salem-news.com Open in urlscan Pro
192.241.229.70 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://salem-news.com/
Submission: On December 02 via api (December 2nd 2023, 6:54:32 pm UTC) from US — Scanned from DE

Summary HTTP 157 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 17 domains to perform 157 HTTP transactions. The main IP is 192.241.229.70, located in San Francisco, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is salem-news.com.

This is the only time salem-news.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
47	192.241.229.70 192.241.229.70	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
18	13.32.27.118 13.32.27.118	16509 (AMAZON-02) (AMAZON-02)
1 8	2.17.179.163 2.17.179.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	151.101.1.21 151.101.1.21	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3 14	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	18.239.94.30 18.239.94.30	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:244... 2600:9000:2447:5400:2:8531:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.127 65.9.66.127	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:3::210:ee8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:264... 2600:9000:2644:3a00:a:de49:b100:93a1	16509 (AMAZON-02) (AMAZON-02)
19	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
157	25

47 192.241.229.70 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: salem-news.com

salem-news.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 13.32.27.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-118.fra56.r.cloudfront.net

www.gofundme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.17.179.163 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-179-163.deploy.static.akamaitechnologies.com

oap.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vortex.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.21 (United States) 2 redirects

ASN54113 (FASTLY, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.94.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-30.ams1.r.cloudfront.net

cdn.gofundme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2447:5400:2:8531:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-127.fra56.r.cloudfront.net

gateway.gofundme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:3::210:ee8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:3a00:a:de49:b100:93a1 (United States)

ASN16509 (AMAZON-02, US)

sync.transcend.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	salem-news.com salem-news.com	418 KB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	470 KB
23	gofundme.com www.gofundme.com — Cisco Umbrella Rank: 35350 cdn.gofundme.com — Cisco Umbrella Rank: 41875 gateway.gofundme.com — Cisco Umbrella Rank: 39593	805 KB
15	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	124 KB
8	accuweather.com 1 redirects oap.accuweather.com — Cisco Umbrella Rank: 74361 vortex.accuweather.com — Cisco Umbrella Rank: 36036 www.accuweather.com — Cisco Umbrella Rank: 15462	118 KB
7	transcend.io cdn.transcend.io — Cisco Umbrella Rank: 5151 sync.transcend.io — Cisco Umbrella Rank: 10348	154 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	42 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	2 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	47 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	191 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	299 KB
3	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1965	4 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	97 KB
2	paypal.com 2 redirects www.paypal.com — Cisco Umbrella Rank: 2085	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6765	408 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	12 KB
157	17

	Domain	Requested by
47	salem-news.com	salem-news.com ajax.googleapis.com
19	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	www.gofundme.com	salem-news.com www.gofundme.com
14	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	pagead2.googlesyndication.com	salem-news.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.googleadservices.com	salem-news.com
6	cdn.transcend.io	www.gofundme.com cdn.transcend.io sync.transcend.io
5	vortex.accuweather.com	oap.accuweather.com vortex.accuweather.com
5	www.google.com	2 redirects salem-news.com tpc.googlesyndication.com
4	www.google-analytics.com	salem-news.com www.google-analytics.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	cdn.gofundme.com	www.gofundme.com
3	www.googletagmanager.com	www.google-analytics.com cdn.transcend.io www.gofundme.com
3	www.paypalobjects.com	salem-news.com
2	www.accuweather.com	1 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	gateway.gofundme.com	www.gofundme.com
2	www.paypal.com	2 redirects
2	ajax.googleapis.com	salem-news.com
1	www.google.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	sync.transcend.io	cdn.transcend.io
1	snap.licdn.com	www.gofundme.com
1	region1.google-analytics.com	www.googletagmanager.com
1	oap.accuweather.com	salem-news.com
157	27

This site contains links to these domains. Also see Links.

Domain
www.cafepress.com
www.salem-news.com
www.accuweather.com
willamette.cafebonappetit.com
www.willamettequeen.com
www.oregonlegislature.gov
deepwoodmuseum.org
salemart.org
www.lordandschryverconservancy.org
auctionmasters.biz
www.myconstructionroofing.com
www.vipmay.com
www.mercurynews.com
purekana.com
premiumjane.com
www.dhgate.com
www.corsetwe.com
www.advancedwriters.com
internationaldriversassociation.com
www.buyatimeshare.com
www.laweekly.com
www.iraqwarheroes.com
eatsalem.com

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
*.gofundme.com Go Daddy Secure Certificate Authority - G2	`2023-09-12` - `2024-10-13`	a year	crt.sh
*.accuweather.com DigiCert TLS RSA SHA256 2020 CA1	`2023-08-14` - `2024-07-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
transcend.io Amazon RSA 2048 M02	`2023-06-20` - `2024-07-18`	a year	crt.sh
gateway.gofundme.com Amazon RSA 2048 M02	`2023-07-12` - `2024-08-10`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 17 frames:

Primary Page: http://salem-news.com/
Frame ID: 4D2BA8C26CABA5863A3AD5C54D18B99F
Requests: 76 HTTP requests in this frame

Frame: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Frame ID: F1F10D04FD16BD785E6F3A2F0ECE8187
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: F542DE80FEAA7ED529CDC919693010E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=3720366759&adf=3678085072&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265781&bpp=114&bdt=333&idt=334&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=4055791116417&frm=20&pv=2&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=367
Frame ID: 40CAE5AC0025A6D142ED98A73BEC5BF7
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=717473361&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265784&bpp=112&bdt=336&idt=389&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=390
Frame ID: 3BA94D5030B94BAED45B2490888717EB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=274575307&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265786&bpp=110&bdt=338&idt=407&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=408
Frame ID: 15FBE69573056BC4128314692B47CC89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=660775685&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265786&bpp=111&bdt=339&idt=478&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=480
Frame ID: C7D0B7DEDD96290B32E1E86BE84E09EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=1295419900&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265787&bpp=110&bdt=339&idt=524&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=4313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=526
Frame ID: 1810D0758CDD0FED4F8B8C9A3766197C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&adk=1812271804&adf=3025194257&lmt=1701543266&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701543265921&bpp=1&bdt=473&idt=416&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368%2C8216531368&nras=1&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&dtd=423
Frame ID: 4B7AFBDE1E34557EB9E705FA38EA2331
Requests: 1 HTTP requests in this frame

Frame: https://sync.transcend.io/consent-manager/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc
Frame ID: CE32A6615A365018C6AEC3FECCA08E3E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5DBC56045931BC422F671CE1A56A0EDD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 312DCC5FE83C02ED2739927E102316EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D774B45080EDE895374BE40CEB8EE5EF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 5065B5CF2A4D4B1D0B437346407CEB66
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 807645E61C68481A572B81B03FC1E80F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 22541777C65CE0B795878B000D840890
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6BD7405885F05DC01F082F6FF60A869D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Salem-News.Com News from Salem Oregon and the surrounding region.

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

157
Requests

62 %
HTTPS

68 %
IPv6

17
Domains

27
Subdomains

25
IPs

3
Countries

2782 kB
Transfer

7307 kB
Size

13
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: http://www.cafepress.com/newzstore
Title: Company Store

Search URL Search Domain Scan URL

URL: http://www.salem-news.com/rss/rss.xml
Title: RSS Subscribe

Search URL Search Domain Scan URL

URL: http://www.salem-news.com/channel/cannabis
Title: SPECIAL SECTIONCannabis De-Classified

Search URL Search Domain Scan URL

URL: http://www.salem-news.com/tagged/Medical_marijuana/0
Title: PTSD - Medical MarijuanaToxicology - Pharmacology

Search URL Search Domain Scan URL

URL: https://www.accuweather.com/en/us/salem-or/97301/weather-forecast/330144

Search URL Search Domain Scan URL

URL: https://www.accuweather.com/en/free-weather-widgets?utm_source=salem-news-com&utm_medium=oap_weather_widget&utm_term=link_get_widget&utm_content=accuweather&utm_campaign=current
Title: Get this widget

Search URL Search Domain Scan URL

URL: https://www.accuweather.com/en/free-weather-widgets?utm_source=salem-news-com&utm_medium=oap_weather_widget&utm_term=link_get_widget_footer&utm_content=accuweather&utm_campaign=current
Title: Get widget

Search URL Search Domain Scan URL

URL: http://willamette.cafebonappetit.com/
Title: Goudy Commons Cafe

Search URL Search Domain Scan URL

URL: http://www.willamettequeen.com/
Title: Willamette Queen Sternwheeler

Search URL Search Domain Scan URL

URL: https://www.oregonlegislature.gov/capitolhistorygateway/Pages/Tours.aspx
Title: Capitol History Gateway

Search URL Search Domain Scan URL

URL: http://deepwoodmuseum.org/
Title: Deepwood Museum

Search URL Search Domain Scan URL

URL: https://salemart.org/programs/bush-house-museum/
Title: The Bush House

Search URL Search Domain Scan URL

URL: http://www.lordandschryverconservancy.org/visit.html
Title: Gaiety Hollow Garden

Search URL Search Domain Scan URL

URL: http://auctionmasters.biz/
Title: Auction Masters & Appraisals

Search URL Search Domain Scan URL

URL: http://www.myconstructionroofing.com/
Title: Roofing and ContractingSheridan, Ore.

