMT Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	homepage.34bd6ced845e.json Show response static.spokesman.com/ads/spokesman/	4 KB 892 B	221ms 84ms	XHR application/json	2600:9000:2514:e00:1e:dc88:cb00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.spokesman.com/ads/spokesman/homepage.34bd6ced845e.json Requested by Host: static.spokesman.com URL: https://static.spokesman.com/ads/spokesman/base_ads.3d7203f56dfe.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2514:e00:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b975eac6985743fac96aafb6be109c9b51547302ebd1475970df1e54818ffb8d Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 06 Sep 2023 16:37:30 GMT content-encoding gzip via 1.1 39947baba82573c8d139cba81c505476.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P8 age 2765649 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Wed, 06 Sep 2023 16:17:25 GMT server AmazonS3 etag W/"34bd6ced845e676e134e4cce0673a496" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin https://www.spokesman.com cache-control max-age=31536000,public access-control-allow-credentials true vary Accept-Encoding,Origin x-amz-cf-id fy0RlshKL1H5rRO5atLp9DPK91JH_BdTAnGROQ1qfXTYea7aSrV_WA==
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 210 B	109ms 101ms	XHR text/plain	2607:f8b0:4020:807::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=109479718&t=pageview&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACACI~&jid=2134824169&gjid=2110899378&cid=840703940.1696783898&tid=UA-230256-14&_gid=1429811480.1696783898&_slc=1&gtm=45He3a40n715P9SH6&cd7=Homepage&cd9=homepage&z=280293201 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:38 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.spokesman.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	2 B 149 B	95ms 69ms	XHR text/plain	2607:f8b0:4004:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-230256-14&cid=840703940.1696783898&jid=2134824169&gjid=2110899378&_gid=1429811480.1696783898&_u=YCDAiEABBAAAAGACIAC~&z=1843402461 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 08 Oct 2023 16:51:38 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.spokesman.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	280ms 106ms	Image image/gif	2607:f8b0:4020:805::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-230256-14&cid=840703940.1696783898&jid=2134824169&_u=YCDAiEABBAAAAGACIAC~&z=170341172 Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:38 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	polyfill.min.js Show response polyfill.io/v3/	101 B 535 B	247ms 36ms	Script text/javascript	2a04:4e42:200::282 FASTLY
General Check archive.org Show headers Download Go to Full URL https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL Requested by Host: loader-cdn.azureedge.net URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://www.spokesman.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 08 Oct 2023 16:51:39 GMT age 120 detected-user-agent Chrome Mobile/117.0.0 server-timing HIT-CLUSTER, fastly;desc="Edge time";dur=2 alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 113 referrer-policy origin-when-cross-origin vary User-Agent, Accept-Encoding access-control-allow-methods GET,HEAD,OPTIONS normalized-user-agent chrome/117.0.0 content-type text/javascript; charset=UTF-8 access-control-allow-origin * accept-ranges bytes timing-allow-origin *
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	19 B 583 B	226ms 75ms	XHR application/json	68.67.160.114 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:39 GMT an-x-request-uuid 7e8f2308-524f-433e-8279-52c3c3868dfe server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://www.spokesman.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 38.132.118.68; 38.132.118.68; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 19 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	prebid Show response prebid.media.net/rtb/	1 KB 2 KB	234ms 147ms	XHR application/json	34.120.63.153 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CU57RW71 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 153.63.120.34.bc.googleusercontent.com Software envoy / Resource Hash 2bd8272a8cbaf018f23031f7ea076abfcfbb3ec75b8f17b5eac34378a01750c1 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:38 GMT via 1.1 google accept-ch Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model server envoy vary Accept-Encoding content-type application/json;charset=utf-8 access-control-allow-origin https://www.spokesman.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 94 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 08 Oct 2023 16:51:38 GMT
POST H2	200	25 Show response web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/	527 B 827 B	263ms 69ms	XHR application/json	2606:ae80:1471:18::1460 VALUECLICK
General Check archive.org Show headers Download Go to Full URL https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:ae80:1471:18::1460 , United States, ASN25751 (VALUECLICK, US), Reverse DNS Software nginx / Resource Hash f8dcfd17355e8e265b5a0a54c40867fdbe1c5a26849bc3f612aa1ddc28750505 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:39 GMT server nginx content-type application/json access-control-allow-origin https://www.spokesman.com cache-control no-cache access-control-allow-credentials true content-length 527 expires 0
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 339 B	532ms 61ms	XHR application/json	23.105.12.145 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:39 GMT vary Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://www.spokesman.com p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache,no-store access-control-allow-credentials true content-length 0
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 339 B	534ms 63ms	XHR application/json	23.105.12.145 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:39 GMT vary Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://www.spokesman.com p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache,no-store access-control-allow-credentials true content-length 0
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 339 B	532ms 62ms	XHR application/json	23.105.12.145 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:38 GMT vary Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://www.spokesman.com p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache,no-store access-control-allow-credentials true content-length 0
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 339 B	542ms 72ms	XHR application/json	23.105.12.145 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:39 GMT vary Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://www.spokesman.com p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache,no-store access-control-allow-credentials true content-length 0
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 339 B	532ms 62ms	XHR application/json	23.105.12.145 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:38 GMT vary Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://www.spokesman.com p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache,no-store access-control-allow-credentials true content-length 0
POST H2	200	v1 Show response hb-api.omnitagjs.com/hb-api/prebid/	890 B 1 KB	312ms 158ms	XHR application/json	195.244.31.10 IGUANA-WORLDWIDE
General Check archive.org Show headers Download Go to Full URL https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.spokesman.com%2F&PageUrl=https%3A%2F%2Fwww.spokesman.com%2F&PageReferrer=https%3A%2F%2Fwww.spokesman.com%2F Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US), Reverse DNS Software ayl-lb-usa02 / Resource Hash afdf9b60df0bd57d7c744653ea8ed614e8e1e00dcd7835baf85e6ba06e396e56 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers date Sun, 08 Oct 2023 16:51:38 GMT x-content-type-options nosniff p3p CP="CAO PSA OUR" x-envoy-upstream-service-time 99 content-length 890 pragma no-cache server ayl-lb-usa02 access-control-max-age 3600 access-control-allow-methods OPTIONS, POST content-type application/json; charset=utf-8 access-control-allow-origin https://www.spokesman.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Accept-Encoding, Content-Type expires 0
POST H2	204	cdb Show response bidder.criteo.com/	0 196 B	369ms 66ms	XHR text/plain	2620:100:a001::18 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=50916727686&lsavail=1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.spokesman.com date Sun, 08 Oct 2023 16:51:38 GMT strict-transport-security max-age=31536000; preload; access-control-allow-credentials true cross-origin-resource-policy cross-origin server Kestrel vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 127 B	236ms 63ms	XHR text/plain	3.232.158.174 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-158-174.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.spokesman.com date Sun, 08 Oct 2023 16:51:38 GMT cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 15 B	237ms 64ms	XHR text/plain	3.232.158.174 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-158-174.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.spokesman.com date Sun, 08 Oct 2023 16:51:38 GMT cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 15 B	237ms 64ms	XHR text/plain	3.232.158.174 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-158-174.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.spokesman.com date Sun, 08 Oct 2023 16:51:38 GMT cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 15 B	291ms 119ms	XHR text/plain	3.232.158.174 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-158-174.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.spokesman.com date Sun, 08 Oct 2023 16:51:38 GMT cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 15 B	292ms 120ms	XHR text/plain	3.232.158.174 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-158-174.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.spokesman.com date Sun, 08 Oct 2023 16:51:38 GMT cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin
GET H2	200	loader-config.json Show response cdn.wgchrrammzv.com/prod/spokesman/	4 KB 2 KB	146ms 35ms	Fetch application/json	2606:2800:11f:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.wgchrrammzv.com/prod/spokesman/loader-config.json Requested by Host: loader-cdn.azureedge.net URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mic/9AFE) / Resource Hash d26051679b0f4f1fb2187e0169dbb001bef17a61a66cfb39e3301da23a4522b7 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 08 Oct 2023 16:51:39 GMT content-encoding gzip content-md5 GpKasTo3xKs5tbLlwysXhA== age 1476 x-cache HIT content-length 1307 x-ms-lease-status unlocked last-modified Thu, 02 Mar 2023 05:24:13 GMT server ECAcc (mic/9AFE) etag 0x8DB1ADE5C5D392C vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 8d585e37-e01e-0064-2204-fa0626000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control max-age=43200 x-ms-version 2009-09-19
GET		atrk.js d31qbv1cthcecs.cloudfront.net/	0 0
GET H2	200	aam.js Show response aamcftag.aamsitecertifier.com/	79 KB 27 KB	264ms 84ms	Script application/javascript	2600:9000:24f8:d800:14:c3e7:6780:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aamcftag.aamsitecertifier.com/aam.js Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f8:d800:14:c3e7:6780:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9ef65f1d4b3ddf07c3960a578d532f8aecd6b9d551631b2611596fb652480a9b Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 14:08:15 GMT content-encoding gzip via 1.1 a204176092d05bded77f4d517d5968aa.cloudfront.net (CloudFront) last-modified Thu, 17 Nov 2022 12:12:37 GMT server AmazonS3 x-amz-cf-pop MCI50-P1 age 9805 etag "866e5e2d2bbc029b03dd3a94440e09f2" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 27410 x-amz-cf-id tLVIHVztYQ1VrPJcK9fBhxVRhk39LhvdJmqN_1WHHPW1HGflOG5SiQ== x-amz-meta-s3b-last-modified 20221117T120833Z
GET H2	200	load_tags.js Show response pymx5.com/scripts/	9 KB 9 KB	153ms 36ms	Script application/javascript	35.227.203.93 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pymx5.com/scripts/load_tags.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 93.203.227.35.bc.googleusercontent.com Software UploadServer / Resource Hash 492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:13:39 GMT age 2280 x-guploader-uploadid ADPycdtUu1cK-RddCQz4a6hkC2bAdT-wl1dMzxEUKoo5s2wm8FvW0zjINHhVc9gUmW97vg97stWxOPkjdMe9oyNQHpQZrg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8946 last-modified Fri, 15 Jul 2022 06:19:11 GMT server UploadServer etag "f6b06694767e707999eecbe9538b403a" x-goog-generation 1657865951655064 x-goog-hash crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg== access-control-allow-origin * access-control-expose-headers Content-Type cache-control public,max-age=3600 x-goog-stored-content-length 8946 accept-ranges bytes content-type application/javascript
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	198 KB 53 KB	225ms 68ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 08 Oct 2023 16:51:39 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 53356 x-xss-protection 0 pragma public x-fb-debug tbnEPbH5PjHDzzCc0FlMhNy3z5TY/9fJMOhR6Nk31174REYcVYWzyNso+QZVM+pygH5yopH+o932wYNB/wJobA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	79ms 79ms	Image image/gif	2607:f8b0:4020:807::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=109479718&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=10%25&_u=aCDAiEABBAAAAGACIAC~&jid=&gjid=&cid=840703940.1696783898&tid=UA-230256-14&_gid=1429811480.1696783898&gtm=45He3a40n715P9SH6&cd7=Homepage&cd9=homepage&z=1401831375 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sat, 07 Oct 2023 20:25:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 73586 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	ai.0.js Show response az416426.vo.msecnd.net/scripts/a/	94 KB 22 KB	154ms 39ms	Script application/x-javascript	2606:2800:11f:17a5:191a:18d5:537:22f9 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://az416426.vo.msecnd.net/scripts/a/ai.0.js Requested by Host: loader-cdn.azureedge.net URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mic/9B3E) / Resource Hash 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 08 Oct 2023 16:51:39 GMT content-encoding gzip x-ms-meta-lastmodified 2020-10-01 19:31:04 content-md5 HdY95yzx9wIyQkVEGES+Ew== age 141 x-cache HIT content-length 22495 x-ms-lease-status unlocked last-modified Thu, 11 Mar 2021 07:46:59 GMT server ECAcc (mic/9B3E) etag 0x8D8E461DA1A5889 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id b9b8e2c9-801e-003a-3607-fab78f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control public, max-age=1800 x-ms-version 2009-09-19 expires Sun, 08 Oct 2023 17:21:39 GMT