Search URL Search Domain Scan URL

URL: https://www.vipmay.com/
Title: Special Occasion Dresses

Search URL Search Domain Scan URL

URL: https://www.mercurynews.com/2021/10/05/top-solar-installers-find-the-best-installation-company-near-you/
Title: solar installers

Search URL Search Domain Scan URL

URL: https://purekana.com/
Title: PureKana CBD

Search URL Search Domain Scan URL

URL: https://premiumjane.com/
Title: Premium Jane CBD

Search URL Search Domain Scan URL

URL: http://www.dhgate.com/
Title: Buy wholesale

Search URL Search Domain Scan URL

URL: https://www.corsetwe.com/corsets/black-corset.html
Title: black corsets

Search URL Search Domain Scan URL

URL: https://www.advancedwriters.com/
Title: AdvancedWriters

Search URL Search Domain Scan URL

URL: https://internationaldriversassociation.com/
Title: International Drivers Association

Search URL Search Domain Scan URL

URL: https://www.buyatimeshare.com/timeshares/Bluegreen-Resorts.asp
Title: Bluegreen timeshare

Search URL Search Domain Scan URL

URL: https://www.buyatimeshare.com/resorts/Bluegreen-Points.asp
Title: Bluegreen points

Search URL Search Domain Scan URL

URL: https://www.laweekly.com/the-3-best-places-to-buy-kratom-online-in-2023-a-guide-from-laweekly/
Title: Where To Buy Kratom Online

Search URL Search Domain Scan URL

URL: http://www.iraqwarheroes.com/

Search URL Search Domain Scan URL

URL: http://eatsalem.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif HTTP 301
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Request Chain 42

https://www.paypal.com/en_US/i/scr/pixel.gif HTTP 301
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Request Chain 52

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 108

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 110

https://googleads.g.doubleclick.net/pagead/adview?ai=CuZnOYn1rZdDIEubVvcAPg62luAXMj86zdMjKidmkELCQHxABILjmqwRglYKAgLgHoAH34pu0KMgBAqgDAcgDyQSqBPgBT9ABsZ2zLk7BrljmmaEBAxcVJc9JJkhumZ_vRGn0oKIaAR4vIlzKhrdohS4-JbvWwpC6wd768JRZhyO_4SR5FH7GTYpkIBeC1Jyy39UrTSBXgzXpCeiBNUzexm7gdme9Gxnt2k2aHIh-avL4dIkzhZcAxT29r5FN2jhs9CV8qsrq0LqkOvNDka2agnEBMtvP9m6iTlDZioFdWXDrlXyKDMVKqsbUHyuvc69l8wcYz-VMBj4YJrR-iuyzZMoouTrvP_3CTMf2KJHRvhH4dvTi1aTJ4ZuBlwOKDUo0Za8kB-27pKjr9fDw6ViwFPAFzFUivTLcjaREQ0PABPCi3qmiBIgFnc2AjkSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH95rskwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCstwXSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WKnCzM-28YIDmgk9aHR0cHM6Ly9mcmVlLndlYmNvbXBhbmlvbi5jb20vbWluaW1lL2RlLz9jYW1wYWlnbj0xODI4Mjk4MTAyMYAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtgTDdAVAYAXAbIXHAoaCAASFHB1Yi02MTk1MDYzNTIxMjQxOTc5GAA&sigh=sTV9ziVf6hU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNo3Rrtw79iLoBqDxChVun0rTgzZSKMAOKOUmBLpIHwZpiqlyzvfNBdadw1uHj-vhBAs7_YqwRkLuj6fGP7hWh2xHYWPUCpswndxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213560642671324098881%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214783340328480966065%22}&andc=true

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 134

https://googleads.g.doubleclick.net/pagead/adview?ai=CFrSWYn1rZeXNE8OevcAPoNqw8A7Qt8eidKb4y8ORErbs7OyuCRABILjmqwRglYKAgLgHoAHko9qSKsgBCagDAcgDywSqBP8BT9Awc1WOgenisG-Gg4SOwgg-Xw00wj7EunwrPRLzTt-bEjc-UhdBNBUqGLzhwjZbkPSqoYQ_iE7vhipmahzzlcnLT66BqbKTi5y0LbL_tNET0z-egGtKjSqkuuHAxLOJHkpodNWPMfglvLgyh3j-6cICTyEwMB3gEqS9LHztTHPyDWvCG0OqPvMmzLxzIQZzZCnrxilSaZs_HqoiktlPdQhvv39HQPkW4IHTi_O1rKbgOpIOuyPt0VyLCyR3N6LlZLVM9MMGGmIWGIKhMHntTi7YnAlLMHyhch2q12GyYUP_CFk_27V2_M50ZOQL9HbHiT6Cj4P8qnmdlHkVkj37wATWxuylzASIBeGw99hMkgUECAQYAZIFBAgFGASgBi6AB-TbqvIEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQpfIE0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOli1_s3PtvGCA5oJ8wNodHRwczovL2xpZmVzdHlsZXRyZW5kc2hxLmNvbS9jb250YWluZXItaG9tZXMtZGUtMi8_dXRtX3NvdXJjZT1nb29nbGUmdXRtX2NhbXBhaWduPTIwNTg3NTk5OTY5JnV0bV9jb250ZW50PTE1NzkxOTQyMTI3MCZ1dG1fbWVkaXVtPXNhbGVtLW5ld3MuY29tJnV0bV90ZXJtPSZzdWJpZD0yMDU4NzU5OTk2OV8xNTc5MTk0MjEyNzAmc2VnbWVudD1jMnNsaWZlc3R5bGV0cmVuZHNocTAwMDEmZ2FtaWQ9QVctMTEzMTM1MTcwMjgmZ2NsY2lkPUFXLTExMzEzNTE3MDI4L2JmNmFDSkQ4NWVFWUVPU2oycElxJmZvcmNlS2V5QT1IJUMzJUE0dXNlcitpbitTY2hpZmZzY29udGFpbmVybit6dSt2ZXJrYXVmZW4mZm9yY2VLZXlCPUNvbnRhaW5lcmglQzMlQTR1c2VyJmZvcmNlS2V5Qz1IYXVzK3ZlcmthdWZlbiZmb3JjZUtleUQ9S2F1ZmVuK1NpZStlaW4rc2NobCVDMyVCQ3NzZWxmZXJ0aWdlcytDb250YWluZXJoYXVzJmZvcmNlS2V5RT1Db250YWluZXJoYXVzLUJ1bmdhbG93JmNjb2RlPWRlgAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxArgT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItNjE5NTA2MzUyMTI0MTk3ORgA&sigh=TBgO6iynmLo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN6yVwu7p_zw8cs63jFN_YYxc0INNWgERM1s6VUSXFjRN9cOm192bZA4u5hYQcGL9P3KDBVBXEBS6POwi6RZn4PA1m52KIp3TkMekYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214859628132571599702%22,%22debug_reporting%22:true,%22destination%22:%22https://lifestyletrendshq.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211313517028%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22346457912795431809%22}&andc=true

Request Chain 136

https://googleads.g.doubleclick.net/pagead/adview?ai=CCJZUYn1rZcuhHNqUvcAP0dCPiAnKjq_KdN71yLGmEtrZHhABILjmqwRglYKAgLgHoAGG76uVAsgBAqgDAcgDyQSqBP4BT9BQpbMyyfP01qPKyjuhIx970ncNb5-ouo_QeY1sX0jAgsvvPMbV5mMrc0NXYiuiI7M0qo_UGU3ih0uXUeqnbmGESybqpPVIYO3BlaHIwa5YI3JQqtKUVYAYMWki6sR5M4_Icfw5GWowILGeaQQVvk5x2xaD1Wu3Mx2HxNiKHqhJiFWe-CPfpbEeTvNOtaxA0zAwK0JThtet1JBNrDaUhZ9hXJEsHsfQ14kLQw6w8gDlicW6tqUgEJrNHQzetNcZJE372ZvncmYFBpVHyBg8nojKFttPsQu1kCAywkG_s9AtwVGVFgzydXSiVc1rO3DxPIZyi_LsgA7ee-x4GmHABIjTldfJBIgFofDrgE2SBQQIBBgBkgUECAUYBKAGAoAH4pDU6gGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCdxwLSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WMO81s-28YIDmgnqAWh0dHBzOi8vd3d3LmNvdG9zZW4uY29tL2FjdGl2aXR5L2hvdC1zYWxlLTY4MTEvP3RzcHU9U1AyMzA5MTNVQlkzLFNQMjIxMjEzT0FLVixTUDIyMTAxMkRQTU8sU1AyMzExMjQ4VTlMLFNQMjMxMTAyNlRTTyxTUDIzMTEwM1M5VjcsU1AyMTExMjNJNlFZLFNQMjMwNzIwS0xIUCxTUDIzMTExMVlOTUMsU1AyMjA4MjYzQzROLFNQMjMxMDEyV0QzNixTUDIyMTIyMlFETUQsU1AyMzEwMjMzNU9ULFNQMjMwODE1RUxTUoAKAcgLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNjE5NTA2MzUyMTI0MTk3ORgA&sigh=qBg3V4xFE1I&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNdML1mWManhTMk_a4IhHENV_QAqZLLSGf5Pa6lv3OpEUoTHKjFMeAYLPyoTz8WCx69GsRxieYnbsVZsYuySoHC-t6PIgvOQTO4BgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213102160095711250101%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581629830%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224919028929322321313%22}&andc=true

Request Chain 138

http://www.accuweather.com/ajax-service/oap/current?callback=jQuery191021674578306122894_1701543265850&uid=awcc1495048023036&locationkey=&unit=f&language=en-us&useip=true&targeturl=http%3A%2F%2Fsalem-news.com%2Fsevenday%2Findex.php&css=&_=1701543265851 HTTP 301
https://www.accuweather.com/ajax-service/oap/current?callback=jQuery191021674578306122894_1701543265850&uid=awcc1495048023036&locationkey=&unit=f&language=en-us&useip=true&targeturl=http%3A%2F%2Fsalem-news.com%2Fsevenday%2Findex.php&css=&_=1701543265851

Request Chain 152

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

157 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
salem-news.com/ 61 KB
16 KB 448ms
175ms Document
text/html 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) / PHP/5.3.10-1ubuntu3.26
Resource Hash: 60daeea203aee456b836e399b25d5677bce0c2076d228807f2cfc95de4930074

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 02 Dec 2023 18:50:52 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.2.22 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.10-1ubuntu3.26

GET
H/1.1 200
OK sn.css
salem-news.com/css/ 7 KB
2 KB 159ms
158ms Stylesheet
text/css 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://salem-news.com/css/sn.css
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 6d777e128fb84a4ecd883849c0d7f3ea2d90c0360965ad5fc870715e9fc45022

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Sep 2013 03:37:50 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "208451-1c7d-4e57269beff80"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1943

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
34 KB 14ms
7ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: salem-news.com
URL: http://salem-news.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 17:23:55 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 264630
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 33593
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 28 Nov 2024 17:23:55 GMT

GET
H/1.1 200
OK jquery-ui.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/ 232 KB
62 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js

Requested by

Host: salem-news.com
URL: http://salem-news.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 29 Nov 2023 10:52:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 288119
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 62563
X-XSS-Protection: 0
Last-Modified: Fri, 27 Jan 2023 21:54:31 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 28 Nov 2024 10:52:26 GMT

GET
H/1.1 200
OK jquery-ui-1.9.2.custom.min.css
salem-news.com/css/redmond/ 15 KB
3 KB 316ms
158ms Stylesheet
text/css 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://salem-news.com/css/redmond/jquery-ui-1.9.2.custom.min.css
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: fdad85fd06357e62d3b63d49ffc4b352db761a8c31db32aec67ba981f303f7fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Content-Encoding: gzip
Last-Modified: Sat, 15 Dec 2012 22:47:23 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "20846b-3d45-4d0ebee6f34c0"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2911

GET
H/1.1 200
OK poweredby_FFFFFF.gif
www.google.com/images/poweredby_transparent/ 488 B
1 KB 21ms
15ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/poweredby_transparent/poweredby_FFFFFF.gif

Requested by

Host: salem-news.com
URL: http://salem-news.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:54:25 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Type: image/gif
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 488
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Expires: Sat, 02 Dec 2023 18:54:25 GMT

GET
H/1.1 200
OK tjp-1.jpg
salem-news.com/nphotos/ 8 KB
8 KB 303ms
160ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/nphotos/tjp-1.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 3077aac5c53527a4764bf45c64154cea8921af2da25096c28ee403b579c9b029

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Mon, 09 Jun 2014 08:14:05 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2834fc-1e01-4fb62cb6ce22b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 7681

GET
H/1.1 200
OK thpot_leaf_thumbs_up-350.jpg
salem-news.com/stimg/2012/thumbs/ 9 KB
10 KB 279ms
158ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thpot_leaf_thumbs_up-350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: b7a16954120a4fcc5e1214138706474f4dbca9cfa7cd15eaa3cf615e382a2b3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Sat, 18 Nov 2023 08:32:55 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f6f-258a-60a6919731a58"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9610

GET
H/1.1 200
OK themployee_recognition350.jpg
salem-news.com/stimg/2012/thumbs/ 11 KB
11 KB 164ms
161ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/themployee_recognition350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: bc5d352be9fcdb0f9483ba4abc3f87322d2f29fca5d7d4e7503133ad659f008b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Sat, 18 Nov 2023 09:03:12 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f70-2a3d-60a6985c57312"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 10813

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 25 KB
11 KB 53ms
46ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: salem-news.com
URL: http://salem-news.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a7fc2f1fc7012efd2b677b916dd33a500f98428e214db1c34a87b9baa0aa19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:54:25 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2377936615145097167
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 10589
X-XSS-Protection: 0
Expires: Sat, 02 Dec 2023 18:54:25 GMT

GET
H/1.1 200
OK thcease_fire-350.jpg
salem-news.com/stimg/2012/thumbs/ 9 KB
10 KB 180ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thcease_fire-350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 188bb1d3367ca5f38f23691125569df1cf1f98bfc6c96105758cb9c5e0f6aece

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Tue, 07 Nov 2023 01:15:11 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f6d-259c-60985b3bf85b7"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9628

GET
H/1.1 200
OK 1339746808.jpg
salem-news.com/gphotos/ 9 KB
9 KB 299ms
158ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/gphotos/1339746808.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 4c9c0bd30ea7c18ad8eaec470ca5d594a0b43291cd814f15c10485e23fc100e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Fri, 15 Jun 2012 07:53:31 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "227548-240d-4c27e1cc234c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9229

GET
H/1.1 200
OK 1220240434.jpg
salem-news.com/gphotos/ 10 KB
10 KB 162ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/gphotos/1220240434.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: adbda63eddcb8adba7a43fe15c6d0bec2367695e2074b5b96270c2bf5813cf66

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Mon, 01 Sep 2008 03:40:37 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "223ba6-272a-455cd5dc9b740"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 10026

GET
H/1.1 200
OK thipc_logo-350.jpg
salem-news.com/stimg/2012/thumbs/ 7 KB
7 KB 160ms
160ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thipc_logo-350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: b7b777b658f7d547e39e268662498f378ba5e39f6c32347f825b5b7ccfaccda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Tue, 07 Nov 2023 01:50:46 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f6e-1c41-60986330493ba"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 7233

GET
H/1.1 200
OK thgaza_fence_down-350.jpg
salem-news.com/stimg/2012/thumbs/ 10 KB
11 KB 480ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thgaza_fence_down-350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: e46c3cf698504822a851df2c84cdcca9f62c2c09890f083541bb50ea016478db

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Sun, 08 Oct 2023 03:51:17 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f6c-28f8-6072c62cd3f0f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 10488

GET
H/1.1 200
OK thisrael-palestine_flag350.jpg
salem-news.com/stimg/2012/thumbs/ 9 KB
10 KB 288ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thisrael-palestine_flag350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: c06e4410d24951c9bc4e29dad8151c1763a8e0200d518199c7ff5980997b5122

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Tue, 10 Oct 2023 06:29:12 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4efa-25c0-60756d335454f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 9664

GET
H/1.1 200
OK vc.jpg
salem-news.com/graphics/ 814 B
1 KB 282ms
157ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/graphics/vc.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: fbd9d31a2a3e4eb50342e65b3fca5ee367cfdb626f85571bca56376fd9fcc7f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Sat, 13 May 2006 16:16:51 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2427d6-32e-413adc7e842c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 814

GET
H/1.1 200
OK thhorse+paint-350.jpg
salem-news.com/stimg/2012/thumbs/ 10 KB
10 KB 302ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thhorse+paint-350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 9aec1dbe7374063ae2a777d91c1caa0216e35d0b1536bb5674e2e83cf36f3f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Sun, 08 Oct 2023 00:49:54 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f6b-26a2-60729da1b82d5"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 9890

GET
H/1.1 200
OK thus_capitol_jan6_2021.jpg
salem-news.com/stimg/2012/thumbs/ 9 KB
9 KB 160ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thus_capitol_jan6_2021.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 69bde83057e3e3193b6b27e7e7a1fa6c31e0a15cee27553b8ec526bfcd9188d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Wed, 20 Sep 2023 20:38:58 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4daa-2411-605d05d64e68d"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9233

GET
H/1.1 200
OK thnasa_sts-75.350.jpg
salem-news.com/stimg/2012/thumbs/ 7 KB
7 KB 160ms
160ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thnasa_sts-75.350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 1be4cf253c424652647839d16c2b34b2ca8d8b1e5d216b7f3dfc68bd187f8867

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Wed, 20 Sep 2023 00:06:01 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f68-1b3e-605bf240779e5"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6974

GET
H/1.1 200
OK 1342506456.jpg
salem-news.com/gphotos/ 5 KB
6 KB 157ms
157ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/gphotos/1342506456.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: bfcc9c4a8d874c2f858efdadcb0f4f1f3d9a1b8a395b8ebeb6031944da4eb4a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Tue, 17 Jul 2012 06:27:38 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "227769-157d-4c500a489aa80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5501

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 43 B
442 B 83ms
47ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: salem-news.com
URL: http://salem-news.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBC) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 44dbe3fea9359
dc: ccg11-origin-www-1.paypal.com
content-length: 43
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (frc/4CBC)
traceparent: 00-000000000000000000044dbe3fea9359-d84c23b7606d6317-01
etag: "5d5637be-2b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 02 Dec 2023 19:54:25 GMT

GET
H/1.1 200
OK 1342506474.jpg
salem-news.com/gphotos/ 5 KB
5 KB 157ms
157ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/gphotos/1342506474.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 032a8e307993735afc56cc3d3ee8d6e48ed2ac1ed355c7c64cd8487030eb622a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Tue, 17 Jul 2012 06:27:56 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "22776a-149f-4c500a59c5300"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5279

GET
H/1.1 200
OK 1342506490.jpg
salem-news.com/gphotos/ 5 KB
6 KB 158ms
158ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/gphotos/1342506490.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: a7e57d2c9b793a1704cf7100df44c7ffedc1c9354df7f0fc7b989b42010ee86c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Tue, 17 Jul 2012 06:28:12 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "22776b-1513-4c500a6907700"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5395

GET
H/1.1 200
OK 1342506505.jpg
salem-news.com/gphotos/ 6 KB
6 KB 159ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/gphotos/1342506505.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: af9a57271ee08c3ab3dafcb1c35e5e881721f89b33f33173531ef4a151af1201

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Tue, 17 Jul 2012 06:28:27 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "22776c-165c-4c500a77558c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5724

GET
H/1.1 200
OK 1342506519.jpg
salem-news.com/gphotos/ 5 KB
6 KB 159ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/gphotos/1342506519.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: e75ef3c11d0d3b2f841e8e07a6f82bdd8b3e54085997418ef107479efebbcf09

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Tue, 17 Jul 2012 06:28:41 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "22776d-150a-4c500a84af840"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5386

GET
H/1.1 200
OK 1342506533.jpg
salem-news.com/gphotos/ 5 KB
5 KB 161ms
160ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/gphotos/1342506533.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: e6969ac810744e45841920273702f7b5eea59b1bd4b963ba052f48b7d655a11d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Tue, 17 Jul 2012 06:28:54 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "22776e-14c2-4c500a9115580"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5314

GET
H/1.1 200
OK 1342506546.jpg
salem-news.com/gphotos/ 6 KB
6 KB 158ms
158ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/gphotos/1342506546.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 66a90fc0eab330da5d186b06a1f7526e7ce7ec0dddeaf42ede8bab46429aad6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Tue, 17 Jul 2012 06:29:08 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "22776f-1655-4c500a9e6f500"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 5717

GET
H/1.1 200
OK 1342506561.jpg
salem-news.com/gphotos/ 5 KB
6 KB 158ms
158ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/gphotos/1342506561.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 4b1631c611c13425f58f76a0e8252f5a4c4ec4cdd9235b88a734b419e1d03e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Tue, 17 Jul 2012 06:45:32 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "227770-1581-4c500e48d9b00"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5505

GET
H/1.1 200
OK thdorece_sam-350.jpg
salem-news.com/stimg/2012/thumbs/ 10 KB
10 KB 158ms
158ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thdorece_sam-350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 565094c22d6752044ea6fd47d572c205542e867bca1ee533c648a2c506087aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Mon, 11 Sep 2023 10:10:30 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f67-2819-60512893acc2c"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 10265

GET
H2 200 embed.js Show response
www.gofundme.com/static/js/ 888 B
1 KB 47ms
10ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/static/js/embed.js
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19adb8e1f6960d45a05c1a04f63a9d656706bb345a630d31e0042e2c77cf4ffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 20:00:44 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Fri, 29 Nov 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Wed, 29 Nov 2023 18:09:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 255222
etag: "b9884aa61954cafb2b8de5fffcf2cb47"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 888
x-amz-cf-id: R_uDanMYHkQAck3J4emFw19UnjtS_bEitEfUQHgDz5XmITQySpdpTA==