GET H2	200	fp.min.js Show response cdn.mircheigeshoa.com/prod/spokesman/	65 KB 23 KB	190ms 34ms	Script application/javascript	2606:2800:11f:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.mircheigeshoa.com/prod/spokesman/fp.min.js?202398 Requested by Host: loader-cdn.azureedge.net URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mic/9BC2) / Resource Hash 633a42d7b9a7d6be4093abd56ea850f09a93ae5c252f6b9b8e405b0802dae6ed Request headers Referer Origin https://www.spokesman.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 08 Oct 2023 16:51:39 GMT content-encoding gzip content-md5 4y8k5QJ0SN1qBGV87ymFcA== age 41247 x-cache HIT content-length 23424 x-ms-lease-status unlocked last-modified Wed, 30 Nov 2022 08:13:46 GMT server ECAcc (mic/9BC2) etag 0x8DAD2AACDEFBC5D vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id c424157c-701e-002b-1ea7-f97772000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control max-age=43200 x-ms-version 2009-09-19
GET H2	200	g2i.min.js Show response cdn.o1ych4jb.com/prod/spokesman/	219 KB 48 KB	193ms 37ms	Script application/x-javascript	2606:2800:11f:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.o1ych4jb.com/prod/spokesman/g2i.min.js?202398 Requested by Host: loader-cdn.azureedge.net URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mic/9AD7) / Resource Hash 6c93730733907482175a577286c9085cbd3bb91de98bfbdf7e01d5aba2f90e57 Request headers Referer Origin https://www.spokesman.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 08 Oct 2023 16:51:39 GMT content-encoding gzip content-md5 JBg6+SpvyRKXwndI4mtR7A== age 9055 x-cache HIT content-length 48979 x-ms-lease-status unlocked last-modified Wed, 30 Nov 2022 08:15:30 GMT server ECAcc (mic/9AD7) etag 0x8DAD2AB0BACA2D4 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id c6319055-f01e-0078-6df2-f95446000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control max-age=43200 x-ms-version 2009-09-19
GET H2	200	t8y9347t.min.js Show response cdn.pranmcpkx.com/prod/spokesman/	865 KB 203 KB	193ms 38ms	Script application/javascript	2606:2800:11f:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js?202398 Requested by Host: loader-cdn.azureedge.net URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mic/9AC2) / Resource Hash 71180ea527bbbc698fefdd43b4cfab76568f1a8683eb5ffca1bb19bd874e0e5f Request headers Referer Origin https://www.spokesman.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 08 Oct 2023 16:51:39 GMT content-encoding gzip content-md5 LJ0Ef1EnJXf6667+/j7UYg== age 2987 x-cache HIT content-length 207842 x-ms-lease-status unlocked last-modified Wed, 30 Nov 2022 08:10:29 GMT server ECAcc (mic/9AC2) etag 0x8DAD2AA5816E926 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id a8d071e2-201e-008f-3500-fa7ed4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control max-age=43200 x-ms-version 2009-09-19
GET H2	200	t8y9347t.min.css cdn.pranmcpkx.com/prod/spokesman/	386 KB 54 KB	160ms 41ms	Stylesheet text/css	2606:2800:11f:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.css?202398 Requested by Host: loader-cdn.azureedge.net URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mic/9B7B) / Resource Hash 6653d2cca03c490c0032cd74205c6c37a494ea31ac1c46aec8e55c7017c1b3f9 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 08 Oct 2023 16:51:39 GMT content-encoding gzip content-md5 MrVpkxJID7vFEqfm9gnQOQ== age 2987 x-cache HIT content-length 54497 x-ms-lease-status unlocked last-modified Wed, 30 Nov 2022 08:10:29 GMT server ECAcc (mic/9B7B) etag 0x8DAD2AA5812A403 vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id dc0f18dc-601e-0037-1100-fa2512000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control max-age=43200 x-ms-version 2009-09-19
GET H2	200	load_optional_tags Show response api.pymx5.com/v1/sites/	0 746 B	187ms 61ms	Script text/html	34.96.74.203 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://api.pymx5.com/v1/sites/load_optional_tags Requested by Host: pymx5.com URL: https://pymx5.com/scripts/load_tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.96.74.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 203.74.96.34.bc.googleusercontent.com Software nginx/1.13.7 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:39 GMT via 1.1 google server nginx/1.13.7 allow GET, HEAD, OPTIONS x-frame-options SAMEORIGIN content-type text/html; charset=utf-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H2	204	cdb Show response bidder.criteo.com/	0 195 B	69ms 65ms	XHR text/plain	2620:100:a001::18 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.44.0&cb=1521650854&lsavail=1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.spokesman.com date Sun, 08 Oct 2023 16:51:39 GMT strict-transport-security max-age=31536000; preload; access-control-allow-credentials true cross-origin-resource-policy cross-origin server Kestrel vary Origin
POST H2	200	25 Show response web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/	179 B 478 B	177ms 174ms	XHR application/json	2606:ae80:1471:18::1460 VALUECLICK
General Check archive.org Show headers Download Go to Full URL https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:ae80:1471:18::1460 , United States, ASN25751 (VALUECLICK, US), Reverse DNS Software nginx / Resource Hash e96874c1971860fb47671f6508463a72d2f8816e99dcfda09334aa7b489f9ba5 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:39 GMT server nginx content-type application/json access-control-allow-origin https://www.spokesman.com cache-control no-cache access-control-allow-credentials true content-length 179 expires 0
POST H2	200	v1 Show response hb-api.omnitagjs.com/hb-api/prebid/	179 B 341 B	96ms 92ms	XHR application/json	195.244.31.10 IGUANA-WORLDWIDE
General Check archive.org Show headers Download Go to Full URL https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.spokesman.com%2F&PageUrl=https%3A%2F%2Fwww.spokesman.com%2F&PageReferrer=https%3A%2F%2Fwww.spokesman.com%2F Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US), Reverse DNS Software ayl-lb-usa02 / Resource Hash aba3e3adb5c4302f2da7256e3d40e4f8128d3547e29d3f544403f33a5c7d9734 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers date Sun, 08 Oct 2023 16:51:39 GMT x-content-type-options nosniff p3p CP="CAO PSA OUR" x-envoy-upstream-service-time 34 content-length 179 pragma no-cache server ayl-lb-usa02 access-control-max-age 3600 access-control-allow-methods OPTIONS, POST content-type application/json; charset=utf-8 access-control-allow-origin https://www.spokesman.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true vary Accept-Encoding access-control-allow-headers Accept-Encoding, Content-Type expires 0
POST H/1.1	200 OK	v1 Show response prg.smartadserver.com/prebid/	0 339 B	64ms 62ms	XHR application/json	23.105.12.145 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.105.12.145 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:38 GMT vary Origin content-type application/json; charset=UTF-8 access-control-allow-origin https://www.spokesman.com p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control no-cache,no-store access-control-allow-credentials true content-length 0
POST H2	200	prebid Show response ib.adnxs.com/ut/v3/	19 B 582 B	100ms 97ms	XHR application/json	68.67.160.114 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.160.114 New York, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:39 GMT an-x-request-uuid 0a706e17-d0e9-4268-86d7-4c331b5a0e0d server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type application/json; charset=utf-8 access-control-allow-origin https://www.spokesman.com cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 38.132.118.68; 38.132.118.68; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 19 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	204	v1 Show response btlr.sharethrough.com/universal/	0 38 B	64ms 62ms	XHR text/plain	3.232.158.174 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.232.158.174 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-232-158-174.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.spokesman.com date Sun, 08 Oct 2023 16:51:39 GMT cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true vary Origin
POST H2	200	prebid Show response prebid.media.net/rtb/	1 KB 1 KB	110ms 109ms	XHR application/json	34.120.63.153 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://prebid.media.net/rtb/prebid?cid=8CU57RW71 Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 153.63.120.34.bc.googleusercontent.com Software envoy / Resource Hash 0b9c31ed3a41b5eddf68d8ff317833b3d509119ff6b4c147c4bd0b3f76ae6864 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:38 GMT via 1.1 google accept-ch Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model server envoy vary Accept-Encoding content-type application/json;charset=utf-8 access-control-allow-origin https://www.spokesman.com cache-control max-age=0, no-cache, no-store, must-revalidate access-control-allow-credentials true x-envoy-upstream-service-time 59 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 08 Oct 2023 16:51:39 GMT
GET H2	200	init-1003q1exso0bwjopt7yf.js Show response api.aamapiv2.com/api/	453 B 848 B	225ms 130ms	Script text/javascript	2606:4700:3031::ac43:dc53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.aamapiv2.com/api/init-1003q1exso0bwjopt7yf.js Requested by Host: aamcftag.aamsitecertifier.com URL: https://aamcftag.aamsitecertifier.com/aam.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:dc53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b15d4a7ec24f89972cd48247cba0bebe520ecae376abe001e9487fcf3cda6e77 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:39 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0UIA5pRB2XVJnvnlagrNLPel9vhWg2txv4cUP6BIJ3%2Bn3SEiuoDplw4dC%2F20xxMpXBJyvhBzBwKkMZ4efpm43KqZMRBFA5RewTNgrmgXQHm%2Fm%2F8gMvn4kN414pbFW%2BQLgwzv9O5bnQ3aQazamUr%2B"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control private, no-cache, no-store, must-revalidate, max-age=0 cf-ray 812fe3cc9e879acc-MIA alt-svc h3=":443"; ma=86400 expires 0
GET H/1.1	200	i aamcf.aamsitecertifier.com/	43 B 461 B	2114ms 197ms	Image image/gif	34.212.150.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aamcf.aamsitecertifier.com/i?stm=1696783899532&e=pv&url=https%3A%2F%2Fwww.spokesman.com%2F&page=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=210&p=web&tz=Pacific%2FHonolulu&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=40e0ccc1-b29a-40ac-a4a1-f9cce60b6a74&dtm=1696783899529&vp=1600x1200&ds=1600x10300&vid=1&sid=710428d1-bb68-41f0-876e-02e2ae945826&duid=fe384a58-a9ea-4366-b2ff-193198f78f7b&fp=3358973486&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4yLjg0MDcwMzk0MC4xNjk2NzgzODk4In19XX0 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.212.150.4 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-212-150-4.us-west-2.compute.amazonaws.com Software Apache/2.4.51 () OpenSSL/1.0.2k-fips / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 16:51:41 GMT Server Apache/2.4.51 () OpenSSL/1.0.2k-fips P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" Access-Control-Allow-Origin * Content-Type image/gif Access-Control-Allow-Credentials true Connection keep-alive Content-Length 43
GET H2	200	260139058256176 Show response connect.facebook.net/signals/config/	136 KB 35 KB	73ms 69ms	Script application/x-javascript	2a03:2880:f012:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/260139058256176?v=2.9.132&r=stable&domain=www.spokesman.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0f66cb7d91c7e12b5c0465f6a9fdf2ef20c5066445e639f153caf532304be91c Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 08 Oct 2023 16:51:39 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 36023 x-xss-protection 0 pragma public x-fb-debug kQhadc42tOFSOT5j1ToR10HQ84S41dl4gETqt0e6RxZ1Z5y+Q4h3Th5kJ4gUgtRinoGYLxNntV01tHpwN3J9Pw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	self Show response api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/	631 B 797 B	216ms 127ms	XHR application/json	104.26.5.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1696783899635 Requested by Host: cdn.mircheigeshoa.com URL: https://cdn.mircheigeshoa.com/prod/spokesman/fp.min.js?202398 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.5.15 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 296a1ae8c0ac52027be82a45d820b091516c1a1afed719aa1dce9ea6a142ef00 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:39 GMT content-encoding br cf-cache-status MISS last-modified Sun, 08 Oct 2023 16:51:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ct5PKbpH0Cku%2BTRQBe98TvWr2mq4LayROBG7Gy6UyT%2BqWXO2rQLlsNvmn9LmZ2MZUhp6xFslKSKsdYun%2BbAHrNyFnoatibxQMvIQ3GUfctopmcj0N%2B44GkRpOQIAk1VW0lK2"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin * cache-control max-age=1800 cf-ray 812fe3cd6c3a221a-MIA alt-svc h3=":443"; ma=86400