GET
H/1.1 200
OK thrfkvaxbook350.jpg
salem-news.com/stimg/2012/thumbs/ 17 KB
17 KB 160ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thrfkvaxbook350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 90354c2817fc223875574baffd036bb1041d5f56de7028eb724a5c3941691e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Sat, 09 Sep 2023 01:08:33 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f66-4249-604e2bb6e16aa"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 16969

GET
H/1.1 200
OK thlabor_day-350.jpg
salem-news.com/stimg/2012/thumbs/ 13 KB
13 KB 159ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thlabor_day-350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 765aaacbe9b34b21f019208ed14620d557cb039cd22a68019104a8e7d7da7702

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Fri, 08 Sep 2023 01:29:19 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f65-33ff-604cee7d2bdeb"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 13311

GET
H/1.1 200
OK thwarm_springs_res.jpg
salem-news.com/stimg/2012/thumbs/ 10 KB
10 KB 161ms
161ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thwarm_springs_res.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: c115adf4dd85c1f13fd4723cf45e4c21f83bf1607b2cf803fac917f4e3513829

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Fri, 01 Sep 2023 03:12:35 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f63-262d-60443883a2d08"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 9773

GET
H/1.1 200
OK thdead_fish-1_350.jpg
salem-news.com/stimg/2012/thumbs/ 9 KB
9 KB 157ms
157ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thdead_fish-1_350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 9bb30e2bc446aa2301690bf87752244412e4e23f2756a0f4839539cca6dc9174

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Tue, 15 Aug 2023 00:36:22 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f60-2407-602eb5e3f8f96"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 9223

GET
H/1.1 200
OK thbeach_birds-jonmonroe350.jpg
salem-news.com/stimg/2012/thumbs/ 14 KB
14 KB 157ms
157ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thbeach_birds-jonmonroe350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 25b3ea23988624592d1290004418dc7d0066a4a5087656d1bcf650a2e0c983ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Thu, 31 Aug 2023 20:17:09 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f62-36bc-6043dba8dc74b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 14012

GET
H/1.1 200
OK thmaui_fires-google350.jpg
salem-news.com/stimg/2012/thumbs/ 7 KB
7 KB 158ms
158ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thmaui_fires-google350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 88ea1fa6dd07a757f7c271f640f0c984180f46e001ad52c663fe3e827766dc79

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Fri, 11 Aug 2023 04:05:49 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f5f-1ccd-6029dd3ee7833"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 7373

GET
H/1.1 200
OK thsinead-rips-the-pope350.jpg
salem-news.com/stimg/2012/thumbs/ 10 KB
11 KB 159ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thsinead-rips-the-pope350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 5fe7d225fa2af2d7a7faafb430f93c1910b58cbf8d9761c5f14fcd9e9f75aa0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Fri, 04 Aug 2023 00:14:05 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f5d-28e5-6020dc659f276"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 10469

GET
H/1.1 200
OK thcluster_bomb-350.jpg
salem-news.com/stimg/2012/thumbs/ 9 KB
9 KB 159ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thcluster_bomb-350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 2f85f7bf91ca6c32ce88373355f45e4d9f8ef5108456bee9031038fd1ac53d09

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Thu, 27 Jul 2023 01:18:05 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f5a-24b9-6016dbc7e31d8"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 9401

GET
H/1.1 200
OK thbedrock_fire_4488-350.jpg
salem-news.com/stimg/2012/thumbs/ 8 KB
9 KB 158ms
158ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thbedrock_fire_4488-350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 43c8024ea22de1aee05a017907ce857fd3b53ffb32f93dc94c68bc0c16af50b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Wed, 26 Jul 2023 01:00:04 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f59-20ee-601595e393a76"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 8430

GET
H/1.1 200
OK thiaea_report_japan350.jpg
salem-news.com/stimg/2012/thumbs/ 7 KB
8 KB 161ms
161ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/2012/thumbs/thiaea_report_japan350.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 134e1f5b534c68700dca4e7b9f91e7ff5123e11d2efdd6e54c846ca053b973a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Fri, 21 Jul 2023 21:43:49 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c4f56-1d30-6010628fecaa3"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 7472

GET
H2 200 launch.js Show response
oap.accuweather.com/ 17 KB
6 KB 100ms
14ms Script
application/javascript 2.17.179.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oap.accuweather.com/launch.js
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.179.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-179-163.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 640c9cbb97ba18dc1bcde7f36eed441db79a02b0912d0f4325d4b475d3b84565

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:25 GMT
content-encoding: gzip
last-modified: Thu, 16 Feb 2017 19:04:02 GMT
server: Microsoft-IIS/8.5
etag: "8513a708788d21:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
servername: origin-v01
accept-ranges: bytes
content-length: 6333

GET
H2

200

btn_donateCC_LG.gif
www.paypalobjects.com/en_US/i/btn/
Redirect Chain

https://www.paypal.com/en_US/i/btn/btn_donateCC_LG.gif
https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

3 KB
3 KB

9ms
8ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif

Requested by

Host: salem-news.com
URL: http://salem-news.com/

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF2) /

Resource Hash

33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: f42b14747710f
dc: ccg11-origin-www-1.paypal.com
content-length: 3099
last-modified: Thu, 27 May 2021 14:20:07 GMT
server: ECAcc (frc/4CF2)
traceparent: 00-0000000000000000000f42b14747710f-8b4868ec1f4b8f85-01
etag: "60afaa97-c1b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 02 Dec 2023 19:54:25 GMT

Redirect headers

date: Sat, 02 Dec 2023 18:54:25 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f8180963ec8d0
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-served-by: cache-fra-etou8220082-FRA, cache-fra-etou8220082-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f8180963ec8d0-85dd5f372c67f3c9-01
x-timer: S1701543266.668686,VS0,VE156
location: https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2

200

pixel.gif
www.paypalobjects.com/en_US/i/scr/
Redirect Chain

https://www.paypal.com/en_US/i/scr/pixel.gif
https://www.paypalobjects.com/en_US/i/scr/pixel.gif

43 B
95 B

8ms
8ms

Image
image/gif

192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: salem-news.com
URL: http://salem-news.com/

Protocol

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBC) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:25 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 44dbe3fea9359
dc: ccg11-origin-www-1.paypal.com
content-length: 43
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (frc/4CBC)
traceparent: 00-000000000000000000044dbe3fea9359-d84c23b7606d6317-01
etag: "5d5637be-2b"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
expires: Sat, 02 Dec 2023 19:54:25 GMT

Redirect headers

date: Sat, 02 Dec 2023 18:54:25 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: f818096ebdbb3
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 0
x-served-by: cache-fra-etou8220082-FRA, cache-fra-etou8220082-FRA
accept-ch: Sec-CH-UA-Full
traceparent: 00-0000000000000000000f818096ebdbb3-38d9d06b1fc932fd-01
x-timer: S1701543266.680957,VS0,VE163
location: https://www.paypalobjects.com/en_US/i/scr/pixel.gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
origin-trial: AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H/1.1 200
OK legal_notice_AD.160.jpg
salem-news.com/stimg/adimg/ 13 KB
13 KB 286ms
158ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/adimg/legal_notice_AD.160.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 2f7b5f6365163c37daeefc494f041cd181de38fbf9499e68da1de2eab10feab3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Thu, 27 Oct 2011 19:35:50 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c2dd8-341e-4b04ce1415180"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 13342

GET
H/1.1 200
OK cannabis_ad-2.160.jpg
salem-news.com/stimg/adimg/ 35 KB
35 KB 158ms
158ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/adimg/cannabis_ad-2.160.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 48048f34cf11962d4837a2f1f659afd79b26f76e519de06239a55275280ac8d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Wed, 23 Feb 2011 05:55:25 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c2db0-8ad9-49cecbe412d40"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 35545

GET
H/1.1 200
OK soldier_pix_tile.136.jpg
salem-news.com/stimg/adimg/ 14 KB
14 KB 158ms
158ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/adimg/soldier_pix_tile.136.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: a5c42a65ca37c60e289e38521c822c73dff57156d9da86fee8f39012c0d5d05e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Sun, 24 Feb 2008 19:16:19 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c2def-36e1-446ec4a4366c0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 14049

GET
H/1.1 200
OK eat_salem-TILE.jpg
salem-news.com/stimg/adimg/ 10 KB
11 KB 160ms
159ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/stimg/adimg/eat_salem-TILE.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 38df18981c07411b258a130996357394cbdad9df24b7cb96c62db02214d43ca4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Mon, 01 Mar 2010 08:18:57 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2c2dba-29b4-480b8e68a3e40"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 10676

GET
H/1.1 200
OK snheader.jpg
salem-news.com/graphics/ 30 KB
31 KB 189ms
158ms Image
image/jpeg 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/graphics/snheader.jpg
Requested by: Host: salem-news.com
URL: http://salem-news.com/css/sn.css
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: c1f37beaead769da889ea47445b6780280f330c7b4d7414450608d5baafca2f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/css/sn.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Thu, 11 Feb 2010 05:16:03 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2427c7-78f5-47f4c3f4b8ac0"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 30965

GET
H/1.1 200
OK sbt.gif
salem-news.com/graphics/ 96 B
386 B 168ms
159ms Image
image/gif 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/graphics/sbt.gif
Requested by: Host: salem-news.com
URL: http://salem-news.com/css/sn.css
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: e07b2c0c2abbe3dd90e211312b921dfbdf96af044c0925555ef0735b109b0f8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/css/sn.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Sun, 07 May 2006 01:04:40 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "2427c0-60-4132856a33a00"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 96

GET
H/1.1 200
OK button.gif
salem-news.com/css/images/ 2 KB
3 KB 175ms
160ms Image
image/gif 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/css/images/button.gif
Requested by: Host: salem-news.com
URL: http://salem-news.com/css/sn.css
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 5de17a06142490aa81f4f131c6554accbc24383992f00df1663e240881a2e891

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/css/sn.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Mon, 07 Dec 2009 20:03:59 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "208457-90a-47a28f54409c0"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2314

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 85ms
62ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d2eb555e59265345971b7c22235e9d26bbd3019d1a688e8fbacd6bed0ed2bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52618
x-xss-protection: 0
server: cafe
etag: 17159687093502008650
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:54:25 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
vortex.accuweather.com/adc2010/oap/javascript/ 90 KB
33 KB 49ms
15ms Script
application/javascript 2.17.179.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js
Requested by: Host: oap.accuweather.com
URL: https://oap.accuweather.com/launch.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.179.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-179-163.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:25 GMT
content-encoding: gzip
last-modified: Mon, 20 May 2013 20:51:39 GMT
server: Microsoft-IIS/8.5
etag: "aad455d39b55ce1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
servername: origin-v02
accept-ranges: bytes
content-length: 33817