GET H2	200	/ www.facebook.com/tr/	0 185 B	274ms 67ms	Image text/plain	2a03:2880:f112:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=260139058256176&ev=PageView&dl=https%3A%2F%2Fwww.spokesman.com%2F&rl=&if=false&ts=1696783899666&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696783899663.163653418&cs_est=true&ler=empty&it=1696783899552&coo=false&exp=a1&rqm=GET Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sun, 08 Oct 2023 16:51:39 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	398 KB 51 KB	736ms 735ms	Fetch text/plain	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2307256438445998&correlator=2963364285235283&eid=31078562%2C44782500&output=ldjh&gdfp_req=1&vrg=202310040101&ptt=17&impl=fifs&iu_parts=1009641%2Cspokesman_homepage_top_300x250%2CSpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100%2Cspokesmandesktop_homepage_dashboard_300x250%2Cspokesmandesktop_homepage_1_728x90%2Cspokesmandesktop_homepage_2_728x90%2Cspokesmandesktop_homepage_3_728x90%2Cspokesman_homepage_728x90%2Cspokesmandesktop_homepage_anchor_729x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=300x600%2C1280x100%2C300x250%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696783899706&lmt=1696819899&adxs=1220%2C160%2C650%2C244%2C244%2C244%2C436%2C436&adys=340%2C223%2C1623%2C4297%2C5634%2C6336%2C8045%2C2110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.spokesman.com%2F&vis=1&psz=300x0%7C1600x101%7C300x0%7C1088x0%7C1088x0%7C1088x0%7C1600x0%7C728x-1&msz=300x0%7C1600x101%7C300x0%7C1088x0%7C1088x0%7C1088x0%7C1600x0%7C728x-1&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=840703940.1696783898&ga_sid=1696783900&ga_hid=109479718&ga_fc=true&dlt=1696783896879&idt=1378&prev_scp=pos%3Dsiderail_top%26adb_imp%3DS108.2%2C1%7Cadb_imp%3DS111.1%2C1%7Cpos%3Dsiderail_middle%26adb_imp%3DS107.3%2C1%26adb_bdr%3Dnone%7Cpos%3Dlb%26adb_imp%3DS113.4%2C1%26adb_bdr%3Dnone%7Cpos%3Dlb%26adb_imp%3DS113.5%2C1%26adb_bdr%3Dnone%7Cpos%3Dlb%26adb_imp%3DS113.6%2C1%26adb_bdr%3Dnone%7Cpos%3Dlb_top%26adb_imp%3DS105.7%2C1%26adb_bdr%3Dnone%7Cpos%3Dsticky_footer%26adb_imp%3DS88.8%2C1%26adb_bdr%3Dnone&cust_params=tags%3D%26category%3Dhomepage&adks=2241672555%2C338551237%2C3317406844%2C1956364540%2C2257727239%2C3046312524%2C607146697%2C1559385166&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c865a875fc4e49e06a68a864b5b1d102e6a597887dfafd1f0d2165f730900c53 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:40 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 google-mediationgroup-id -2,-2,-2,-2,-2,-2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51855 x-xss-protection 0 google-lineitem-id 6108660626,4994623904,-1,4703321642,5239133665,4700959668,6335429246,-2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138429672285,138425897770,-1,138425897722,138445707419,138425897614,138444189326,-2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.spokesman.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	297ms 124ms	XHR application/json	2607:f8b0:4020:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310040101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1507d831b17f46b0e16859d46491a2b362fc3ad45a3f5973baa074130a1737d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:39 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12059 x-xss-protection 0
GET H2	200	container.html Show response 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5CE7	6 KB 3 KB	1717ms 117ms	Document text/html	2607:f8b0:4020:804::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 16:51:41 GMT expires Mon, 07 Oct 2024 16:51:41 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	pp.js Show response api.aamapiv2.com/s/	15 KB 6 KB	49ms 48ms	Script text/javascript	2606:4700:3031::ac43:dc53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.aamapiv2.com/s/pp.js Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:dc53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16b68b35d7a7958fdfc7cfae0c8d6eaf4fdeea76cb8f389899486c0cd9c160df Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:39 GMT content-encoding br cf-cache-status HIT last-modified Fri, 10 Feb 2023 17:56:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 94 etag W/"63e68540-3c2f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MofifJkjLC5LGT6dyrOtKBqUHutGEz6ao8BPCH4z4L1Bod6ISxEpUlsZGGGfHChmlv9JJmDMLutymsgpwRMKp%2BzzQHhZyf%2FnPQAPCUdxaq1%2BJi0Rlhkbi2BHmd1kYJINOWXJ99abhLG4j3gzIRn8"}],"group":"cf-nel","max_age":604800} content-type text/javascript cf-ray 812fe3cd7ff19acc-MIA alt-svc h3=":443"; ma=86400
GET H3	200	gtm.js Show response www.googletagmanager.com/	261 KB 81 KB	112ms 111ms	Script application/javascript	2607:f8b0:4020:804::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WQTQTTW&l=MG2DL Requested by Host: cdn.o1ych4jb.com URL: https://cdn.o1ych4jb.com/prod/spokesman/g2i.min.js?202398 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 700cf196153a4ceeac60d68ba13e51aba945424fdaaa74cb5eee426a8a76ba78 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:40 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 82582 x-xss-protection 0 last-modified Sun, 08 Oct 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 08 Oct 2023 16:51:40 GMT
GET H2	200	ai.0.js Show response az416426.vo.msecnd.net/scripts/a/	94 KB 22 KB	36ms 36ms	Script application/x-javascript	2606:2800:11f:17a5:191a:18d5:537:22f9 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://az416426.vo.msecnd.net/scripts/a/ai.0.js Requested by Host: cdn.pranmcpkx.com URL: https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js?202398 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mic/9B3E) / Resource Hash 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 08 Oct 2023 16:51:40 GMT content-encoding gzip x-ms-meta-lastmodified 2020-10-01 19:31:04 content-md5 HdY95yzx9wIyQkVEGES+Ew== age 142 x-cache HIT content-length 22495 x-ms-lease-status unlocked last-modified Thu, 11 Mar 2021 07:46:59 GMT server ECAcc (mic/9B3E) etag 0x8D8E461DA1A5889 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id b9b8e2c9-801e-003a-3607-fab78f000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding cache-control public, max-age=1800 x-ms-version 2009-09-19 expires Sun, 08 Oct 2023 17:21:40 GMT
GET H2	200	index.js Show response cdn.czx5eyk0exbhwp43ya.biz/	7 KB 3 KB	1371ms 37ms	Script text/javascript	2606:2800:11f:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.czx5eyk0exbhwp43ya.biz/index.js Requested by Host: cdn.pranmcpkx.com URL: https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js?202398 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mic/9B0A) / Resource Hash 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 08 Oct 2023 16:51:41 GMT content-encoding gzip content-md5 nynBpfvYghYqzIzsvfssRw== age 363961 x-cache HIT content-length 2382 x-ms-lease-status unlocked last-modified Fri, 17 Jun 2022 17:08:13 GMT server ECAcc (mic/9B0A) etag 0x8DA5083F65AD9E0 vary Accept-Encoding content-type text/javascript access-control-allow-origin * x-ms-request-id ba24703a-801e-002f-10b8-f6fa75000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19
GET H2	200	SR__SPOKESMAN.json Show response cdn.pranmcpkx.com/prod/data/spokesman/	1 MB 1 MB	163ms 163ms	Fetch application/octet-stream	2606:2800:11f:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.pranmcpkx.com/prod/data/spokesman/SR__SPOKESMAN.json?_=1696783900031 Requested by Host: cdn.pranmcpkx.com URL: https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js?202398 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 / Resource Hash de00ac6d558f5ea8cae977225af45ce68137ba368e79ebe7299abd649b4ab39d Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-lease-status unlocked x-ms-blob-type AppendBlob date Sun, 08 Oct 2023 16:51:39 GMT last-modified Tue, 03 Oct 2023 18:43:33 GMT server Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 x-ms-blob-committed-block-count 1 etag 0x8DBC440A5AF9467 content-type application/octet-stream access-control-allow-origin * x-ms-request-id 751fc0ba-001e-001e-3407-fa1b66000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding cache-control no-cache x-ms-version 2009-09-19 content-length 1241921
GET H/1.1	200 OK	ad_300_250.jpg paywall-ad-bucket.s3.amazonaws.com/	631 B 1 KB	1388ms 81ms	Image image/jpeg	3.5.28.130 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 3.5.28.130 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 16:51:42 GMT Last-Modified Tue, 15 Oct 2019 13:44:16 GMT Server AmazonS3 x-amz-request-id P8ZYBAD2KBEFYXWF ETag "ef2cc7f55b7ab677b023e36033e26471" Content-Type image/jpeg Accept-Ranges bytes Content-Length 631 x-amz-id-2 x70QRF6DYkR2N46PI3aVN8XvJrWaOW4xxFKsDory843sH64rQK7WQvhuzw+gScDWlQQ/TLArPlzhstAFbrgph0ZNB7T6wF4nqhZESffgCAg= x-amz-meta-s3b-last-modified 20191015T134358Z
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	1652ms 347ms	Script text/javascript	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:41 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 08 Oct 2023 16:51:41 GMT
POST H3	200	x Show response api.aamapiv2.com/api/	0 430 B	301ms 226ms	XHR text/plain	2606:4700:3031::ac43:dc53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.aamapiv2.com/api/x?7p5hTm7gkWfTH5SZ$dXJsJDAkaHR0cHM6Ly93d3cuc3Bva2VzbWFuLmNvbS8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQwIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDEiLCJ3aW5kb3ckMCQxNjAweDEyMDAiLCJwaXhlbHJhdGlvJDAkMSIsImlubmVyJDAkMTYwMHgxMjAwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCQxIiwic2Vzc2lvblN0b3JhZ2UkMCQxIiwiYXBwQ29kZU5hbWUkMCRNb3ppbGxhIiwiYXBwTmFtZSQwJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQxJDUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMSR0cnVlIiwiZGV2aWNlTWVtb3J5JDEkOCIsImRvTm90VHJhY2skMSQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDEkNCIsImxhbmd1YWdlJDEkZW4tVVMiLCJwbGF0Zm9ybSQxJFdpbjMyIiwicHJvZHVjdCQxJEdlY2tvIiwicHJvZHVjdFN1YiQxJDIwMDMwMTA3IiwidXNlckFnZW50JDEkTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNy4wLjU5MzguMTQ5IFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMSRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQxJCIsIndlYmRyaXZlciQxJGZhbHNlIiwibmF2aWdhdG9yLWhhc2gkNSQ0MmNkZDhhMiIsIm5hdmlnYXRvci10aW1lJDUkNCIsInNlbmRCZWFjb24kNSQxIiwiZm9udHJlbmRlciQ1JDEiLCJ0aW1lJDYkMTY5Njc4Mzg5OTc5MyIsInRpbWV6b25lJDYkNjAwIiwicGx1Z2lucy10aW1lJDYkMC4xIiwicGx1Z2lucyQ2JGI2ZDA1NTU4IiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQ2JDEwIiwibWVtLXVzZWRKU0hlYXBTaXplJDYkMTAiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDYkMzc2MCIsInRpbWUtZmlyc3RQYWludCQ2JDI4MDIiLCJ0aW1lLWZldGNoU3RhcnQkNiQxNDEwIiwidGltZS1kb21haW5Mb29rdXBTdGFydCQ2JDE0MTEiLCJ0aW1lLWRvbWFpbkxvb2t1cEVuZCQ2JDE0NTciLCJ0aW1lLWNvbm5lY3RTdGFydCQ2JDE0NTciLCJ0aW1lLWNvbm5lY3RFbmQkNiQxNjg5IiwidGltZS1zZWN1cmVDb25uZWN0aW9uU3RhcnQkNiQxNTMxIiwidGltZS1yZXF1ZXN0U3RhcnQkNiQxNjg5IiwidGltZS1yZXNwb25zZVN0YXJ0JDYkMTg2NCIsInRpbWUtcmVzcG9uc2VFbmQkNiQxOTQxIiwidGltZS1kb21Mb2FkaW5nJDYkMTk1MSIsInRpbWUtZG9tSW50ZXJhY3RpdmUkNiQyNzc4IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQ2JDMxMjgiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQ2JDMxMjkiLCJ0aW1lLWRvbUNvbXBsZXRlJDYkNDEzOCIsInRpbWUtbG9hZEV2ZW50U3RhcnQkNiQ0MTM4IiwidGltZS1sb2FkRXZlbnRFbmQkNiQ0MTM5IiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDYkMCIsIm5hdmlnYXRpb24tdHlwZSQ2JG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDI0JDAiLCJnbG9iYWxzJDI1JDVlYzk4ODg0IiwiaGlzdG9yeSQyNSQyIiwiZG9jdW1lbnQtdGltZSQ0NSQwLjEiLCJkb2N1bWVudCQ0NSRjN2ZiYWIxOCIsImNvbm5lY3Rpb24kNDUkIiwiZG93bmxpbmtNYXgkNDUkIiwiZ2V0VXNlck1lZGlhJDQ1JDIiLCJwYWdlLWZyYW1lLWNvdW50JDQ2JDEiLCJwYWdlLWZyYW1lLWxpc3QkNDYkMHgwIzM4YWM5OWVlNDY0NGMzMjhkM2U2YWUzOTc2NzkzZmYyLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20iLCJwYWdlLWhhc2gtdGltZSQ1MiQ1LjQiLCJwYWdlLWhhc2gkNTIkM2ZhYTIxYjgiLCJmb250JDY1JDEwMDAwMDAiLCJzdHlsZS1oYXNoJDY2JDU2YzViOTY3Iiwic3R5bGUtdGltZSQ2NiQwLjgiLCJhdWRpby1jb2RlYyQ2NiQyMjIxMiIsInZpZGVvLWNvZGVjJDY3JDIyMjAwMCIsImNsb2NrJDc0JDQyNDMiLCJzb3J0JDkxJDE3LjIiLCJzdGFjayQ5MyQxMzk2MyIsInN0YWNrLWVycm9yJDkzJFJhbmdlRXJyb3I6IE1heGltdW0gY2FsbCBzdGFjayBzaXplIGV4Y2VlZGVkIiwic3RhY2stdGltZSQ5MyQxLjQiLCJ3ZWJnbCQxMDEkMSIsIndlYmdsMiQxMDEkMSIsIndlYmdsLXZlbmRvciQxMDEkSW50ZWwgSW5jLiIsIndlYmdsLXJlbmRlcmVyJDEwMSRJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJ3ZWJnbC1leHRlbnNpb25zJDEwMSQ0NDk1Mzk2NSIsIndlYmdsLXRpbWUkMTAxJDguMyIsInBlcm1pc3Npb24tZ2VvbG9jYXRpb24kMTAzJHByb21wdCIsImJhdHRlcnkkMTA0JDEgMSAwIEluZmluaXR5IiwiYXVkaW9jb250ZXh0JDEwNiRmN2U3MTJkOSIsImF1ZGlvY29udGV4dC10aW1lJDEwNiQzNy41IiwicGVybWlzc2lvbi1ub3RpZmljYXRpb25zJDEwNyRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQxMDckcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDEwNyRwcm9tcHQiLCJwZXJtaXNzaW9uLXBlcnNpc3RlbnQtc3RvcmFnZSQxMDckcHJvbXB0IiwiZnJhbWVyYXRlJDE2OCQ0MCIsImFkYmxvY2skMTY5JDA~ Requested by Host: api.aamapiv2.com URL: https://api.aamapiv2.com/s/pp.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3031::ac43:dc53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:40 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-methods * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XjB0eNqi%2BBjK1aHzGwOmFyIUji6qiTtSkBMvbY%2FbX3L4VP73ixA8M8trM1jQrmlabpk9Uf2aFG5C%2FfvoAQi%2FQcjV%2FgWK0Wkdrvn1UoCSoDQFq92g0czgvB%2FqhaxkVrAKu5NabDcbyumJqhx5gyEh"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 812fe3d01d764bff-MIA alt-svc h3=":443"; ma=86400
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame D938	0 0	90ms 89ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzIFqWAkTGKcveZHCHlTkc28vpwPa_RJNyPrk4Iq0oDzPHJvNdR4Ziq6bzdvz8g2UxEtVbGmM2Kt7wp4nspGDyScbTFHV0r0Zj6chA3XPNvYJAofLhG8YeBTgTW0W23QGYJ_qfPj1OJvjzy1o7yoaB5R8CXF_Gkjjpf2Eqi_BmDi67m3s5CHm0AzuG4k6ue7_6NCWDmJhit0CdF__V1JtELsn6V17P5fY4205Y5ddQ4vSwczj_UL-vV2D8cSc75EEYtsD4Prtr48flsj4EurXdITDXkYegqHrhaD0Z98a062Z8gAxNxoJm3NBOOZPNz5LTgXogWiCRIfUhJuSyJ3WX_LUtdxg&sai=AMfl-YS-SDBSnPZ9mZt3-5WREav48gSGtrBozVrVWXFbPWSsYp29ASdTMbfzzy-5ZuBbO4By20FV25eSBxQ95x6q4dJvU2-uCuOyFeSiuu5WyIx2dnrSYoPi0-rVxbtvAreDFa7uJlIIafnSi_OOW469&sig=Cg0ArKJSzLHsahmtqx-HEAE&uach_m=[UACH]&adurl= Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:40 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 08 Oct 2023 16:51:40 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame D938	3 KB 1 KB	1090ms 249ms	Script text/javascript	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:36:46 GMT content-encoding br x-content-type-options nosniff age 11695 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:36:46 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame D938	187 KB 59 KB	982ms 142ms	Script text/javascript	2607:f8b0:4020:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Oct 2023 16:51:41 GMT