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

33ms
8ms

Script
text/javascript

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: salem-news.com
URL: http://salem-news.com/

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 17:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3887
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 02 Dec 2023 19:49:38 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK jsonst.php Show response
salem-news.com/ 2 KB
3 KB 304ms
161ms XHR
application/json 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://salem-news.com/jsonst.php
Requested by: Host: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) / PHP/5.3.10-1ubuntu3.26
Resource Hash: 4b28206a13b0f6352988ec154ed3ea6636a9e0e74a74f1b4f3abfbddede09cf4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://salem-news.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Server: Apache/2.2.22 (Ubuntu)
X-Powered-By: PHP/5.3.10-1ubuntu3.26
Content-Type: application/json
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 2451
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ajax-loader.gif
salem-news.com/images/ 8 KB
8 KB 426ms
157ms Image
image/gif 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/images/ajax-loader.gif
Requested by: Host: salem-news.com
URL: http://salem-news.com/
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 37bd58d8ac13064a13f443f0d285393c645e5292f90f55273ed72da7936f5832

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Sat, 15 Dec 2012 23:14:37 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "243dd5-202e-4d0ec4fd41140"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 8238

GET
H2 200 medium Show response
www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/ Frame F1F1 622 KB
141 KB 249ms
249ms Document
text/html 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium

Requested by

Host: www.gofundme.com
URL: https://www.gofundme.com/static/js/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

ddf8e3efe47854d847fe89f7035bef1e4d1839cca355b437166ad62a4ef216ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: http://salem-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy-report-only: frame-ancestors gofundme.com *.gofundme.com *.hopin.com;
content-type: text/html; charset=utf-8
date: Sat, 02 Dec 2023 18:54:26 GMT
etag: "91rk1mx47odk9c"
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-id: -YLEosKvOb5TW1lzh83TAguVzMT1W76Xz_PJ1JcITihoopEB1bSOEQ==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront

GET
H/1.1 200
OK ui-bg_glass_85_dfeffc_1x400.png
salem-news.com/css/redmond/images/ 123 B
413 B 430ms
158ms Image
image/png 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/css/redmond/images/ui-bg_glass_85_dfeffc_1x400.png
Requested by: Host: salem-news.com
URL: http://salem-news.com/css/redmond/jquery-ui-1.9.2.custom.min.css
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 0053aaaa79ecdcd48e89d0d2125e6a420e44be52c82fc48fcfaa8689d76758a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/css/redmond/jquery-ui-1.9.2.custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:53 GMT
Last-Modified: Sat, 15 Dec 2012 22:47:23 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "20846f-7b-4d0ebee6f34c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 123

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
219 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1630760743&t=pageview&_s=1&dl=http%3A%2F%2Fsalem-news.com%2F&ul=en-us&de=UTF-8&dt=Salem-News.Com%20News%20from%20Salem%20Oregon%20and%20the%20surrounding%20region.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=672682307&gjid=241762702&cid=370154182.1701543266&tid=UA-142020-2&_gid=1686455679.1701543266&_r=1&_slc=1&z=1170737503

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a82328fa8918a5c92717a60ac8026959f9089783088dc3cc1b6f7d6e03fe6900

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://salem-news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:54:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://salem-news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6195063521241979&plah=salem-news.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c79f29371229689e06a0000378321ea423e087047795d3519c3d05ae19038e80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137292
x-xss-protection: 0
server: cafe
etag: 12315741173900588146
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:54:25 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame F542 9 KB
4 KB 29ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://salem-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78896
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 01 Dec 2023 20:59:29 GMT
etag: 12051592065903069241
expires: Fri, 15 Dec 2023 20:59:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 45ms
24ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VLL8LGN9EP&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d99bd043a9640054fea34d71e6643856a431d41798d2d4483e2169f63804dfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85773
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Dec 2023 18:54:25 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
243 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VLL8LGN9EP&gtm=45je3bt0v9134522147&_p=1701543265923&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=370154182.1701543266&_eu=ABAI&_s=1&dl=http%3A%2F%2Fsalem-news.com%2F&dt=Salem-News.Com%20News%20from%20Salem%20Oregon%20and%20the%20surrounding%20region.&sid=1701543266&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1008
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VLL8LGN9EP&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:54:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://salem-news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 CircularXXWeb-Bold.woff2
cdn.gofundme.com/fonts/ Frame F1F1 72 KB
73 KB 110ms
41ms Font
font/woff2 18.239.94.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gofundme.com/fonts/CircularXXWeb-Bold.woff2
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-30.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7387021408574afb13687c47d583f43c70cf9511d5dfd772be64f8ec975895a8

Request headers

Referer: https://www.gofundme.com/
Origin: https://www.gofundme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:19:40 GMT
via: 1.1 7cbec639ed3557aac04425ec5a5f177a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
age: 20087
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 74059
last-modified: Tue, 23 Nov 2021 21:37:34 GMT
server: AmazonS3
etag: "0796c564b3ca9bbf97c065949d757d6c"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: YYKP5zR5d9TwxIJewbFjEHc2Mwi4rLqJH5Z7iruN98W3JBAU58jnIQ==

GET
H2 200 CircularXXWeb-Medium.woff2
cdn.gofundme.com/fonts/ Frame F1F1 69 KB
70 KB 83ms
15ms Font
binary/octet-stream 18.239.94.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gofundme.com/fonts/CircularXXWeb-Medium.woff2
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-30.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8fe6acb606204bb51fd9130bca281a23ad25aafaf98e912bca79323adbb14c67

Request headers

Referer: https://www.gofundme.com/
Origin: https://www.gofundme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:58:02 GMT
via: 1.1 7cbec639ed3557aac04425ec5a5f177a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
age: 39129
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 71047
last-modified: Wed, 08 Jun 2022 20:42:18 GMT
server: AmazonS3
etag: "1aa173431ed07f680fc5387062a690e7"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: vcflwSVFjvnfhKGwD1hFw_uAJEZfu1xFBGOm0ZlGnPbZAk8zA3bkVw==

GET
H2 200 CircularXXWeb-Regular.woff2
cdn.gofundme.com/fonts/ Frame F1F1 69 KB
69 KB 99ms
30ms Font
font/woff2 18.239.94.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gofundme.com/fonts/CircularXXWeb-Regular.woff2
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.94.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-94-30.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52ae61c0720ae779b166ba75eb15923913725a390383be86868c33bfc191c1fe

Request headers

Referer: https://www.gofundme.com/
Origin: https://www.gofundme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:53:53 GMT
via: 1.1 7cbec639ed3557aac04425ec5a5f177a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P3
age: 74724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 70287
last-modified: Tue, 23 Nov 2021 21:37:13 GMT
server: AmazonS3
etag: "c65bc20b5c2102386f484979b51049a6"
access-control-max-age: 0
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: gEEzbNi9gF67CPxjmYJ1aNEhqthNNgMMBh7qfMB3OHZTDL9Jwfe_MQ==

GET
H2 200 0a5047dc429d212c.css
www.gofundme.com/ssr/_next/static/css/ Frame F1F1 27 KB
6 KB 9ms
8ms Stylesheet
text/css 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/css/0a5047dc429d212c.css
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7e943ef5e30e220196f66d125e9840c4f13acd9d6bf933c05696a85ec983a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 20:10:44 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sat, 19 Oct 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Thu, 19 Oct 2023 19:59:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 3797022
etag: W/"061b9c857f1bfa51abed9cdcfd487090"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: MrTjcTfTA86_6TA_92uYRuWfgz3aRG9eu8_CyLcOqz9j6DTKYw1-VQ==

GET
H2 200 160b65991d5ed37c.css
www.gofundme.com/ssr/_next/static/css/ Frame F1F1 46 KB
8 KB 9ms
9ms Stylesheet
text/css 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/css/160b65991d5ed37c.css
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89743cbd09c8fe6c1738afcc3ceaaaae1d13193d5b066c1b3fcf3945b7c3d9b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 17:49:00 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 26 Sep 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Tue, 26 Sep 2023 17:38:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 5792727
etag: W/"464462aeb4f39aaaa86ffeb629a57a0b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: bjAjq__jQed7syTfHUOpMJSIT73TAecsuaP7nTKA2kV_NF5narmj4g==

GET
H2 200 56516982749f9cf7.css
www.gofundme.com/ssr/_next/static/css/ Frame F1F1 3 KB
1 KB 10ms
10ms Stylesheet
text/css 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/css/56516982749f9cf7.css
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35fba4016e9499e1fe4c5f2b72d18146207960f09da0fef4898ea74a86ed34d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 29 Oct 2023 20:18:50 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 27 Oct 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Fri, 27 Oct 2023 19:23:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 2932537
etag: W/"2b38190b2544fd5311f27d3331c3e7f4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: poda2e9SYIw7s1jUgfWyKj3ChxYwv2_RXt4rnDVXcWqtGZTkjGgJhA==

GET
H2 200 airgap.js Show response
cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/ Frame F1F1 130 KB
45 KB 73ms
21ms Script
application/javascript 2600:9000:2447:5400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/airgap.js

Requested by

Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:5400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

d09aaa440416576f53833003f60a324cc907c346e3fb49d0b644d731a8558913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:26 GMT
content-encoding: br
via: 1.1 97f993f9d41d16f3f36b8c466857e2d6.cloudfront.net (CloudFront)
referrer-policy: strict-origin-when-cross-origin
server: CloudFront
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
x-content-type-options: nosniff
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
x-frame-options: SAMEORIGIN
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: QBCVizsx_fqDXPvFfjLvouAnM-CcmJ-v8EYW4L3YKPJy6cA6LWcohA==
x-xss-protection: 1; mode=block

GET
H2 200 webpack-9b2414cd64e9ddcd.js Show response
www.gofundme.com/ssr/_next/static/chunks/ Frame F1F1 12 KB
6 KB 25ms
23ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/chunks/webpack-9b2414cd64e9ddcd.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46c3ba83e97a2903af8cd0138d88f3e95c63a68290b711e615c2aeb9ed4b586f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:28:22 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 01 Dec 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Fri, 01 Dec 2023 21:22:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 77165
etag: W/"7914fb11a9e104947df5cbb2092524fd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: _xPtYDeOI0qSFX56qu94IlvozR83mtFMdiDcDtlAFE_yXudsUxDitA==