GET H2	200	7340857805996086997 tpc.googlesyndication.com/simgad/ Frame D938	203 KB 203 KB	1162ms 323ms	Image image/jpeg	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/7340857805996086997 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f491f386a69945567ba068aa8883f043611af53178b715dcd6cdf9e99b3a3ad8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:41 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 207692 x-xss-protection 0 last-modified Fri, 14 Apr 2023 21:58:35 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 07 Oct 2024 16:51:41 GMT
GET DATA	200 OK	truncated / Frame D938	220 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b0a5322cce02f3816c0c7902c56f3ae80040fdcecd1c32ba39b8d7b6288738d2 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 9504	0 0	91ms 90ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWAHv0mfTKoBzTA6fCO7S008xhR4HtKnWq88_ui55SpCQ72tt-vP47mXgvXZ0-mkXQwGECybouXpI01Au4hhws7wyDY5ecyjo9R-xPGOdPuf0KhJ1V--PB9_0encx6jpcukJ5LyeEFLbtbsASnNysvsZ6LTyMBsfR4Eb0icRqgN07poLSEXzOh-0GyY_fnYtKCGLXYFlMncCEGMkdBPNq7VpsSMnhG7DbwtLRfSfv9ZJNK1lY5290ukaPqforUWbww9CI0dUQLzipw5IRBn5z-60vHyFzj56ZNSH2KSdQ7EIVrkLMjcSeKZ6b0Ba-RHAqWoKQMerH63Nq7kLh5jR7DTStgap5RDGgoll8VsUO8p7EH52OquzQjjUc&sai=AMfl-YRL43PQdFPwYwhd3Z4eyCJ0vgIWeCcM3pGQ5j-i1hXyoxAdrS3sAe8aM9YWsWMdNE9ztg53pS7k_5K9aG79vueanE5s5zuSouiyB0ySZVuiePOQsTkOaTBpaqFg9rPhSGWhFNLHbE-1C2qh17oI&sig=Cg0ArKJSzB7biMfCUycrEAE&uach_m=[UACH]&adurl= Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:40 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 08 Oct 2023 16:51:40 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 9504	3 KB 1 KB	1099ms 291ms	Script text/javascript	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:36:46 GMT content-encoding br x-content-type-options nosniff age 11695 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:36:46 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 9504	187 KB 59 KB	1116ms 310ms	Script text/javascript	2607:f8b0:4020:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Oct 2023 16:51:41 GMT
GET H2	200	11890828028754293036 tpc.googlesyndication.com/simgad/ Frame 9504	39 KB 39 KB	1060ms 254ms	Image image/jpeg	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/11890828028754293036 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1a2c4736cc2f8c90b3d4be3521aacf8176805f249734060952eac370a69bfd3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:41 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39610 x-xss-protection 0 last-modified Thu, 09 Mar 2023 00:22:23 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 07 Oct 2024 16:51:41 GMT
GET H2	200	container.html Show response 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DC5B	6 KB 3 KB	138ms 106ms	Document text/html	2607:f8b0:4020:804::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 16:51:41 GMT expires Mon, 07 Oct 2024 16:51:41 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 157F	0 0	95ms 95ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu26auRYAopSsaHlOYcMe4OuqibPP_BYO9Pqwx4xov18wI4sdM1cQe03aZep5tcQSIi4YoVGREk8ZIlbpOHbEb348POx7XsJ7mYB9iS7jqsx4_DvmHOpiO_gDVXj5rCqiH5ceydLhFHSdbP1sDRZz3WiVlMcVwWJ8FoABfv4Ji8vU8o9L62McKrJdxbz2tFngAbM9SIwMzypZrGIjfTvnDiH_urn98VVBu4I9X5ji09fgoUCf8Gy8LiNpZ9CtfSsPdNah0AjD_CFl0uJD2rWDruF0jTvnctkySrsDn619wuVKiSS--XHF-uIh3_yipR_z6R3tL6wDu154fQKw1mx7jRd659SXqUkpoK&sai=AMfl-YTZf8fBKWratsFG4jPIHp0qgMmedIJ6zQ9eu0bvWM59wSl8s_HzY_Kq1IV6OFgMUqLq-FzWRjHBCAswlhHFBO4_JebiCmV5_-OF_A-g5kPcAwDKguW0H4VZcFA9bLCK0wATD04vDeGGFDYCXgr4&sig=Cg0ArKJSzE-XVCbkRQiiEAE&uach_m=[UACH]&adurl= Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:40 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 08 Oct 2023 16:51:40 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 157F	3 KB 1 KB	1060ms 290ms	Script text/javascript	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:36:46 GMT content-encoding br x-content-type-options nosniff age 11695 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:36:46 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 157F	187 KB 59 KB	1067ms 298ms	Script text/javascript	2607:f8b0:4020:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Oct 2023 16:51:41 GMT
GET H2	200	4069334638644882651 tpc.googlesyndication.com/simgad/ Frame 157F	23 KB 23 KB	813ms 81ms	Image image/jpeg	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4069334638644882651 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3d9d11721437c3f63814557b7d583049eb49fc6a20427d2d36150682d033efec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 02:57:59 GMT x-content-type-options nosniff age 50022 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23097 x-xss-protection 0 last-modified Thu, 09 Mar 2023 00:20:57 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 07 Oct 2024 02:57:59 GMT
GET DATA	200 OK	truncated / Frame 9504	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fdce8355ba3bc3f39766135e5ada3f2e675fdf650dd4ed5f55df6ffd407f51de Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 157F	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e0c0351e715da4c32a440883e7e388d9b3766787d2ae5fb2dfd808fec4baeff2 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	i www.i.matheranalytics.com/	43 B 245 B	61ms 60ms	Image image/gif	54.159.255.204 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjEwODY2MDYyNiIsImVidXkiOiIzMDc5MzA4OTE0IiwiZWFkdiI6IjQ3OTUyNTI2ODMiLCJlY2lkIjoiMTM4NDI5NjcyMjg1IiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvc3Bva2VzbWFuX2hvbWVwYWdlX3RvcF8zMDB4MjUwIiwic2l6ZSI6IjMwMHg2MDAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=ff8f723c-52be-43ab-9ada-9aedbe28b5bd&pid=70ca35b6-4ff8-469d-9815-585faad55658&dtm=1696783900618&qnm=_matherq&visible=1&tabid=683b7796-c7f9-4e09-8429-de70b609c253&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=4000x10842&tofa=1696783898&vid=1&lvidt=1696783898&duid=ab2d9a3b-e035-4550-a1ed-ef155650b7f7&fp=3142853228&cid=ma20153&mrk=575681700 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.159.255.204 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-159-255-204.compute-1.amazonaws.com Software / Resource Hash d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" Date Sun, 08 Oct 2023 16:51:40 GMT Connection keep-alive Content-Length 43 Content-Type image/gif
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 1807	0 0	90ms 89ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYfGgeZl3kXiES5HnRasoPlVlWYGUgzcOFZb-uVUzpci1ZwRyVXqPWWGOgre48IRJ-WIbZgY56NeOr5iJwLgDr9beHnMmuxhl59xwUYHR-4K3d1r6Ho-xNZm3C3TIFiET-s1lA71yztTs5eWHNqjZLaHAgqLR7V_k9nZc9Wps_9JLsf0GfQieVIMRb5l9C4T9DLblpSCzMdqioQ6Ue3syDDPeOJ_zEKITznpUmmKgr3jLK_ocY3uOVrnb_8uHXZjEhCebHa5Cj_UVtIlNLvBpVnLSBZM6xame4819UDMveFNzNZlL0yV4Y_h6zyZV6Lo6Cos1axYUIqrHrzuMpTn0f0lOAGnOSlZTn&sai=AMfl-YSroQ4k98ntjpzjEgMwlFjyv4WycYmVkdY1pXSstepRVGlN5fVXPmTANitNlaCo84P59XQFHI9rtTh9wx1MPyDdPbIs9RwOHpXUYNfC0Js__tO_jJKGHt8CFl1gYgFnerrTToQwuz_yNPl7qB6A&sig=Cg0ArKJSzKlxX2X6yHVnEAE&uach_m=[UACH]&adurl= Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:40 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 1807	3 KB 1 KB	268ms 267ms	Script text/javascript	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:36:46 GMT content-encoding br x-content-type-options nosniff age 11695 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:36:46 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 1807	187 KB 59 KB	1093ms 399ms	Script text/javascript	2607:f8b0:4020:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Oct 2023 16:51:41 GMT
GET H2	200	6988158034319551626 tpc.googlesyndication.com/simgad/ Frame 1807	44 KB 45 KB	820ms 188ms	Image image/jpeg	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/6988158034319551626 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9f617fe80e536b1cc2d757597168b3550c485407d9635fe25868b1aa8cccb882 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 12:56:28 GMT x-content-type-options nosniff age 14113 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 45478 x-xss-protection 0 last-modified Fri, 08 Sep 2023 19:06:53 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 07 Oct 2024 12:56:28 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame ECDB	0 0	91ms 89ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3BsuplPajSZZdEVvB6EGa2rxJzkhs_inENFFXlwyAal_ozJC7c-evY6upb9cJaSQbAujGvUP3SgBgHoLl-YafkU6-O73ZidaMmkRfEk-b_UHtF4s_GnYFT4MQoBGiTcfo8DFebsbIKYsNWu8Ax0GDf65cpywb1NyUo-53AWu38FLhTbeCfQSb9kFGg58_RvjzTf7X1pXldxFv-MGwatgqh1VyBrVGgIrOK8_lWijMhGn6OtupDIkhE4OlP_blOcD3nzeADRl26G4JV_pCq_s01d9zobP74C_rH9fKCoA5puneiR8ndVGcBBxk0CTrDWranZjdHj-4_f_6C7Hb8gS0uORPQfjqyaT1&sai=AMfl-YQd2qG8wVfm0P3dfKAzn49l41HEj4-48ALjbwpMjA1Hs3LW0b-IirLKbYv-J_T1HkFObZ0FPEcwRHdt719DtNam_t_lNOIQqEqMdBLmmvI7pAzGfNW371Xw8GS1LBlrrhO09ioTCk-hTnbk6aYo&sig=Cg0ArKJSzCc6s9SZ8YcUEAE&uach_m=[UACH]&adurl= Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:40 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	4069334638644882651 tpc.googlesyndication.com/simgad/ Frame ECDB	23 KB 23 KB	783ms 151ms	Image image/jpeg	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4069334638644882651 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3d9d11721437c3f63814557b7d583049eb49fc6a20427d2d36150682d033efec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 02:57:59 GMT x-content-type-options nosniff age 50022 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23097 x-xss-protection 0 last-modified Thu, 09 Mar 2023 00:20:57 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 07 Oct 2024 02:57:59 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame ECDB	3 KB 1 KB	269ms 268ms	Script text/javascript	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:36:46 GMT content-encoding br x-content-type-options nosniff age 11695 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:36:46 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame ECDB	187 KB 59 KB	954ms 273ms	Script text/javascript	2607:f8b0:4020:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Oct 2023 16:51:41 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame A994	0 0	91ms 91ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuL8cedd9wEI5_pKB0bW4Yt_QfZ-mPogwwzrFgjL6SIZPcTXvZ2f2snKJK2djWYeG0ONrM3at1aLns7FrIEfhRTS2QJiu1mxU8gxpJdT3uUkrBlrym3lRahh1TaFxB3x06FLd8j7f_VnsbThGIpcIjcDlSMyAups98WUVaKyL4awcCxH3gQtdB8MGHuTBVKVWHCSdjsInFhSo8bzU9LXodYMa4aPEaC9QrzNbuVu8gsLfMm8K6OYCmrGjveQSkQUQljBWceBlujBwf-XOHKACjwQFzN0aqplVJvmaMDHe_H5WwGplaBTPCXteRzrBcubmVxXNbfNpSRFkM7cZVJrV0p&sai=AMfl-YSyAC56OTWplduHQGjbIrpbqxHu9wBdmlg6l4nTXcc9wYMKphYgHmcjelYcTJynFkWVhSRpSSYQXsz9EWmoFhYzgOWOSUNroB0il_WpIUU4OZgi8T7Upo447Fp_AZUCrKJfqwlKpdyF9ANxpVBV&sig=Cg0ArKJSzA3Fj44lkvLREAE&uach_m=[UACH]&adurl= Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:40 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame A994	3 KB 1 KB	272ms 271ms	Script text/javascript	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:36:46 GMT content-encoding br x-content-type-options nosniff age 11695 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:36:46 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame A994	187 KB 59 KB	1049ms 382ms	Script text/javascript	2607:f8b0:4020:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Oct 2023 16:51:41 GMT
GET H2	200	3119127049841289576 tpc.googlesyndication.com/simgad/ Frame A994	46 KB 46 KB	928ms 297ms	Image image/jpeg	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3119127049841289576 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310040101/pubads_impl.js?cb=31078562 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f02f190ea71e642685692c425458f4b430de6c9d428aa18953f5d857a713c84 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:41 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47182 x-xss-protection 0 last-modified Mon, 28 Aug 2023 23:43:01 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Mon, 07 Oct 2024 16:51:41 GMT
GET DATA	200 OK	truncated / Frame 1807	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash df9aec4a097efbc9bd9756efc940aaa3dc1f7c0e39151a05596209fc0f261b96 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame ECDB	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f303076e9f4d9e75fe99e61c1b8666f29e1fb2b1a6243f5c19aa421013e940c4 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame A994	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a22ddea0ec39369812d6fb154004c955c749f755c8c67d5672db87bbba40f935 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	204 No Content	/ adspsp.com/pt/4364783/23/1/	0 110 B	837ms 113ms	Image image/png	52.32.22.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adspsp.com/pt/4364783/23/1/?a=2,a2lnhpbn24AsRsJ53Mau,yNrUtawRfm&aa=00Gumh&a2=T1.m.0.2.10&a3=0,1xo,0,1,1,1,1,1,8,8,8,8&b=a0&b=v2V,1&b=I1,1K,1,2,:g3,4:,:s5:0,:r81:,:qoa,a,b:,:QDU,a,b,5,E,F,G,H,G,H:&b=I6,1N,1,7,:g3,8:,:s9:0,:r81:,:qob,a,c:&b=Ia,1J,1,b,:g3,c:,:sd:1k,1,5,e,,:r82:,:S9Q,:R3,5W,5:,:Rb,67,g:,:Rl,bS,1S:,:Rq,wC,6:,:Rd,DB,x:,:Ru,QP,2Z:,:Rz,R0,2P::,:CmN,:b,:R3,5W,5:0,,42,,0:,:b,:Rb,67,g:0,,4N,,0:,:b,:Rl,bS,1S:0,,3Z,,0:,:b,:Rq,wC,6:0,,69,,0:,:b,:Rd,DB,x:0,,4M,,0:,:b,:Ru,QP,2Z:0,,58,,0:,:b,:Rz,R0,2P:0,,,,0::,:qob,a,d:&b=If,1P,1,g,:g3,h:,:si:1h,1,1,e,,:r84:,:S9Q,:R3,5T,5:,:Rb,64,g:,:Rl,bQ,1S:,:Rq,wB,6:,:Rd,Dz,x:,:Ru,QM,2Z:,:Rz,QX,2P::,:CmO,:b,:R3,5T,5:0,,42,,0:,:b,:Rb,64,g:0,,4N,,0:,:b,:Rl,bQ,1S:0,,3Z,,0:,:b,:Rq,wB,6:0,,69,,0:,:b,:Rd,Dz,x:0,,4M,,0:,:b,:Ru,QM,2Z:0,,58,,0:,:b,:Rz,QX,2P:0,,9N,,0::,:qob,a,e:&b=Ij,1P,1,k,:g3,l:,:si:1h,1,1,e,,:r86:,:S9Q,:R3,5T,5:,:Rb,64,g:,:Rl,bQ,1S:,:Rq,wB,6:,:Rd,Dz,x:,:Ru,QM,2Z:,:Rz,QX,2P::,:CmO,:b,:R3,5T,5:0,,42,,0:,:b,:Rb,64,g:0,,4N,,0:,:b,:Rl,bQ,1S:0,,3Z,,0:,:b,:Rq,wB,6:0,,69,,0:,:b,:Rd,Dz,x:0,,4M,,0:,:b,:Ru,QM,2Z:0,,58,,0:,:b,:Rz,QX,2P:0,,9N,,0::,:qob,a,f:&b=Im,1P,1,n,:g3,o:,:si:1h,1,1,e,,:r87:,:S9Q,:R3,5T,5:,:Rb,64,g:,:Rl,bQ,1S:,:Rq,wB,6:,:Rd,Dz,x:,:Ru,QM,2Z:,:Rz,QX,2P::,:CmO,:b,:R3,5T,5:0,,42,,0:,:b,:Rb,64,g:0,,4N,,0:,:b,:Rl,bQ,1S:0,,3Z,,0:,:b,:Rq,wB,6:0,,69,,0:,:b,:Rd,Dz,x:0,,4M,,0:,:b,:Ru,QM,2Z:0,,58,,0:,:b,:Rz,QX,2P:0,,9N,,0::,:qob,a,g:&b=Ip,1H,1,q,:g3,r:,:si:1h,1,1,e,,:r88:,:S9Q,:R3,5T,5:,:Rb,64,g:,:Rl,bQ,1S:,:Rq,wB,6:,:Rd,Dz,x:,:Ru,QM,2Z:,:Rz,QX,2P::,:CmO,:b,:R3,5T,5:0,,42,,0:,:b,:Rb,64,g:0,,4N,,0:,:b,:Rl,bQ,1S:0,,3Z,,0:,:b,:Rq,wB,6:0,,69,,0:,:b,:Rd,Dz,x:0,,4M,,0:,:b,:Ru,QM,2Z:0,,58,,0:,:b,:Rz,QX,2P:0,,9N,,0::,:qob,a,h:&b=Is,1q,1,t,:g3,u:,:si:1n,2,8,e,,:reW:,:Sk3,:R3,5Z,5:,:Rb,6a,g:,:Rl,bU,1S:,:Rq,wB,6:,:Rd,Dz,x:,:Ru,QS,2Z:,:Rz,R3,2P::,:Co9,:b,:R3,5Z,5:0,,2q,,0:,:b,:Rb,6a,g:0,,,,0:,:b,:Rl,bU,1S:0,,2p,,0:,:b,:Rq,wB,6:0,,2v,,0:,:b,:Rd,Dz,x:0,,2m,,0:,:b,:Ru,QS,2Z:0,,2q,,0:,:b,:Rz,R3,2P:0,,1F,,0::,:qob,a,i:&b=Goa,1,:Kv,:k:w,:kx::,:L1,6,a,f,j,m,p,s:&b=Ky,:kz:&b=K&b=Ky,:kA:&b=Ky,:kB:&b=Ky,:kB:&b=Ky,:kB:&b=Ky,:kC:&b=Ky,:kD:&bi=Uba023tcbMSa0,adbridg_ad_adbdtsiderailtop_1,1009641,spokesman_homepage_top_300x250,300x600,Up6013tcbMSa0,adbridg_ad_adbdtsponsorshiplg_1,SpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100,1280x100,Uji033tcbMSa1,adbridg_ad_adbdtsiderailmid_1,spokesmandesktop_homepage_dashboard_300x250,300x250,0.2,U14043tcbMSa2,adbridg_ad_adbdtlb_1,spokesmandesktop_homepage_1_728x90,728x90,U9b053tcbMSa3,adbridg_ad_adbdtlb_2,spokesmandesktop_homepage_2_728x90,U18063tcbMSa4,adbridg_ad_adbdtlb_3,spokesmandesktop_homepage_3_728x90,Uo3073tcbMSa5,adbridg_ad_adbdtlbtop_1,spokesman_homepage_728x90,Uvo083tcbNSa6,adb-dt-anchor-slot,spokesmandesktop_homepage_anchor_729x90,tags,category,homepage,pos,siderail_top,siderail_middle,lb,lb_top,sticky_footer,5ewohd,3mosUO,2r6kNrL,6FpjGi&bt=tS7ajHB&e=500.3:3T4gt:11%3A%3B369%3BAsyncError%3BCannot%20read%20properties%20of%20null%20(reading%20%270%27)%3BTypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%270%27)%0A%20%20%20%20at%20https%3A%2F%2Fprod.adspsp.com%2Fadb.4364783.cr.js%3Fc%3DCxf48db65%3Aln99l37s%3A16%3Amd%3A1%3A81...&c=https%3A%2F%2Fwww.spokesman.com%2F&d=&f=1.lnhpbki7.2T2jb.3T36y&g=3T4h1&u=Cxf48db65:ln99l37s:16:md&v=18g.xc.0.8ko.1.0&adbj=arfulnhpbmx2fyaq&mp=0.3&adb_cm=t5a&adb_flag=lrc&txx=Txx1&rnd=1696783900725 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.32.22.4 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-32-22-4.us-west-2.compute.amazonaws.com Software linux / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Server linux Connection keep-alive Content-Length 0 Content-Type image/png
GET H/1.1	200 OK	i www.i.matheranalytics.com/	43 B 245 B	60ms 60ms	Image image/gif	54.159.255.204 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDk5NDYyMzkwNCIsImVidXkiOiIzODU2NTMwMTEiLCJlYWR2IjoiNDQzMDUzMjExIiwiZWNpZCI6IjEzODQyNTg5Nzc3MCIsImVlbnYiOiJqIiwiZXBpZCI6Ii8xMDA5NjQxL1Nwb2tlc21hbkRlc2t0b3BfU3VwZXJMZWFkZXJCb2FyZF9Ib21lUGFnZV8xMjgweDEwMCIsInNpemUiOiIxMjgweDEwMCIsInJlbmRlcmVkIjoiMSJ9&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=a82d3717-6882-4b4b-a142-599122dfcb4d&pid=70ca35b6-4ff8-469d-9815-585faad55658&dtm=1696783900702&qnm=_matherq&visible=1&tabid=683b7796-c7f9-4e09-8429-de70b609c253&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=4000x11112&tofa=1696783898&vid=1&lvidt=1696783898&duid=ab2d9a3b-e035-4550-a1ed-ef155650b7f7&fp=3142853228&cid=ma20153&mrk=575681700 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.159.255.204 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-159-255-204.compute-1.amazonaws.com Software / Resource Hash d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" Date Sun, 08 Oct 2023 16:51:40 GMT Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	i www.i.matheranalytics.com/	43 B 245 B	60ms 60ms	Image image/gif	54.159.255.204 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMzI1Mzc4MDcxNyIsImVhZHYiOiI1MzUzNzY5MjUzIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvc3Bva2VzbWFuZGVza3RvcF9ob21lcGFnZV9kYXNoYm9hcmRfMzAweDI1MCIsInNpemUiOiIzMDB4MjUwIiwicmVuZGVyZWQiOiIxIn0&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=fc9e01e8-216b-419b-a68d-87b29dcf5c16&pid=70ca35b6-4ff8-469d-9815-585faad55658&dtm=1696783900705&qnm=_matherq&visible=1&tabid=683b7796-c7f9-4e09-8429-de70b609c253&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=4000x11112&tofa=1696783898&vid=1&lvidt=1696783898&duid=ab2d9a3b-e035-4550-a1ed-ef155650b7f7&fp=3142853228&cid=ma20153&mrk=575681700 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.159.255.204 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-159-255-204.compute-1.amazonaws.com Software / Resource Hash d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" Date Sun, 08 Oct 2023 16:51:40 GMT Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	204 No Content	/ adspsp.com/pt/4364783/23/1/	0 110 B	735ms 114ms	Image image/png	52.32.22.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adspsp.com/pt/4364783/23/1/?a=2,a2lnhpbn24AsRsJ53Mau,yNrUtawRfm&aa=00Gumh&a2=T1.m.0.2.10&a3=0,20j,0,1,1,1,1,1,8,8,8,8&b=I1,1N,1,2,:g3,4:,:s5:0,:QfZ,1,2,5,6,7,8,9,8,9:,:cg3:&b=G0,1,:Ka,:k:b,:kc::,:Ld,1,e,f,g,h,i,j:&b=K&b=Ie,1J,1,k,:g3,l:,:sm:1k,1,5,n,,:Qg1,1,4,m,o,p,,,q,r:&b=Ks,:kt:&b=If,1P,1,u,:g3,v:,:sw:1h,1,1,n,,:Qg1,1,6,w,6,7,x,y,x,y:,:cg4:&b=Ks,:kz:&b=Id,1K,1,A,:g3,B:,:sC:0,:cg1:&b=Ij,1q,1,D,:g3,E:,:sw:1n,2,8,n,,:Qg2,1,9:&b=Ks,:kF:&b=Ig,1P,1,G,:g3,H:,:sw:1h,1,1,n,,:Qg2,1,b,w,I,J,K,L,K,L:,:cg4:&b=Ks,:kz:&b=Ih,1P,1,M,:g3,N:,:sw:1h,1,1,n,,:Qg2,1,d,w,6,7,O,P,O,P:,:cg4:&b=Ks,:kz:&b=Ii,1H,1,Q,:g3,R:,:sw:1h,1,1,n,,:Qg2,1,f,w,S,T,U,V,U,V:,:cg4:&b=Ks,:kW:&bi=Up6013tcbMSa0,adbridg_ad_adbdtsponsorshiplg_1,1009641,SpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100,1280x100,tZ0nx,q69XR,2r64Xwu,5s0VQ4,tags,category,homepage,Uba023tcbMSa0,Uji033tcbMSa1,U14043tcbMSa2,U9b053tcbMSa3,U18063tcbMSa4,Uo3073tcbMSa5,Uvo083tcbNSa6,adbridg_ad_adbdtsiderailmid_1,spokesmandesktop_homepage_dashboard_300x250,300x250,0.2,5QjRWZ,3ycx09,2r7xPHA,6Y2zL5,pos,siderail_middle,adbridg_ad_adbdtlb_1,spokesmandesktop_homepage_1_728x90,728x90,2r64XvI,58iEOu,lb,adbridg_ad_adbdtsiderailtop_1,spokesman_homepage_top_300x250,300x600,adb-dt-anchor-slot,spokesmandesktop_homepage_anchor_729x90,sticky_footer,adbridg_ad_adbdtlb_2,spokesmandesktop_homepage_2_728x90,4ZlNuc,2wArYN,2r7q4UX,5IyRZT,adbridg_ad_adbdtlb_3,spokesmandesktop_homepage_3_728x90,2r64XtY,588Km8,adbridg_ad_adbdtlbtop_1,spokesman_homepage_728x90,5obabQ,3w5CDL,2r7jHZA,6UKOyG,lb_top&bt=tS7ak5L&c=https%3A%2F%2Fwww.spokesman.com%2F&d=&f=1.lnhpbki7.2T2jb.3T36y&g=3T4jx&u=Cxf48db65:ln99l37s:16:md&v=18g.xc.0.8ko.1.0&adbj=arfulnhpbmx2fyaq&mp=0.3&adb_cm=t5a&adb_flag=lrc&txx=Txx2&rnd=1696783900828 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.32.22.4 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-32-22-4.us-west-2.compute.amazonaws.com Software linux / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Server linux Connection keep-alive Content-Length 0 Content-Type image/png
GET H/1.1	200 OK	i www.i.matheranalytics.com/	43 B 245 B	60ms 60ms	Image image/gif	54.159.255.204 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDcwMzMyMTY0MiIsImVidXkiOiIzODU2NTMwMTEiLCJlYWR2IjoiNDQzMDUzMjExIiwiZWNpZCI6IjEzODQyNTg5NzcyMiIsImVlbnYiOiJqIiwiZXBpZCI6Ii8xMDA5NjQxL3Nwb2tlc21hbmRlc2t0b3BfaG9tZXBhZ2VfMV83Mjh4OTAiLCJzaXplIjoiNzI4eDkwIiwicmVuZGVyZWQiOiIxIn0&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=9021eb8f-ca95-4acc-9ba0-a2e6156c220f&pid=70ca35b6-4ff8-469d-9815-585faad55658&dtm=1696783900707&qnm=_matherq&visible=1&tabid=683b7796-c7f9-4e09-8429-de70b609c253&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=4000x11112&tofa=1696783898&vid=1&lvidt=1696783898&duid=ab2d9a3b-e035-4550-a1ed-ef155650b7f7&fp=3142853228&cid=ma20153&mrk=575681700 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.159.255.204 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-159-255-204.compute-1.amazonaws.com Software / Resource Hash d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" Date Sun, 08 Oct 2023 16:51:40 GMT Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	publishertag.prebid.135.js Show response static.criteo.net/js/ld/	89 KB 29 KB	531ms 103ms	Script text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.135.js Requested by Host: prod.adspsp.com URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxf48db65:ln99l37s:16:md Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:41 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Fri, 24 Feb 2023 07:57:32 GMT server nginx etag W/"63f86dec-16386" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 09 Oct 2023 16:51:41 GMT
GET H/1.1	200 OK	i www.i.matheranalytics.com/	43 B 245 B	61ms 60ms	Image image/gif	54.159.255.204 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTIzOTEzMzY2NSIsImVidXkiOiIyMzEzNzk1NzgxIiwiZWFkdiI6IjQ1NzEwODI5NDAiLCJlY2lkIjoiMTM4NDQ1NzA3NDE5IiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvc3Bva2VzbWFuZGVza3RvcF9ob21lcGFnZV8yXzcyOHg5MCIsInNpemUiOiI3Mjh4OTAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=83fe7f04-82d4-4e0d-b027-cb57eff27e35&pid=70ca35b6-4ff8-469d-9815-585faad55658&dtm=1696783900718&qnm=_matherq&visible=1&tabid=683b7796-c7f9-4e09-8429-de70b609c253&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=4000x11112&tofa=1696783898&vid=1&lvidt=1696783898&duid=ab2d9a3b-e035-4550-a1ed-ef155650b7f7&fp=3142853228&cid=ma20153&mrk=575681700 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.159.255.204 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-159-255-204.compute-1.amazonaws.com Software / Resource Hash d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" Date Sun, 08 Oct 2023 16:51:41 GMT Connection keep-alive Content-Length 43 Content-Type image/gif
POST H3	200	collect Show response www.google-analytics.com/j/	16 B 36 B	120ms 120ms	XHR text/plain	2607:f8b0:4020:807::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=109479718&t=pageview&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABBAAAAGACIAC~&jid=992361817&gjid=703774105&cid=840703940.1696783898&tid=UA-230256-42&_gid=1429811480.1696783898&_r=1&_slc=1&gtm=45He3a40n81WQTQTTW&cd1=1696783901375.p00u3rt&cd2=Not%20Set&cd5=Not%20Set&cd6=Not%20Set&cd7=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd3=Not%20Set&cd4=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Not%20Set&cd17=1696783901376.0.qgo9o2egs4c&cd18=Not%20Set&cd19=Default&cd20=1.2.75.6&z=1552109541 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8c57aa3e22b73fc76dc9904261defd698f1e7f7d038b597e2fc13a41ed0f68e1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.spokesman.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	81ms 81ms	Script text/javascript	2607:f8b0:4020:807::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQTQTTW&l=MG2DL Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 08 Oct 2023 16:12:37 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 2344 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 08 Oct 2023 18:12:37 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	103ms 103ms	Image image/gif	2607:f8b0:4020:807::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=109479718&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MetaTagsCollected&el=Not%20Set&_u=aCDACEABBAAAAGACIAC~&jid=&gjid=&cid=840703940.1696783898&tid=UA-230256-42&_gid=1429811480.1696783898&gtm=45He3a40n81WQTQTTW&cd1=1696783901387.fuezqq8n&cd2=660c89b1f3e80860b9bee2a54377cf02&cd5=Not%20Set&cd6=Not%20Set&cd7=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd3=Not%20Set&cd4=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Not%20Set&cd17=1696783901387.0.uztpjtiqqsq&cd18=Not%20Set&cd19=Default&cd20=1.2.75.6&z=42843558 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sat, 07 Oct 2023 20:25:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 73588 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 69 B	69ms 67ms	XHR text/plain	2607:f8b0:4004:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-230256-42&cid=840703940.1696783898&jid=992361817&gjid=703774105&_gid=1429811480.1696783898&_u=aCDACEABBAAAAGACIAC~&z=1163112367 Requested by Host: az416426.vo.msecnd.net URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 08 Oct 2023 16:51:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.spokesman.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	227 KB 81 KB	112ms 111ms	Script application/javascript	2607:f8b0:4020:804::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3LQ9XR9JWD&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:804::2008 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e979183aae450fc44532ab40bde23ab9092adf867c613ee7781da0e2384f2711 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:41 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82935 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 08 Oct 2023 16:51:41 GMT
OPTIONS H2	200	track dc.services.visualstudio.com/v2/ Frame	0 0	487ms 88ms	Preflight	40.78.229.32 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.78.229.32 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type,sdk-context Access-Control-Request-Method POST Origin https://www.spokesman.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context access-control-allow-methods POST access-control-allow-origin * access-control-max-age 3600 content-length 0 date Sun, 08 Oct 2023 16:51:41 GMT x-content-type-options nosniff
POST H2	206	track Show response dc.services.visualstudio.com/v2/	415 B 601 B	102ms 101ms	XHR application/json	40.78.229.32 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dc.services.visualstudio.com/v2/track Requested by Host: az416426.vo.msecnd.net URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 40.78.229.32 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer accept-language en-US,en;q=0.9 Sdk-Context appId User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-type application/json Response headers x-ms-session-id FDB0463D-4F17-46F4-AF02-3C087CB92B3B strict-transport-security max-age=31536000 date Sun, 08 Oct 2023 16:51:41 GMT x-content-type-options nosniff access-control-max-age 3600 content-type application/json; charset=utf-8 access-control-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context content-length 415