GET
H2 200 framework-d583295f3144c491.js Show response
www.gofundme.com/ssr/_next/static/chunks/ Frame F1F1 138 KB
45 KB 31ms
29ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/chunks/framework-d583295f3144c491.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c66edf77e0f8f8f549672123f9e5d3d6a7b05c3e592450028eabde53346bd55d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 18:11:34 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Fri, 06 Sep 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Wed, 06 Sep 2023 17:56:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 7519373
etag: W/"44609e1af70e8b8743287423a53d55c4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: d_srRNHnNUDpGlVFO0DHggSOwO_s0L5IkJ4lnO9uBdjVBqDdPzHhlA==

GET
H2 200 main-9dcfbbfee9d511e9.js Show response
www.gofundme.com/ssr/_next/static/chunks/ Frame F1F1 107 KB
32 KB 36ms
34ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/chunks/main-9dcfbbfee9d511e9.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 67abb48de10855a099eb2f3fbc6e1256d4027e2905bea1cc0700ab5a299fb490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 26 Sep 2023 15:13:27 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Wed, 25 Sep 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Mon, 25 Sep 2023 16:17:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 5802060
etag: W/"bbdd0009b2af614f1de8c97b5ccc4c24"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: KbQcAso_D9YW72AzgGdoN15KEN90b__raAaA7i-V83ILXPzPjuvl3w==

GET
H2 200 _app-2b083c61f4a84277.js Show response
www.gofundme.com/ssr/_next/static/chunks/pages/ Frame F1F1 951 KB
243 KB 12ms
10ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/chunks/pages/_app-2b083c61f4a84277.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 196c4f2450ae13e19621c2ecadbd2e178360d182312c6c01ef56e0f2ff4323f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:51 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sat, 30 Nov 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Thu, 30 Nov 2023 17:31:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 177396
etag: W/"168db8041f3a283bc18d0acd00592e39"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: biKiE9GPbOYV9nMvPIGRl_CGjNm-gvgHB9ffbzNmgp4KgkiKIPLu_A==

GET
H2 200 6736-ce3d89ecc88c8337.js Show response
www.gofundme.com/ssr/_next/static/chunks/ Frame F1F1 284 KB
76 KB 25ms
23ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/chunks/6736-ce3d89ecc88c8337.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4471af875ca2c441d8b82ccc89c3a2cbd43bc53a25a87f230046b0176c2e595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:51 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sat, 30 Nov 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Thu, 30 Nov 2023 17:31:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 177396
etag: W/"188316477541509eb994c2103e660861"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: xZmx37jh-2NXS6FYs_K63QRAJQiltTMigtn_5d4n7cnaSTLjhtNA3g==

GET
H2 200 9051-a3f3ae31f25621b1.js Show response
www.gofundme.com/ssr/_next/static/chunks/ Frame F1F1 13 KB
5 KB 27ms
25ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/chunks/9051-a3f3ae31f25621b1.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b3a565398ec361ad761f8d6a94cbbbc31603e9484c70b84a01d210fd2b5e15e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:16:02 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Thu, 17 Oct 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Tue, 17 Oct 2023 17:55:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 3976705
etag: W/"029bd83d03c58c0429b136f2101d141f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: UWz6hTpz8MJTUiSQEk4XdnS1A2gKp47NtWcngtYV0oXRrvWSQkJVvQ==

GET
H2 200 2531-bbd79ba91a88b889.js Show response
www.gofundme.com/ssr/_next/static/chunks/ Frame F1F1 7 KB
3 KB 35ms
33ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/chunks/2531-bbd79ba91a88b889.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 116c7e22845f8c8784d4633bc3170e02c6a12e8c7e56ed29e7250aafbe693953

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 25 Sep 2023 00:54:48 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 22 Sep 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Fri, 22 Sep 2023 19:00:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 5939979
etag: W/"3cb8c453857c124ab19beb2bebd0aaca"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: kUlv63ZHHayh8QOsrE0UXXC6QjrffknguVgB21QevgtZvIdGj-X-WA==

GET
H2 200 3796-92ddc811419f382d.js Show response
www.gofundme.com/ssr/_next/static/chunks/ Frame F1F1 21 KB
8 KB 27ms
26ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/chunks/3796-92ddc811419f382d.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a87ecc29279c740015f9460447e8bf465401d93faa38c171399c549cbd0feb7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:51 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sat, 30 Nov 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Thu, 30 Nov 2023 17:31:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 177396
etag: W/"58d5e0e8b264bfa5ca597003a4e79969"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 9AM5huAgkXaIUQ2ja4CunMcTDT5lMmaiyDVOKMgKni7UB4OUwTPxCQ==

GET
H2 200 9486-e89e865051d1c32a.js Show response
www.gofundme.com/ssr/_next/static/chunks/ Frame F1F1 11 KB
5 KB 28ms
27ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/chunks/9486-e89e865051d1c32a.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30c377bd73a0c3aec0c23d1546fd2bdf8b564817b75a8b8cfcde7c542cd736d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:51 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sat, 30 Nov 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Thu, 30 Nov 2023 17:31:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 177396
etag: W/"34f6c6f631f1e44410f62296107fca3c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Meve35fZaDdXo3StN6snGUCHRZ3LVdxJenJOpUGr-VAlXcHSkH2JMw==

GET
H2 200 %5B...type%5D-ded955f28a30c9fe.js Show response
www.gofundme.com/ssr/_next/static/chunks/pages/f/%5BcampaignUrl%5D/widget/ Frame F1F1 12 KB
5 KB 32ms
31ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/chunks/pages/f/%5BcampaignUrl%5D/widget/%5B...type%5D-ded955f28a30c9fe.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d8f46e9931e4cceab7104a18bdd2c7fcacf5e28e8b967cc9936762f3b2b920d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 17:37:54 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sat, 30 Nov 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Thu, 30 Nov 2023 17:31:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 177393
etag: W/"3883ac1921ea340bd6a2354f88214859"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Kham4s-ktBdoKIikYbWX1e9khwnxVEQbxCSekD_K5Pkbv1BX2Qfagg==

GET
H2 200 _buildManifest.js Show response
www.gofundme.com/ssr/_next/static/GhXUWCqpdBx_573evQuOK/ Frame F1F1 26 KB
6 KB 32ms
31ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/GhXUWCqpdBx_573evQuOK/_buildManifest.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 700afc566672b794789c1a2e5671be9b4f63b330a91f982342a7ff9010ec97f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:28:22 GMT
content-encoding: gzip
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 01 Dec 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Fri, 01 Dec 2023 21:22:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 77165
etag: W/"b272f17946cefda48988fdace6d5504d"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: S-TmK849ESXGXQayrT9ZJxiuFZlv8lCilwYwsY3_oghmhpmH1G4Y9A==

GET
H2 200 _ssgManifest.js Show response
www.gofundme.com/ssr/_next/static/GhXUWCqpdBx_573evQuOK/ Frame F1F1 77 B
501 B 28ms
28ms Script
application/javascript 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gofundme.com/ssr/_next/static/GhXUWCqpdBx_573evQuOK/_ssgManifest.js
Requested by: Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 21:28:22 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-expiration: expiry-date="Sun, 01 Dec 2024 00:00:00 GMT", rule-id="expire-at-one-year"
last-modified: Fri, 01 Dec 2023 21:22:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 77165
etag: "b6652df95db52feb4daf4eca35380933"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 77
x-amz-cf-id: G0TfQzQOWkoZLBUMIbX29xSpFhuB-lqmXVd4dH3q7c3sfUF-CwAa-Q==

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 40CA 103 KB
39 KB 591ms
591ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=3720366759&adf=3678085072&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265781&bpp=114&bdt=333&idt=334&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=4055791116417&frm=20&pv=2&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=367

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6195063521241979&plah=salem-news.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c32d0654f562632c8e2588ca33800e1b70161f2435e977125fd6eee0709be82a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://salem-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39477
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:54:26 GMT
expires: Sat, 02 Dec 2023 18:54:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK ui-bg_inset-hard_100_fcfdfd_1x100.png
salem-news.com/css/redmond/images/ 88 B
377 B 159ms
159ms Image
image/png 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/css/redmond/images/ui-bg_inset-hard_100_fcfdfd_1x100.png
Requested by: Host: salem-news.com
URL: http://salem-news.com/css/redmond/jquery-ui-1.9.2.custom.min.css
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: d175ae345afe14519bca3ebe152a9f863e5116f8993a641c26f619f926436df0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/css/redmond/jquery-ui-1.9.2.custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Sat, 15 Dec 2012 22:47:23 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "208473-58-4d0ebee6f34c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 88

GET
H/1.1 200
OK ui-icons_6da8d5_256x240.png
salem-news.com/css/redmond/images/ 4 KB
5 KB 158ms
158ms Image
image/png 192.241.229.70
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salem-news.com/css/redmond/images/ui-icons_6da8d5_256x240.png
Requested by: Host: salem-news.com
URL: http://salem-news.com/css/redmond/jquery-ui-1.9.2.custom.min.css
Protocol: HTTP/1.1
Server: 192.241.229.70 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: salem-news.com
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 55380e58ed3ded7e334522936f36fa41165a06efe7a6120b6da630574a160aa2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/css/redmond/jquery-ui-1.9.2.custom.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Sat, 02 Dec 2023 18:50:54 GMT
Last-Modified: Sat, 15 Dec 2012 22:47:23 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "208477-1111-4d0ebee6f34c0"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4369

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BA9 121 KB
41 KB 725ms
724ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=717473361&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265784&bpp=112&bdt=336&idt=389&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=390

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

acba35f81cb42520870d3f065e20322b4a02942c2fb39d7e7ab788fefe65085e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://salem-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41495
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:54:26 GMT
expires: Sat, 02 Dec 2023 18:54:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15FB 723 B
378 B 618ms
617ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=274575307&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265786&bpp=110&bdt=338&idt=407&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3536&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=408

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14a87b6e63904d54827a1573d793b9ea5af55a7e5636fdeb7733a79d7dbecee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://salem-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:54:26 GMT
expires: Sat, 02 Dec 2023 18:54:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xdi.js Show response
cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/ Frame F1F1 26 KB
12 KB 63ms
22ms Script
text/javascript 2600:9000:2447:5400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/xdi.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:5400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f5d22eee47a54fec107105abfb733e0759d69bfab519a5e2370321e5ae6c7b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gofundme.com/
Origin: https://www.gofundme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 0NuJA.0hx4NRoToXZDDVbMF14WWwsDz3
content-encoding: gzip
via: 1.1 0d3372129d548b57c62777e24b79e514.cloudfront.net (CloudFront)
date: Sat, 02 Dec 2023 08:47:33 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 74722
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 21 Oct 2023 02:59:40 GMT
server: AmazonS3
etag: W/"825eb964e68f547f7e46ae9fbba1abc7-1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: ZLzoTEIkWVZH39ky0tS4et4ZJJczgBJtW3v4rfj_EGz35cQDcAtN9w==