GET H/1.1	200 OK	i www.i.matheranalytics.com/	43 B 245 B	71ms 71ms	Image image/gif	54.159.255.204 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDcwMDk1OTY2OCIsImVidXkiOiIzODU2NTMwMTEiLCJlYWR2IjoiNDQzMDUzMjExIiwiZWNpZCI6IjEzODQyNTg5NzYxNCIsImVlbnYiOiJqIiwiZXBpZCI6Ii8xMDA5NjQxL3Nwb2tlc21hbmRlc2t0b3BfaG9tZXBhZ2VfM183Mjh4OTAiLCJzaXplIjoiNzI4eDkwIiwicmVuZGVyZWQiOiIxIn0&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=29aeb5d3-ff74-4e31-b342-0ddcd6f47ce5&pid=70ca35b6-4ff8-469d-9815-585faad55658&dtm=1696783900721&qnm=_matherq&visible=1&tabid=683b7796-c7f9-4e09-8429-de70b609c253&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=4000x11112&tofa=1696783898&vid=1&lvidt=1696783898&duid=ab2d9a3b-e035-4550-a1ed-ef155650b7f7&fp=3142853228&cid=ma20153&mrk=575681700 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.159.255.204 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-159-255-204.compute-1.amazonaws.com Software / Resource Hash d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" Date Sun, 08 Oct 2023 16:51:41 GMT Connection keep-alive Content-Length 43 Content-Type image/gif
OPTIONS H3	204	adview securepubads.g.doubleclick.net/pagead/ Frame	0 0	136ms 136ms	Preflight text/html	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CLm99G94iZYrkMcjS_gSVg4bwAbKJtrpzxfO1r4ASue7wyKoBEAEgqOu9ngFgyYaAgNyjxBCgAaHAmPEoyAEJqQLIyeYGh1-CPuACAKgDAcgDywSqBM0CT9DgTWA-bgtauFtRt_sQsccXhXKEsJwQB_4ltHdkCFa33jtBbg8H1N-U2YMzbYunZ4XirvCL1a4wc-Niv9RHHMO0CPIag13hI4jSv-3sgn9174zf2hHYvFXb8PaF3NI9LwchhFkZVo7HsyH1SarX46OrakvmMf4DDtBVk5uBhazq7iceb4tPQ5hp578IAOH0QebHVolIubIAgMEqGwBNkYK333VQVcvHbdwEq9UNRDsuEQSo8cWSptJvid_AJR5wbyvDzN4QtXXFNGxL4RKDACuDkgzn1wlXl9VwjZ_mhv_9OPQV2NBjbgJtD1zN6aJiofUIglhxW1uwKkMrKK62dN_frdQvLC-F_9m4JV8jgvWr1B4XoimvpjSH27tDLT2yujjTGnYrwZPuXLjXML-N9IsRaU76EESMAxT5qHwbEjaQXkXP2bbY9YDNDW7RwASrtKPLvwTgBAGIBa-L18VMkgUECAQYAZIFBAgFGASgBi6AB_Dq6ZIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEPyHHNIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgn_AWh0dHBzOi8vd3d3LnRlbXUuY29tL2t1aXBlci91bjEuaHRtbD9zdWJqPWZlZWQtdW4mX2JnX2ZzPTEmX3BfbWF0MV90eXBlPTEmX3BfanVtcF9pZD03MjUmX3hfdnN0X3NjZW5lPWFkZyZsb2NhbGVfb3ZlcnJpZGU9MjExfmVuflVTRCZnb29kc19pZD02MDEwOTk1MTc2ODk1MTkmX3BfcmZzPTEmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2Fkc19jaGFubmVsPWdvb2dsZSZfeF9iZ19hZGlkPWdkMTUxMzY5NS0xJnRvcGljX2NsYXNzaWZ5PTEyMYAKA8gLAdoMEAoKELCXiNnwkZ-MVxICAQPiDRMIh-ztzPTmgQMVSKmfCh2VgQEe2BMN0BUBgBcBshceChwIABIUcHViLTk3Nzk2NTIxMjIwMTQ3MjgYuYoG&sigh=mmd26-CO2Y8&uach_m=[UACH]&ase=2&cid=CAQSTADICaaNBIyTDEu3GTqwNF7Xe5AYeOvZtAmXQ_i7qo2H0FeJe7G86r9l8JQ7ZVmzk-xlhKwB4887oFja96xJ9KIMcihwNS65hlLJTyoYAQ&template_id=494&nis=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sun, 08 Oct 2023 16:51:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	css fonts.googleapis.com/ Frame DC5B	4 KB 1 KB	284ms 102ms	Stylesheet text/css	2607:f8b0:4020:807::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 Requested by Host: 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com URL: https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::200a Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 08 Oct 2023 16:51:42 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 08 Oct 2023 15:00:18 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 08 Oct 2023 16:51:42 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame DC5B	2 KB 945 B	78ms 77ms	Script text/javascript	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com URL: https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:36:46 GMT content-encoding br x-content-type-options nosniff age 11695 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 865 x-xss-protection 0 server cafe etag 5051423035144352294 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:36:46 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame DC5B Redirect Chain https://securepubads.g.doubleclick.net/pagead/adview?ai=CLm99G94iZYrkMcjS_gSVg4bwAbKJtrpzxfO1r4ASue7wyKoBEAEgqOu9ngFgyYaAgNyjxBCgAaHAmPEoyAEJqQLIyeYGh1-CPuACAKgDAcgDywSqBM0CT9DgTWA-bgtauFtRt_sQsccX... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ffcb3ff8b8dff30000000000000000%22,%222%22:%220x37dcef6c53b77b330000000000000000%22,%223%22:%220xfe7d88...	0 0	288ms 141ms	Fetch text/css	172.217.13.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ffcb3ff8b8dff30000000000000000%22,%222%22:%220x37dcef6c53b77b330000000000000000%22,%223%22:%220xfe7d8892d29516920000000000000000%22,%224%22:%220x66a431d79cd131670000000000000000%22,%225%22:%220xe324df5e3386d2db0000000000000000%22},%22debug_key%22:%2213025174825447601524%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2210-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210911041001937312241%22}&andc=true Requested by Host: 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com URL: https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 172.217.13.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:42 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0xc6ffcb3ff8b8dff30000000000000000","2":"0x37dcef6c53b77b330000000000000000","3":"0xfe7d8892d29516920000000000000000","4":"0x66a431d79cd131670000000000000000","5":"0xe324df5e3386d2db0000000000000000"},"debug_key":"13025174825447601524","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["10-08"],"6":["true"]},"priority":"500","source_event_id":"10911041001937312241"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin null p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 08 Oct 2023 16:51:42 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Sun, 08 Oct 2023 16:51:42 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc6ffcb3ff8b8dff30000000000000000","2":"0x37dcef6c53b77b330000000000000000","3":"0xfe7d8892d29516920000000000000000","4":"0x66a431d79cd131670000000000000000","5":"0xe324df5e3386d2db0000000000000000"},"debug_key":"13025174825447601524","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["10-08"],"6":["true"]},"priority":"500","source_event_id":"10911041001937312241"}&andc=true access-control-allow-origin https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame DC5B	23 KB 9 KB	78ms 77ms	Script text/javascript	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js Requested by Host: 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com URL: https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:36:46 GMT content-encoding br x-content-type-options nosniff age 11695 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9151 x-xss-protection 0 server cafe etag 7930219084593097114 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:36:46 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame DC5B	3 KB 1 KB	81ms 80ms	Script text/javascript	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js Requested by Host: 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com URL: https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:36:46 GMT content-encoding br x-content-type-options nosniff age 11695 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:36:46 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame DC5B	20 KB 8 KB	82ms 82ms	Script text/javascript	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com URL: https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:36:46 GMT content-encoding br x-content-type-options nosniff age 11695 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8339 x-xss-protection 0 server cafe etag 16954770952846736976 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:36:46 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame DC5B	187 KB 59 KB	145ms 144ms	Script text/javascript	2607:f8b0:4020:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com URL: https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Oct 2023 16:51:42 GMT
GET H2	200	f20a2b7dfb9062a0a08db52babdaa11c.js Show response www.gstatic.com/mysidia/ Frame DC5B	37 KB 16 KB	205ms 64ms	Script text/javascript	2607:f8b0:4006:822::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com URL: https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 02 Oct 2023 19:06:00 GMT content-encoding gzip x-content-type-options nosniff age 510342 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15586 x-xss-protection 0 last-modified Mon, 02 Oct 2023 14:46:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 31 Dec 2023 19:06:00 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame D938	0 0	88ms 88ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBR0JYCI9jC9wMet7sck7gfdxpJXrujtfrPxmevjTs_NjjM17q_59l09YLb7ILOVA3fAChr9V1HbvhwFnSeJ726WGNPut5HBR7EmkkiiIwvZQrijZCLrbJwDDN8rD26WCyyTduW5cgdZGotaPHvCUu7NCkO3XZn3ppSUzYTDQ_bKgWILevhwDwdsTFcxKDNY2SEuNH-vG5vgT2j7fYYGovGYoOYmFmiqVCLub7_IZ1vurfKFveLEx_3RReGF_w7nibHqAHmiCLHCLXRdwYu3oe_M8J1O_Ec2k7P509TyGFuOM6g5-8E3xHmrGUbzM0gYeZn4jSB5mgaVr7httxsnNYHfXcrps6dw&sai=AMfl-YSiXb3heLJQH254oo8WAS7xifoHBXWZifN0rStU4jmhvKKQjrDnQzrVZukhqU7pchm7h5Ui4NwqGrpDuKjvPaPqqBaiGjl0NL3xu2pUa1k1CdkqP7DQ0oH2klh0_KOR3Dd95MhYnestcCSJ92u3&sig=Cg0ArKJSzElPha8qWviZEAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:42 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 08 Oct 2023 16:51:42 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame ECDB	0 0	90ms 90ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssjHb3CkWbFNlNFsbIp9UWrDZjF8x8TIono0dM77IdbeAKM3OMHeqJVNvdOBbRhA4TyQJ6jOl8ETXxyOiP5WQxZmh5wnPUHIlUB-Rpc715CZChPNoFKTnjMIv1SDJCcmuuFpNknJTuZ8u0qVU8O6KUofKCJ-jcd2qvOmlDKirdobWHiqLxVCGTjY4MUlDRcW_E6_cMQUttFiM0TAxz7omuOgTJF6RKbgCJP73sacvrvQLPXOZslWzvT_Cb6XBdY3KKKEFRPWsvtVsFgR6CN-KeBArhRDbKs-oZcQXyCr-lGgmQELXvWcAR28BEPLkRE80RItqHYaKoLsund0EXHdx-98SU5vmOHIcCRkHI&sai=AMfl-YT1wsc9GkxxpQ0b2RjvweZNTi8Su-Shv3c6ti60s8QmIK8udnI6ZVR-e6lzRvjRSJVGv0UeyknIwxtOOVAQWWmw22a_5-bktGQnhF_pH1ren0-R83lkSdWVdQDYWZFfZnM5IaWs-OPMquxWGp2C&sig=Cg0ArKJSzHplmjDHaOmPEAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:42 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 08 Oct 2023 16:51:42 GMT
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame DC5B	12 KB 13 KB	301ms 143ms	Image image/jpeg	2607:f8b0:4006:81e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR6Qtm43Kqqvq5TyzkNqcBfy_CvuDPvaIaex_hqu4mBBkPONgTN5s-ruy041Sg&usqp=CAI Requested by Host: 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com URL: https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80fc584af4e673ab2f9bafa087abfc6db2e56ac629ae687a1d7906a2f53664d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 04 Oct 2023 15:23:37 GMT x-content-type-options nosniff age 350885 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12744 x-xss-protection 0 last-modified Sun, 26 Mar 2023 04:47:50 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Thu, 03 Oct 2024 15:23:37 GMT
GET H2	200	shopping encrypted-tbn3.gstatic.com/ Frame DC5B	84 KB 84 KB	224ms 66ms	Image image/jpeg	2607:f8b0:4006:822::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTynzOqnQpkI8Jpky13wRSvZAgYzwFvzQ7eLwk1FWNAe8W_MiU1eJlWjYD0tw&usqp=CAI Requested by Host: 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com URL: https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 522e65358623ee8ff3318033215985834698122d88fccea5e10873bd21c0d6de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 07 Oct 2023 12:12:53 GMT x-content-type-options nosniff age 103129 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85561 x-xss-protection 0 last-modified Thu, 20 Apr 2023 20:17:08 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Sun, 06 Oct 2024 12:12:53 GMT
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame DC5B	33 KB 33 KB	222ms 65ms	Image image/jpeg	2607:f8b0:4006:81e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcR_rYdigsmIddVbQxFlDHq-JAblVWLxiAvNQ8BEdqwtd-KJfJzZsjOih04p-w&usqp=CAI Requested by Host: 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com URL: https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f1de43b1e4b3b77cd0e10898ecbacd8c8b2d46c1ab0e8da4064c22d1aa6d756a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 04 Oct 2023 14:30:39 GMT x-content-type-options nosniff age 354063 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 33329 x-xss-protection 0 last-modified Wed, 11 Oct 2023 04:32:09 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Thu, 03 Oct 2024 14:30:39 GMT
GET H3	200	7775594092382834397 tpc.googlesyndication.com/simgad/ Frame DC5B Redirect Chain https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgOC6o_afKhCwCRiwCTIIyPC0mtCeWjM https://tpc.googlesyndication.com/simgad/7775594092382834397	77 KB 77 KB	87ms 86ms	Image image/png	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/7775594092382834397 Requested by Host: 38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com URL: https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 07 Oct 2023 04:12:16 GMT x-content-type-options nosniff age 131966 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 79088 x-xss-protection 0 last-modified Thu, 25 May 2023 12:39:34 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 06 Oct 2024 04:12:16 GMT Redirect headers date Sun, 08 Oct 2023 01:28:35 GMT x-content-type-options nosniff server cafe age 55387 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://tpc.googlesyndication.com/simgad/7775594092382834397 content-type text/html; charset=UTF-8 cache-control public, max-age=2592000 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 07 Nov 2023 01:28:35 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 157F	0 0	101ms 100ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlJ0_In3T5mXvJ_ZbtQio0rc4GVT3eI2f0qu3MdZkIF389Mv-cKauKF9RKmlNBlDkLjHbkBVGBSjak5AxzIHnUFsbsMojm96a2OCIxD_9N5_AFoslH1xuB6MYzO1Pbo5bt2d2k-QrLYYiZ3KPeWbBuRuPcmYnE7_k3zRF65LZhzfMG2b-ITP4ZC65MwaY1Z3zTyJnwrudn9yNHNDVirp59nNw2riWHfFUuJrnmRhO508cv_CCP7tAFch9k5uIGF4H8zd-U8NM5FQR75BkeIp312KnJ3fuod244dtI6ppHhj4gn7pHjD17aUIn4CStFyf_usUt51tpKVG28sLFc_hiVY6QEwhOwExZpnAI&sai=AMfl-YSk55sTeh7cDf_YRGsWtBIN8hYED7eNBwpIUNy5pWmLLzlR0P8GanzS8aBM9Qr6o74aJb-tuAPTR09EIRqxYhlErc7XK2d1ZkC_-5YgvkhS61mUmUhvChxia6TKQ6_LRwcaOqNiO7h5Z7CGUe8K&sig=Cg0ArKJSzO6GW0LX9jRGEAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:42 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 08 Oct 2023 16:51:42 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 9504	0 0	91ms 90ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZ5d_YubzdkMUSuLxwyyWzApvDuUzzE3HARkjBwVQNw_L4xtBwkt_fH6xvUbBSwgN6AqPk8qsYjg08C1J6uYIoq7VL0yxO3esWnb8NDT2LJwWvVTdoniZWMB5a0s7rf1rHRVy0Om8uPfNzVq801oDD1TP4DlLKVZaZCo5x_0_bZmGcemGU6lH2MGyx7ClmTYol7sDKiPcPfbMxcGDLsy3Hjgnd0UxJ2DC16RQbQfszycgCtZDaoQRQLqTVIeFJeNOkd-HMw758nsNap50rhvYOwYzFwMNO0wrqK0dZdyoS1dc4Bs4O1I-iJeAu7UQEo8pFQD3m0jmmea5XkPVRGTQP3eF3lLlrpYCOQuzB8EU-b2nP7sxlvFkTp0qUGQ&sai=AMfl-YQComyyTmyVUuyi5Pcy6pPy4Bl5v72G-mUE91Pdr3gpfvu1oaD_V1uskCDXn3A49v_vyebwNjWJ8Lt-jMv3kRiq9pyGttR1c0d63UxH9vWDuqte3WWzMRhxjbddHFEZGMmrbIRBEZtRJeuJXoqW&sig=Cg0ArKJSzFyvCoqFm7QDEAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:42 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 08 Oct 2023 16:51:42 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame A994	0 0	89ms 88ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_W1NEiYx7iUAZzCUgG8s3glr7d08ujZKGQAmHqn-uP0X3rOI_3opw3Jh2qFykYo5MN_GF2pa4UzDZ3TwaaJdQXDqJ4nEwrFjlcRO-foOugtRZ7Ug8YjhfO-r8Hf5iGWEfTfZ-07AJlNXiNARC6vwgq4gucItWBwKQhodlgOYsjMgE9xqy5kPbJEw-NLHjb5VR0V809LmlHxcQLIQPzkywQwW2vJYRNWNVloApCKWXxuXfsodY4MXdFKnQ4Ct-Ulo65_m-dqrbUl2EEXlDXNOyxXzL8V86hqrZwyhKBFEcyaIRbvQacWJzD6LBAXZ0SeRj1UCA2rLUzvXxpYGtF4li7xY&sai=AMfl-YRPhed9okZvhuqVpcG5XCvq3Npf0xYywxVoVoeIFM3gW_ExIEEptSPyDQZ1u8opIyILoCJx8ackc05Xk7zt71ITXL8T7Xoymd0_8SDC37RMfZrdT7oF-2AUPSlFmFWLWcOpWADTruKY4Rzm5QEG&sig=Cg0ArKJSzCIgKFZ2mj3sEAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:42 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 08 Oct 2023 16:51:42 GMT
GET H2	200	syncframe Show response gum.criteo.com/ Frame 4315	15 KB 6 KB	204ms 57ms	Document text/html	2620:100:a001::c AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.spokesman.com Requested by Host: static.criteo.net URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 16:51:42 GMT server Kestrel server-processing-duration-in-ticks 238368 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	publishertag.prebid.js Show response static.criteo.net/js/ld/	95 KB 31 KB	232ms 112ms	XHR text/javascript	2620:100:a001::4 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/js/ld/publishertag.prebid.js Requested by Host: az416426.vo.msecnd.net URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software nginx / Resource Hash 82a82b0d01609a866a65587cb8bea49710d570151f8a8e53232124dccf8a4676 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:42 GMT content-encoding gzip strict-transport-security max-age=31536000; preload; last-modified Thu, 07 Sep 2023 09:22:37 GMT server nginx etag W/"64f9965d-17d52" content-type text/javascript access-control-allow-origin * cache-control max-age=86400, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Mon, 09 Oct 2023 16:51:42 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 1807	0 0	90ms 89ms	Fetch image/gif	2607:f8b0:4006:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEAKNsngZByHjIJtdbKiFDk7hvICRyqbPTXtIeuoYI6zpJRWwd_IYAXgJkgpWn0qe4JV20MvVTq_NGjsekO5LMOmsZNfhqXqwlewt-xssnitMuKamNeYsszdZ6ibHwHLbpiUQ7iJkNMG2Waik-JcbGa7tgo2GiNjZgSPn3EBTiShdgtkf7qpTIGN7LruxtD4zMbgIgu5mZO9A7dF9zlZ-opwYf_V9E93qaO_hcdLjwdzhcNdEFe2sYEN-n2RS6BQ_wyQC1tJz4w9m9LgHKHtAVduVRHXNRRQMlXtMoYSfxTbK0CJT4lkRL2tyRrN8Gm8wqPbzAA0w2zFrgphNfAI1XY8HKgmbezAmsC-k&sai=AMfl-YT8vmCmQR3ew7CXEagZUC4Qsu0BvqKYvB3EOQTL5BW0QRIt1sd6sYrCOyMutq_QEBTHeYM6YvsHsVJyeif1dd8iL8p13KncamLXoNC4aDKCMrxv8FtfJeYjBRWHMKumnuQc_Mfaxwdx5GhXc7EW&sig=Cg0ArKJSzDV0Unixx0_1EAE&uach_m=[UACH]&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:42 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sun, 08 Oct 2023 16:51:42 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame AB2E	13 KB 5 KB	83ms 79ms	Document text/html	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes age 511112 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 02 Oct 2023 18:53:10 GMT expires Tue, 01 Oct 2024 18:53:10 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame F28A	829 B 998 B	109ms 107ms	Document text/html	2607:f8b0:4020:805::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2ce94ea10aed4731e405794dd2a565b963847cea3b4a2d005640befc2e546924 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-M69FtLsBnYRrFgxd_xR6LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-M69FtLsBnYRrFgxd_xR6LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 16:51:42 GMT expires Sun, 08 Oct 2023 16:51:42 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H/1.1	200 OK	i www.i.matheranalytics.com/	43 B 245 B	68ms 67ms	Image image/gif	54.159.255.204 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjMzNTQyOTI0NiIsImVidXkiOiIzMjIyNTgxNDI1IiwiZWFkdiI6IjQ5Mzc5NTcwMDYiLCJlY2lkIjoiMTM4NDQ0MTg5MzI2IiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvc3Bva2VzbWFuX2hvbWVwYWdlXzcyOHg5MCIsInNpemUiOiI3Mjh4OTAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Pacific%2FHonolulu&tzoff=600&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=2778a971-1e33-47bb-a9ce-27edf8d3fa11&pid=70ca35b6-4ff8-469d-9815-585faad55658&dtm=1696783900722&qnm=_matherq&visible=1&tabid=683b7796-c7f9-4e09-8429-de70b609c253&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=4000x11112&tofa=1696783898&vid=1&lvidt=1696783898&duid=ab2d9a3b-e035-4550-a1ed-ef155650b7f7&fp=3142853228&cid=ma20153&mrk=575681700 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.159.255.204 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-159-255-204.compute-1.amazonaws.com Software / Resource Hash d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers P3P policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" Date Sun, 08 Oct 2023 16:51:42 GMT Connection keep-alive Content-Length 43 Content-Type image/gif
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	444ms 144ms	Preflight text/html	172.217.13.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ffcb3ff8b8dff30000000000000000%22,%222%22:%220x37dcef6c53b77b330000000000000000%22,%223%22:%220xfe7d8892d29516920000000000000000%22,%224%22:%220x66a431d79cd131670000000000000000%22,%225%22:%220xe324df5e3386d2db0000000000000000%22},%22debug_key%22:%2213025174825447601524%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2210-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210911041001937312241%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s04-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin null alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Sun, 08 Oct 2023 16:51:42 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H3	204	collect www.google-analytics.com/g/	0 17 B	101ms 100ms	Ping text/plain	2607:f8b0:4020:807::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-3LQ9XR9JWD&gtm=45je3a40&_p=109479718&ul=en-us&sr=1600x1200&cid=840703940.1696783898&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sid=1696783902&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=1696783901375.p00u3rt&ep.ua_dimension_2=Not%20Set&ep.ua_dimension_5=Not%20Set&ep.ua_dimension_6=Not%20Set&ep.ua_dimension_7=Not%20Set&ep.ua_dimension_8=Not%20Set&ep.ua_dimension_9=Not%20Set&ep.ua_dimension_3=Not%20Set&ep.ua_dimension_4=Not%20Set&ep.ua_dimension_10=Not%20Set&ep.ua_dimension_11=Not%20Set&ep.ua_dimension_12=Not%20Set&ep.ua_dimension_13=Not%20Set&ep.ua_dimension_14=Not%20Set&ep.ua_dimension_15=Not%20Set&ep.ua_dimension_16=Not%20Set&ep.ua_dimension_17=1696783901376.0.qgo9o2egs4c&ep.ua_dimension_18=Not%20Set&ep.ua_dimension_19=Default&ep.ua_dimension_20=1.2.75.6 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3LQ9XR9JWD&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:42 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.spokesman.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame DC5B	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 695d387118a622fe76d68ba489ae360755934a68e1305efeb2f73d11cb88f085 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H2	200	ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2 fonts.gstatic.com/s/googlesansdisplay/v21/ Frame DC5B	21 KB 21 KB	274ms 81ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 07 Oct 2023 05:35:25 GMT x-content-type-options nosniff age 126977 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21428 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:32:46 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 06 Oct 2024 05:35:25 GMT
GET H2	200	ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 fonts.gstatic.com/s/googlesansdisplay/v21/ Frame DC5B	20 KB 20 KB	347ms 154ms	Font font/woff2	2607:f8b0:4020:804::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:804::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 04 Oct 2023 01:18:28 GMT x-content-type-options nosniff age 401594 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20784 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:21:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 03 Oct 2024 01:18:28 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame F28A	0 0	108ms 108ms	Image text/html	2607:f8b0:4020:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310040101&jk=2307256438445998&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H3	200	YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response pagead2.googlesyndication.com/bg/ Frame AB2E	37 KB 14 KB	79ms 79ms	Script text/javascript	2607:f8b0:4020:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Tue, 03 Oct 2023 04:23:44 GMT content-encoding br x-content-type-options nosniff age 476878 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14663 x-xss-protection 0 last-modified Mon, 02 Oct 2023 14:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 02 Oct 2024 04:23:44 GMT
GET H/1.1	200 OK	cksync.html cs.media.net/ Redirect Chain https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx https://us-u.openx.net/w/1.0/cm?cc=1&id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx https://cs.media.net/cksync.html?cs=8&type=opx86b217a4-3a70-0279-02ea-c20f522ca2ed	0 0	212ms 104ms	Image text/html	23.49.100.28 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cs.media.net/cksync.html?cs=8&type=opx86b217a4-3a70-0279-02ea-c20f522ca2ed Protocol HTTP/1.1 Server 23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-49-100-28.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Redirect headers date Sun, 08 Oct 2023 16:51:42 GMT content-encoding gzip via 1.1 google server OXGW/0.0.0 vary Accept, Accept-Encoding content-type image/gif location https://cs.media.net/cksync.html?cs=8&type=opx86b217a4-3a70-0279-02ea-c20f522ca2ed p3p CP="CUR ADM OUR NOR STA NID" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	cksync.php contextual.media.net/ Redirect Chain https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=&gpp=${GPP_STRING_142}&gpp_sid=${GPP_SID}&url=https%3A%2F%2Fcontextual.med... https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1a758f0d-4bd4-47be-81c7-e2fd86a17522&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=	53 B 778 B	256ms 116ms	Image image/gif	23.47.168.66 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1a758f0d-4bd4-47be-81c7-e2fd86a17522&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy= Protocol H2 Server 23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-47-168-66.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Sun, 08 Oct 2023 16:51:42 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store content-length 53 x-mnet-hl2 E expires Sun, 08 Oct 2023 16:51:42 GMT Redirect headers pragma no-cache date Sun, 08 Oct 2023 16:51:42 GMT x-errorlevel 0 strict-transport-security max-age=31536000; preload; server Kestrel p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" location https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=1a758f0d-4bd4-47be-81c7-e2fd86a17522&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy= cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 2393522 content-length 0 expires Sun, 08 Oct 2023 00:00:00 GMT
GET H/1.1	200 OK	cksync.php cs.media.net/	52 B 640 B	319ms 166ms	Image image/gif	23.49.100.28 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cs.media.net/cksync.php?cs=8 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-49-100-28.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache Date Sun, 08 Oct 2023 16:51:42 GMT Server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Timing-Allow-Origin * Content-Length 52 x-mnet-hl2 E Expires Sun, 08 Oct 2023 16:51:42 GMT
GET H/1.1	200 OK	cksync.php cs.media.net/ Redirect Chain https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcs.media.net%2Fcksync.php%3Fcs%3D8%26type%3Ddxu%26ovsid%3D_wfivefivec_ https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=PLhVgFvR1QPx0i5	53 B 631 B	333ms 311ms	Image image/gif	23.49.100.28 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=PLhVgFvR1QPx0i5 Protocol HTTP/1.1 Server 23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-49-100-28.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Pragma no-cache Date Sun, 08 Oct 2023 16:51:43 GMT Server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA Content-Type image/gif Cache-Control max-age=0, no-cache, no-store Connection keep-alive Timing-Allow-Origin * Content-Length 53 x-mnet-hl2 E Expires Sun, 08 Oct 2023 16:51:43 GMT Redirect headers Pragma no-cache Date Sun, 08 Oct 2023 16:51:42 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0f50c1c44ae5d9330@us-east-1b@dxedge-app-us-east-1-prod-asg Location https://cs.media.net/cksync.php?cs=8&type=dxu&ovsid=PLhVgFvR1QPx0i5 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cksync.php contextual.media.net/ Redirect Chain https://x.bidswitch.net/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&gdpr_pd=1 https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=d6e07841-073d-417f-9998-179ace539113&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp... https://x.bidswitch.net/sync?dsp_id=440&ssp=medianet&user_id=TQV8oFwmtOGpPFj4ckgg0 https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=d6e07841-073d-417f-9998-179ace539113&gdpr=&gdpr_consent=&gdpr_pd=	53 B 464 B	106ms 105ms	Image image/gif	23.47.168.66 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=d6e07841-073d-417f-9998-179ace539113&gdpr=&gdpr_consent=&gdpr_pd= Protocol H2 Server 23.47.168.66 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-47-168-66.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 date Sun, 08 Oct 2023 16:51:43 GMT server Apache p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-type image/gif cache-control max-age=0, no-cache, no-store content-length 53 x-mnet-hl2 E expires Sun, 08 Oct 2023 16:51:43 GMT Redirect headers Location //contextual.media.net/cksync.php?cs=1&type=bs&ovsid=d6e07841-073d-417f-9998-179ace539113&gdpr=&gdpr_consent=&gdpr_pd= Date Sun, 08 Oct 2023 16:51:43 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H2	200	sid Show response mug.criteo.com/ Frame 4315 Redirect Chain https://gum.criteo.com/sid/json?origin=publishertag&domain=spokesman.com&sn=ChromeSyncframe&so=0&topUrl=www.spokesman.