GET
H2 200 ui.js Show response
cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/ Frame F1F1 268 KB
77 KB 57ms
26ms Script
text/javascript 2600:9000:2447:5400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/ui.js

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:5400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7473bc597d499a69d196a66572dac2f92a1108c9e698dd52565ce150008e2c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gofundme.com/
Origin: https://www.gofundme.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: Dr9VIQe3AJrjmViDHeTAcsxeBvSqAaHQ
content-encoding: gzip
via: 1.1 0d3372129d548b57c62777e24b79e514.cloudfront.net (CloudFront)
date: Sat, 02 Dec 2023 09:59:05 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 49029
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 21 Oct 2023 02:59:40 GMT
server: AmazonS3
etag: W/"e0eeddced35db5f676b135453a7cc568-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: WzlLCFatY_Q3N4xIKDx83z_vpnVgqFntK0X9KXY5827UOdtUam76-w==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C7D0 723 B
379 B 575ms
575ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=660775685&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265786&bpp=111&bdt=339&idt=478&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=3&fsb=1&dtd=480

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56d89b377215a2306e4ff05be06b585078ec0e1af709beeee704d602df5d96a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://salem-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:54:26 GMT
expires: Sat, 02 Dec 2023 18:54:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 identity
gateway.gofundme.com/web-gateway/v1/feed/ Frame 0
0 149ms
116ms Preflight
application/json 65.9.66.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gateway.gofundme.com/web-gateway/v1/feed/identity

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-127.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: gfm-request-id
Access-Control-Request-Method: GET
Origin: https://www.gofundme.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, gfm-request-id
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.gofundme.com
access-control-expose-headers: GFM-Request-Id, GFM-Server-Request-Id, GFM-Parent-Request-Id
access-control-max-age: 86400
allow: GET, HEAD, OPTIONS
content-length: 155
content-security-policy-report-only: frame-ancestors gofundme.com *.gofundme.com *.hopin.com;
content-type: application/json
date: Sat, 02 Dec 2023 18:54:26 GMT
gfm-parent-request-id
gfm-request-id: 4ad9cdc30519422e9d11f3fe9b1453aa
gfm-server-request-id: 4ad9cdc30519422e9d11f3fe9b1453aa
referrer-policy: same-origin
server: nginx
vary: Origin
via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-cf-id: SFDW0RWK3JlPMFwtZTKUomeYtEC26rSOa2_8Mnvgij20JUnYyrC95A==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame F1F1 494 KB
125 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDTFTZ

Requested by

Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/airgap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9843d04261fa1702f892e164c89479cabfa8ee9923bfc536ad12c5771dd9ff3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128267
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 02 Dec 2023 18:54:26 GMT

GET
H2 200 identity Show response
gateway.gofundme.com/web-gateway/v1/feed/ Frame F1F1 92 B
797 B 25ms
10ms XHR
application/json 65.9.66.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gateway.gofundme.com/web-gateway/v1/feed/identity

Requested by

Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-127.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

89fed9e209d6a8fbbd713449160af0bbb37c92d61d4b7d4ef42b13bb3ed76df8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json
GFM-Request-Id: 4ee7501a-7b4b-4afd-a208-969724520ad7
Referer: https://www.gofundme.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

gfm-request-id: 1553e3a652e24f9b8d4bf303f9e90787
date: Sat, 02 Dec 2023 18:54:11 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
age: 15
content-security-policy-report-only: frame-ancestors gofundme.com *.gofundme.com *.hopin.com;
gfm-parent-request-id: efff4a59-f056-41c9-8dbb-d936040fe70e
x-cache: Hit from cloudfront
content-length: 92
referrer-policy: same-origin
server: nginx
allow: GET, HEAD, OPTIONS
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://www.gofundme.com
access-control-expose-headers: GFM-Request-Id, GFM-Server-Request-Id, GFM-Parent-Request-Id
cache-control: max-age=0, s-maxage=60, public
access-control-allow-credentials: true
vary: Origin
gfm-server-request-id: 1553e3a652e24f9b8d4bf303f9e90787
x-amz-cf-id: dT_qsZheU5kTOdaAqvgHOMqBbqZs20hMRZXjLN0X-UCMUyZiyUwF4A==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1810 104 KB
39 KB 649ms
649ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=1295419900&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265787&bpp=110&bdt=339&idt=524&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=4313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=526

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d21419a8c51578a659b5f1871f155cdb61775ba3efd4a4c8e3aadb7604ced6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://salem-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39452
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:54:26 GMT
expires: Sat, 02 Dec 2023 18:54:26 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 track Show response
www.gofundme.com/ Frame F1F1 20 B
1 KB 339ms
338ms XHR
application/json 13.32.27.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gofundme.com/track

Requested by

Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-118.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors gofundme.com .gofundme.com .hopin.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

tracestate: 741111@nr=0-1-741111-1538388375-1f2262356ca4271e----1701543266322
traceparent: 00-665b62871e7d9d892ddee54e47605ed0-1f2262356ca4271e-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6Ijc0MTExMSIsImFwIjoiMTUzODM4ODM3NSIsImlkIjoiMWYyMjYyMzU2Y2E0MjcxZSIsInRyIjoiNjY1YjYyODcxZTdkOWQ4OTJkZGVlNTRlNDc2MDVlZDAiLCJ0aSI6MTcwMTU0MzI2NjMyMn19
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium

Response headers

date: Sat, 02 Dec 2023 18:54:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains; preload
content-encoding: gzip
content-security-policy: frame-ancestors gofundme.com *.gofundme.com *.hopin.com;
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.gofundme.com
cache-control: no-cache, private
access-control-allow-credentials: true
x-server: ip-10-50-193-86.ec2.internal
access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type
x-amz-cf-id: -TSSzHHDlQrx_BzUFt0YrDtHmPYGeXK4M9QligRjpOPgRqfG4fuwgA==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B7A 0
19 B 17ms
16ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&adk=1812271804&adf=3025194257&lmt=1701543266&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701543265921&bpp=1&bdt=473&idt=416&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368%2C8216531368&nras=1&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&fsb=1&dtd=423

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://salem-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:54:26 GMT
expires: Sat, 02 Dec 2023 18:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cm.css
cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/ Frame F1F1 16 KB
4 KB 18ms
18ms Stylesheet
text/css 2600:9000:2447:5400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/cm.css

Requested by

Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:5400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7485f98c769235c979c928fb91bd85dbbaa634ce06e7b7f2041801967a4939f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: pbfJiiSI9cfET0uWpPUK2Li.vuZxEur4
content-encoding: gzip
via: 1.1 97f993f9d41d16f3f36b8c466857e2d6.cloudfront.net (CloudFront)
date: Sat, 02 Dec 2023 09:49:20 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 39537
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 21 Oct 2023 02:59:40 GMT
server: AmazonS3
etag: W/"c156717ae0dfb2d5235b7dc60d424877-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: MKNBvjDRrySFFcQf1BcZZVKpOD7mbQLISCuXbpf28GfOfhK8O6sKpA==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F1F1 266 KB
89 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WF86BFEZ5L&l=dataLayer&cx=c

Requested by

Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e15be8b05d69ccad0da49bec0980b8aa124e204954d36b0de56efa1039e090ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 02 Dec 2023 18:54:26 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame F1F1 31 KB
12 KB 36ms
8ms Script
application/javascript 2a02:26f0:480:3::210:ee8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:3::210:ee8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 29 Nov 2023 10:04:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=28799
accept-ranges: bytes
content-length: 12150

GET
H2 200 8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc Show response
sync.transcend.io/consent-manager/ Frame CE32 313 B
760 B 40ms
7ms Document
application/xhtml+xml 2600:9000:2644:3a00:a:de49:b100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.transcend.io/consent-manager/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc
Requested by: Host: cdn.transcend.io
URL: https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/airgap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:3a00:a:de49:b100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe188a12938cd48042a6dd4536b0c233ab40714ac48833dee2b6408e668ed6ed

Request headers

Referer: https://www.gofundme.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 74719
content-disposition: inline
content-length: 313
content-type: application/xhtml+xml
date: Sat, 02 Dec 2023 12:18:47 GMT
etag: "85e2239b4f358840d9063784b7981e9e-1"
last-modified: Sat, 21 Oct 2023 02:59:39 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 cba0902b20d884568adf673bab9438e6.cloudfront.net (CloudFront)
x-amz-cf-id: T_y1AbybGQHpKoVYFPWlmTBR3PKUl9s57fSkCUlJLPIgeLA08gpSeA==
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: ZRAgAGpnB2r6BfagFghifksrhlRsaFpp
x-cache: Hit from cloudfront

GET
H2 200 en.json Show response
cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/translations/ Frame F1F1 8 KB
3 KB 20ms
20ms Fetch
application/json 2600:9000:2447:5400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/translations/en.json

Requested by

Host: www.gofundme.com
URL: https://www.gofundme.com/f/help-my-sons-family-while-he-fights-cancer/widget/medium

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:5400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

67c9becbda158bb8b5be6f6e6a6c55c48e7a2f11ac473bb55e0be86a533b5dfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gofundme.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: jScDguod4A_c22OtvuK3q4CE0gJLf53d
content-encoding: gzip
via: 1.1 0d3372129d548b57c62777e24b79e514.cloudfront.net (CloudFront)
date: Sat, 02 Dec 2023 11:34:43 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 26384
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 21 Oct 2023 02:59:40 GMT
server: AmazonS3
etag: W/"58d568087696d182127c751a7e0d9134-1"
x-frame-options: SAMEORIGIN
access-control-max-age: 3600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=60,s-maxage=86400
vary: Accept-Encoding
x-amz-cf-id: TCuO6rEJCmSVGn-mkxOUQP_RkU8m2PY0Shy6KE8GS-DMvQbdAK6lEA==

GET
H2 200 xdi.js Show response
cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/ Frame CE32 26 KB
12 KB 20ms
19ms Script
text/javascript 2600:9000:2447:5400:2:8531:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.transcend.io/cm/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc/xdi.js