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 https://mug.criteo.com/sid?cpp=Fxwep3xwWmhxUU11TXRzZk9TeThtWEd2UXRWQk5LeCtRa2IxeXRxZlVsempmWVBzRlAwNiszU1ROSFlOelIzcW5RZ2hOcm9ScmhmTG5LcjlWKy91RUNFTGtMWk01dFB4ZHFSWkhuSG1WTXZ5NUF4dFNqWExjSG56bVA2TT...	428 B 653 B	184ms 58ms	Fetch application/json	74.119.119.139 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://mug.criteo.com/sid?cpp=Fxwep3xwWmhxUU11TXRzZk9TeThtWEd2UXRWQk5LeCtRa2IxeXRxZlVsempmWVBzRlAwNiszU1ROSFlOelIzcW5RZ2hOcm9ScmhmTG5LcjlWKy91RUNFTGtMWk01dFB4ZHFSWkhuSG1WTXZ5NUF4dFNqWExjSG56bVA2TTY3ajFUTXNreGNtWERNRDBwUHlORzhtWTdXbUQxcXU4cmdzSnVITFkxS3E5K2NWWDhzQzV1NnhneDNZMXpDZ2MweXdCajdGRytoVXh4cTBTUkduYXF0cGhtY2xzU09jRlJLQXBrblI1ZldEWDRuVWZTcnBFOXQ3ZC9rTWhQUDUwS05yUkgxNUhSckV6M2ZpYzZ5bjlnS0NnY2ZZVlpldz09fA&cppv=2 Protocol H2 Server 74.119.119.139 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash da3d4ad95f74393a5dcca781f6d21d49797b28a079d864815a99c8aa4ed4809b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-US,en;q=0.9 Referer https://gum.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:42 GMT strict-transport-security max-age=31536000; preload; content-encoding gzip server Kestrel vary Accept-Encoding access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://gum.criteo.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true server-processing-duration-in-ticks 927347 expires 0 Redirect headers pragma no-cache date Sun, 08 Oct 2023 16:51:42 GMT strict-transport-security max-age=31536000; preload; server Kestrel location https://mug.criteo.com/sid?cpp=Fxwep3xwWmhxUU11TXRzZk9TeThtWEd2UXRWQk5LeCtRa2IxeXRxZlVsempmWVBzRlAwNiszU1ROSFlOelIzcW5RZ2hOcm9ScmhmTG5LcjlWKy91RUNFTGtMWk01dFB4ZHFSWkhuSG1WTXZ5NUF4dFNqWExjSG56bVA2TTY3ajFUTXNreGNtWERNRDBwUHlORzhtWTdXbUQxcXU4cmdzSnVITFkxS3E5K2NWWDhzQzV1NnhneDNZMXpDZ2MweXdCajdGRytoVXh4cTBTUkduYXF0cGhtY2xzU09jRlJLQXBrblI1ZldEWDRuVWZTcnBFOXQ3ZC9rTWhQUDUwS05yUkgxNUhSckV6M2ZpYzZ5bjlnS0NnY2ZZVlpldz09fA&cppv=2 cache-control no-cache, no-store, must-revalidate server-processing-duration-in-ticks 262483 content-length 0 expires 0
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame AB2E	0 10 B	81ms 78ms	Image text/plain	2607:f8b0:4020:805::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?x0QYRw Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:805::2001 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 16:51:42 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response pagead2.googlesyndication.com/bg/ Frame D204	37 KB 14 KB	79ms 78ms	Script text/javascript	2607:f8b0:4020:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Requested by Host: www.spokesman.com URL: https://www.spokesman.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://38ac99ee4644c328d3e6ae3976793ff2.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 04 Oct 2023 07:45:00 GMT content-encoding br x-content-type-options nosniff age 378402 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14696 x-xss-protection 0 last-modified Mon, 02 Oct 2023 14:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 03 Oct 2024 07:45:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	110ms 109ms	Image text/html	2607:f8b0:4020:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310040101&jk=2307256438445998&bg=!2Nul25TNAAbjlzx0w5c7ADQBe5WfOMYFL-Hh9PBII6-xqTOvQZdG7G722lIji_fLLboRsPVAaX941DlAT6E4ASQHSEzwAgAAAHBSAAAACmgBBwoAkoprs40b21DQTxk0kZGZ4LKA7sT6_GGFDqvZHLFuXNbOQO0mkvMBdU4hl13EfjZLNw6ptE_x-xPVrUwB4_nm-VdXTULx6jTtYZvxPwjo9DcRgeO3sSMpoD1t3hyoS5yWDADo4vzy68Zh7L2UVPNCHYLRwAsbSeA3Tvrc9PqIXxuQhGDgWJhuT4i_E8AKNMaxTtbUmQK5PR4ipkN6kTsDXnJPP71DgtQ0068GMmodq0Xyq5ddQmnHH6qa7pN6gXimf0Ta95zybCdcFc-ycPX0SaNxlN4DTLfK1yoSlJvyRi3BfsndezKN7GbcBlPFl938mtb2ZOFCnjXf4JOQlobPspyZvvRwy72YDVr_ihLKBVvsWXhxndYIVZT10SPk0syuMqeqEADiksBAXppIgEh50czQI4UmFpVaO116uw6zMltsDELw_UHpFsjaSWyUFCljrgX6egeBlW0mTIbKwntDao0eOdAY5eiBCKbPEuCLLTlG0QBxdN_69Ti1YIRc2m85PfEF9JXAvtRjs0WCgXltTNmkEiNr--6GT4Hm6eDpKYsM_h5jAnXSwSBXj7D_njZ6YRd7COjs5KV3nmToPWpE26hPRPwbBpYwB5oHSoz1zxKeecdzX48one2WqJX-9TKmTe_OmKN2HG2CygRyL7GcgYFOwlv-M0IXsj1s79HRE2iaTZUGdUX_6Ax7Wp2eWBlrpStbBYjE8p3LZiBsl91T9CSlAgqlm6TBk8tk58cLXenKaKpAg7oR7sSunziKKbxGwHYrKZZISZJM4IAIVExfO3oxNYWGXkVoQR7EfKVqC0q40LbD6itsgdIfWTj5cNa-ilOdoiS143zpN8ynFS_hcuLvV0jsBqN2SebOkNFziipTmyZUuQ63fSS_cDMqR3ZBkqzJZmd0WUTqUF8aMQVSJJUQHfyiNevkO4AsuOhCjc1kLGbulCPC1o1V_SaLy10sp2lnWW6Cqd3o99hdPajZeBXRBtwmOslHxEbSwFL1QUWQKFiN3DswlPuc7tX3gojhaBQAL2hvmzCrh3r_d9-LobA_EVnQwhDw7w2qZSnJ810IHKiy6bc-XYLhDe8EVdLH8CdG7uHMZszyZIFckX1KvKRxqC_SrS4UgHaDxKziZA Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:806::2002 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
OPTIONS H/1.1	200 OK	views prod-spokesman-proxy-connext.azurewebsites.net/api/ Frame	0 0	275ms 68ms	Preflight	13.85.16.224 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://prod-spokesman-proxy-connext.azurewebsites.net/api/views?UserId=660c89b1f3e80860b9bee2a54377cf02&ConfigCode=SPOKESMAN&SiteCode=SR Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash Request headers Accept */* Access-Control-Request-Headers access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version Access-Control-Request-Method GET Origin https://www.spokesman.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Access-Control-Allow-Headers access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version Access-Control-Allow-Origin * Content-Length 0 Date Sun, 08 Oct 2023 16:51:43 GMT X-Powered-By ASP.NET
GET H/1.1	200 OK	views Show response prod-spokesman-proxy-connext.azurewebsites.net/api/	90 B 1 KB	113ms 112ms	Fetch application/json	13.85.16.224 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://prod-spokesman-proxy-connext.azurewebsites.net/api/views?UserId=660c89b1f3e80860b9bee2a54377cf02&ConfigCode=SPOKESMAN&SiteCode=SR Requested by Host: cdn.pranmcpkx.com URL: https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js?202398 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET Resource Hash bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9 Request headers source-system Plugin site-code SR autoqa false accept-language en-US,en;q=0.9 settingskey null authorization Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3Njg3ODM5MDB9.Gmhs_JfYgDyUmGCTjsgFiIASBpF8URMCmBfi8_mT5i4 ssid db7e100c8801cdd538f8ab79209d4190 environment prod config-code SPOKESMAN User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 content-type application/json access-control-allow-origin * accept application/json location System Referer version Version: 2.8.3.3 Response headers Expires -1 Pragma no-cache Date Sun, 08 Oct 2023 16:51:43 GMT Content-Encoding gzip X-Server-Time 10/8/2023 4:51:44 PM Server Microsoft-IIS/10.0, Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET, ASP.NET Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Access-Control-Expose-Headers X-Server-Time,Request-Context Cache-Control no-cache Content-Length 193 Request-Context appId=cid-v1:89178a64-45a6-45dc-a8d2-b23b3d5b53f0
GET H3	200	collect www.google-analytics.com/	35 B 55 B	81ms 81ms	Image image/gif	2607:f8b0:4020:807::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=109479718&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MeterLevelSet&el=%7B%22MeterDetermineMethod%22%3A%22Dynamic%22%2C%22MeterRuleName%22%3A%22Home%20Page%22%2C%22MeterLevel%22%3A%22Free%22%7D&_u=aCDACEABBAAAAGACIAC~&jid=&gjid=&cid=840703940.1696783898&tid=UA-230256-42&_gid=1429811480.1696783898&gtm=45He3a40n81WQTQTTW&cd1=1696783904235.wj5wolj&cd2=660c89b1f3e80860b9bee2a54377cf02&cd5=Not%20Set&cd6=Unknown&cd7=Free&cd8=Not%20Set&cd9=Not%20Set&cd3=Not%20Set&cd4=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Not%20Set&cd17=1696783904236.0.74rogp7fi1v&cd18=Not%20Set&cd19=Default&cd20=1.2.75.6&z=1903117632 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sat, 07 Oct 2023 20:25:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 73591 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	79ms 79ms	Image image/gif	2607:f8b0:4020:807::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=109479718&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=ConversationDetermined&el=%7B%22ConversationName%22%3A%22Homepage%20Sale%20Promo%22%2C%22MeterLevel%22%3A%22Free%22%2C%22ConversationDateStarted%22%3A%222023-10-08T16%3A51%3A44Z%22%2C%22ConversationDateEnded%22%3A%22Not%20Set%22%2C%22ConversationDateExpiratation%22%3A%222023-11-07T16%3A51%3A44Z%22%2C%22ConversationPaywallLimit%22%3A%22unlimited%22%2C%22ArticleViews%22%3A%221%22%7D&_u=aCDACEABBAAAAGACIAC~&jid=&gjid=&cid=840703940.1696783898&tid=UA-230256-42&_gid=1429811480.1696783898&gtm=45He3a40n81WQTQTTW&cd1=1696783904463.4687s42q&cd2=660c89b1f3e80860b9bee2a54377cf02&cd5=Not%20Set&cd6=Unknown&cd7=Free&cd8=Homepage%20Sale%20Promo&cd9=1&cd3=Not%20Set&cd4=Not%20Set&cd10=unlimited&cd11=unlimited&cd12=2023-10-08T16%3A51%3A44Z&cd13=2023-11-07T16%3A51%3A44Z&cd14=Not%20Set&cd15=Not%20Set&cd16=Not%20Set&cd17=1696783904463.0.p4r91s9aljk&cd18=Not%20Set&cd19=Default&cd20=1.2.75.6&z=1456223815 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sat, 07 Oct 2023 20:25:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 73591 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	79ms 78ms	Image image/gif	2607:f8b0:4020:807::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=109479718&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=PageView&el=%7B%22Page%22%3A%22The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington%22%2C%22ContentType%22%3A%22Not%20Set%22%2C%22MeterLevel%22%3A%22Free%22%7D&_u=aCDACEABBAAAAGACIAC~&jid=&gjid=&cid=840703940.1696783898&tid=UA-230256-42&_gid=1429811480.1696783898&gtm=45He3a40n81WQTQTTW&cd1=1696783904553.gvj6lno4&cd2=660c89b1f3e80860b9bee2a54377cf02&cd5=Not%20Set&cd6=Unknown&cd7=Free&cd8=Homepage%20Sale%20Promo&cd9=1&cd3=Not%20Set&cd4=Not%20Set&cd10=unlimited&cd11=unlimited&cd12=2023-10-08T16%3A51%3A44Z&cd13=2023-11-07T16%3A51%3A44Z&cd14=Not%20Set&cd15=Not%20Set&cd16=Not%20Set&cd17=1696783904553.0.t6uhe7lucvo&cd18=Not%20Set&cd19=Default&cd20=1.2.75.6&z=414641570 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sat, 07 Oct 2023 20:25:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 73591 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	index.js Show response cdn.czx5eyk0exbhwp43ya.biz/	7 KB 2 KB	36ms 35ms	Script text/javascript	2606:2800:11f:1cb7:261b:1f9c:2074:3c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.czx5eyk0exbhwp43ya.biz/index.js Requested by Host: cdn.pranmcpkx.com URL: https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js?202398 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (mic/9B0A) / Resource Hash 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Sun, 08 Oct 2023 16:51:44 GMT content-encoding gzip content-md5 nynBpfvYghYqzIzsvfssRw== age 363964 x-cache HIT content-length 2382 x-ms-lease-status unlocked last-modified Fri, 17 Jun 2022 17:08:13 GMT server ECAcc (mic/9B0A) etag 0x8DA5083F65AD9E0 vary Accept-Encoding content-type text/javascript access-control-allow-origin * x-ms-request-id ba24703a-801e-002f-10b8-f6fa75000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding x-ms-version 2009-09-19
GET H/1.1	200 OK	ad_300_250.jpg paywall-ad-bucket.s3.amazonaws.com/	631 B 1 KB	71ms 71ms	Image image/jpeg	3.5.28.130 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 3.5.28.130 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 16:51:45 GMT Last-Modified Tue, 15 Oct 2019 13:44:16 GMT Server AmazonS3 x-amz-request-id MXDVN4FPSYZM0RZV ETag "ef2cc7f55b7ab677b023e36033e26471" Content-Type image/jpeg Accept-Ranges bytes Content-Length 631 x-amz-id-2 HhLwGGagRkQLjKENfkVSwIT0w+C79RF8KqWyIO4kTuJOJGGBzCT+gS5lHt5aM8o6Qr5vI7LGwiGcGH/NNuGTuzS8/FMyHN1oXXgF/nFRi0s= x-amz-meta-s3b-last-modified 20191015T134358Z
POST H2	204	collect analytics.google.com/g/	0 54 B	103ms 102ms	Ping text/plain	2607:f8b0:4020:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-G3BY0LGVDL&gtm=45je3a40&_p=109479718&cid=840703940.1696783898&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sid=1696783898&sct=1&seg=0&dl=https%3A%2F%2Fwww.spokesman.com%2F&_s=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.spokesman.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	103ms 102ms	Ping text/plain	2607:f8b0:4020:807::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-3LQ9XR9JWD&gtm=45je3a40&_p=109479718&ul=en-us&sr=1600x1200&cid=840703940.1696783898&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&dl=https%3A%2F%2Fwww.spokesman.com%2F&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sid=1696783902&sct=1&seg=0&_s=2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3LQ9XR9JWD&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Sun, 08 Oct 2023 16:51:47 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.spokesman.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	204 No Content	/ adspsp.com/pt/4364783/23/1/	0 110 B	115ms 114ms	Image image/png	52.32.22.4 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://adspsp.com/pt/4364783/23/1/?a=2,a2lnhpbn24AsRsJ53Mau,yNrUtawRfm&aa=00Gumh&a2=T1.m.0.2.10&a3=0,7di,0,1,1,1,1,1,8,8,8,8&b=I1,1J,1,2,:g3,4:,:s5:1k,1,5,6,,:c0:&bi=Uji033tcbMSa1,adbridg_ad_adbdtsiderailmid_1,1009641,spokesmandesktop_homepage_dashboard_300x250,300x250,0.2&bt=tS7akSO&c=https%3A%2F%2Fwww.spokesman.com%2F&d=&f=1.lnhpbki7.2T2jb.3T36y&g=3T9ww&u=Cxf48db65:ln99l37s:16:md&v=18g.xc.0.8ko.1.0&adbj=arfulnhpbmx2fyaq&mp=0.3&adb_cm=t5a&txx=Txx3&rnd=1696783907775 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.32.22.4 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-32-22-4.us-west-2.compute.amazonaws.com Software linux / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Server linux Connection keep-alive Content-Length 0 Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

d31qbv1cthcecs.cloudfront.net

URL

https://d31qbv1cthcecs.cloudfront.net/atrk.js