Requested by

Host: sync.transcend.io
URL: https://sync.transcend.io/consent-manager/8aaeb48f-a8e6-4725-820c-b18c4f7cd6cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2447:5400:2:8531:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f5d22eee47a54fec107105abfb733e0759d69bfab519a5e2370321e5ae6c7b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.transcend.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 0NuJA.0hx4NRoToXZDDVbMF14WWwsDz3
content-encoding: gzip
via: 1.1 97f993f9d41d16f3f36b8c466857e2d6.cloudfront.net (CloudFront)
date: Sat, 02 Dec 2023 08:47:33 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: AMS58-P5
age: 74722
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-disposition: inline
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 21 Oct 2023 02:59:40 GMT
server: AmazonS3
etag: W/"825eb964e68f547f7e46ae9fbba1abc7-1"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript
cache-control: max-age=60,s-maxage=86400
x-amz-cf-id: VyY6yb-tLigm1aY_l0c0oHpmduIHGy8a9Qkdm_hcMr6c80CLd6CT7w==

GET
H2 200 17771020053038646779
tpc.googlesyndication.com/simgad/ Frame 40CA 11 KB
11 KB 36ms
14ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17771020053038646779?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlBvx9Pgv1_Ox-LRKUf5mRcC2O3aw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=3720366759&adf=3678085072&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265781&bpp=114&bdt=333&idt=334&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=4055791116417&frm=20&pv=2&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580639228472737e0702fdc4c587ef1ff7ca2f7a1f099d9f1d831fd169a9080a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 02:22:34 GMT
x-content-type-options: nosniff
age: 145912
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11261
x-xss-protection: 0
last-modified: Fri, 14 Oct 2022 15:22:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Nov 2024 02:22:34 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 40CA 24 KB
9 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 40CA 3 KB
1 KB 24ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 40CA 20 KB
9 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 40CA 202 KB
64 KB 59ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:54:26 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 40CA 36 KB
15 KB 25ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:56:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5DBC 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=3720366759&adf=3678085072&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265781&bpp=114&bdt=333&idt=334&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&correlator=4055791116417&frm=20&pv=2&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=471&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=367
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:48:28 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5DBC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

23ms
23ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:54:26 GMT
expires: Sat, 02 Dec 2023 18:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:54:26 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 40CA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e10160ba40661d947c08e0e9671df881c6bcfecf054888ad323e7362225566d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 40CA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CuZnOYn1rZdDIEubVvcAPg62luAXMj86zdMjKidmkELCQHxABILjmqwRglYKAgLgHoAH34pu0KMgBAqgDAcgDyQSqBPgBT9ABsZ2zLk7BrljmmaEBAxcVJc9JJkhumZ_vRGn0oKIaAR4vIlz...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213560642671324098881%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window...

0
0

57ms
40ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213560642671324098881%22,%22debug_reporting%22:true,%22destination%22:%22https://webcompanion.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210846925175%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214783340328480966065%22}&andc=true

Requested by

Host: salem-news.com
URL: http://salem-news.com/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13560642671324098881","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"14783340328480966065"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 18:54:27 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 18:54:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13560642671324098881","debug_reporting":true,"destination":"https://webcompanion.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10846925175"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"14783340328480966065"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 312D 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 11:42:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3BA9 4 KB
1 KB 43ms
20ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=717473361&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265784&bpp=112&bdt=336&idt=389&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 18:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 17:57:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 02 Dec 2023 18:54:26 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3BA9 2 KB
875 B 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=717473361&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265784&bpp=112&bdt=336&idt=389&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 3BA9 24 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=717473361&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265784&bpp=112&bdt=336&idt=389&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3BA9 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=717473361&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265784&bpp=112&bdt=336&idt=389&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3BA9 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=717473361&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265784&bpp=112&bdt=336&idt=389&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BA9 202 KB
64 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=717473361&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265784&bpp=112&bdt=336&idt=389&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:54:26 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 3BA9 37 KB
16 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=717473361&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265784&bpp=112&bdt=336&idt=389&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 386038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 74ms
43ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 18:54:26 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/4829056803898858536/ Frame 3BA9 38 KB
38 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4829056803898858536/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=717473361&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265784&bpp=112&bdt=336&idt=389&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5057f243a74669066cd09e0b4fbb01018d119b3eb24414389106a175dc2f64cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 17:28:01 GMT
x-content-type-options: nosniff
age: 91585
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38718
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 06:56:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Nov 2024 17:28:01 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17724796215435994439/ Frame 3BA9 2 KB
2 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17724796215435994439/14763004658117789537?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=717473361&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265784&bpp=112&bdt=336&idt=389&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=390

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67f84c2da68c280ef9e1a68357a14c50955602a162088bfc6c1b75d61a06b8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:55:42 GMT
x-content-type-options: nosniff
age: 197924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1996
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 06:55:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 11:55:42 GMT

GET
DATA 200
OK truncated
/ Frame 3BA9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6ff7da07b2db565d5bbbe4f57c52f5bd44ef3819a2c48ed02ca9f312fbef287

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 540613786542645278
tpc.googlesyndication.com/daca_images/simgad/ Frame 1810 40 KB
40 KB 8ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/540613786542645278

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=1295419900&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265787&bpp=110&bdt=339&idt=524&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=4313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

116c2f88c506b85750e80ada533a5dd3ce603f5fc627a9b196c4f5689b6f79c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 08:34:41 GMT
x-content-type-options: nosniff
age: 123585
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40516
x-xss-protection: 0
last-modified: Fri, 01 Dec 2023 08:26:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Nov 2024 08:34:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 1810 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=1295419900&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265787&bpp=110&bdt=339&idt=524&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=4313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D774 143 B
166 B 11ms
10ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=1295419900&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265787&bpp=110&bdt=339&idt=524&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=4313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=1295419900&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265787&bpp=110&bdt=339&idt=524&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=4313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=526
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:48:28 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1810 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=1295419900&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265787&bpp=110&bdt=339&idt=524&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=4313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 22:17:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1810 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=1295419900&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265787&bpp=110&bdt=339&idt=524&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=4313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 15 Dec 2023 20:02:10 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1810 202 KB
64 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=1295419900&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265787&bpp=110&bdt=339&idt=524&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=4313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:54:27 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 1810 36 KB
14 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=1295419900&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265787&bpp=110&bdt=339&idt=524&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=4313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:56:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3BA9 15 KB
16 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 16:39:21 GMT
x-content-type-options: nosniff
age: 94506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:39:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3BA9 15 KB
16 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 13:37:09 GMT
x-content-type-options: nosniff
age: 19038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 13:37:09 GMT

GET
DATA 200
OK truncated
/ Frame 1810 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7552de241abd01d675b1f18165b19887978f59cb023b4f76bd9fa6448fac6f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D774
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

15ms
15ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=1295419900&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265787&bpp=110&bdt=339&idt=524&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=4313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:54:27 GMT
expires: Sat, 02 Dec 2023 18:54:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:54:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3BA9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CFrSWYn1rZeXNE8OevcAPoNqw8A7Qt8eidKb4y8ORErbs7OyuCRABILjmqwRglYKAgLgHoAHko9qSKsgBCagDAcgDywSqBP8BT9Awc1WOgenisG-Gg4SOwgg-Xw00wj7EunwrPRLzTt-bEjc...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214859628132571599702%22,%22debug_reporting%22:true,%22destination%22:%22https://lifestyletrendshq.com%22,%22event_report_w...

0
0

41ms
41ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2214859628132571599702%22,%22debug_reporting%22:true,%22destination%22:%22https://lifestyletrendshq.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211313517028%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22346457912795431809%22}&andc=true

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"14859628132571599702","debug_reporting":true,"destination":"https://lifestyletrendshq.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11313517028"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"346457912795431809"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 18:54:27 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 18:54:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"14859628132571599702","debug_reporting":true,"destination":"https://lifestyletrendshq.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11313517028"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"346457912795431809"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 5065 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=717473361&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265784&bpp=112&bdt=336&idt=389&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=3190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=390

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 11:42:28 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1810
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CCJZUYn1rZcuhHNqUvcAP0dCPiAnKjq_KdN71yLGmEtrZHhABILjmqwRglYKAgLgHoAGG76uVAsgBAqgDAcgDyQSqBP4BT9BQpbMyyfP01qPKyjuhIx970ncNb5-ouo_QeY1sX0jAgsvvPMb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213102160095711250101%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%...

0
0

42ms
42ms

Fetch
text/css

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213102160095711250101%22,%22debug_reporting%22:true,%22destination%22:%22https://cotosen.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22581629830%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224919028929322321313%22}&andc=true

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:27 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13102160095711250101","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581629830"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"4919028929322321313"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 02 Dec 2023 18:54:27 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 02 Dec 2023 18:54:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13102160095711250101","debug_reporting":true,"destination":"https://cotosen.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["581629830"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"4919028929322321313"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 widgets-20170109.css
vortex.accuweather.com/adc2010/oap/stylesheets/ 112 KB
14 KB 14ms
13ms Stylesheet
text/css 2.17.179.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vortex.accuweather.com/adc2010/oap/stylesheets/widgets-20170109.css
Requested by: Host: vortex.accuweather.com
URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.179.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-179-163.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 19f4edf9189f8d003c27b29fcb6f1f1085660470101374fda6648c41d4280a60

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:27 GMT
content-encoding: gzip
last-modified: Mon, 09 Jan 2017 21:59:10 GMT
server: Microsoft-IIS/8.5
etag: "43ca979bc36ad21:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
servername: origin-v03
accept-ranges: bytes
content-length: 13968

GET
H2

200

current Show response
www.accuweather.com/ajax-service/oap/
Redirect Chain

http://www.accuweather.com/ajax-service/oap/current?callback=jQuery191021674578306122894_1701543265850&uid=awcc1495048023036&locationkey=&unit=f&language=en-us&useip=true&targeturl=http%3A%2F%2Fsal...
https://www.accuweather.com/ajax-service/oap/current?callback=jQuery191021674578306122894_1701543265850&uid=awcc1495048023036&locationkey=&unit=f&language=en-us&useip=true&targeturl=http%3A%2F%2Fsa...

3 KB
3 KB

393ms
392ms

Script
text/javascript

2.17.179.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.accuweather.com/ajax-service/oap/current?callback=jQuery191021674578306122894_1701543265850&uid=awcc1495048023036&locationkey=&unit=f&language=en-us&useip=true&targeturl=http%3A%2F%2Fsalem-news.com%2Fsevenday%2Findex.php&css=&_=1701543265851

Protocol

Server

2.17.179.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-179-163.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3a93180ffd33f76e71235602836bbdc16822ebff5209da7d2015ad4353d34f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:27 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
servername: gweb-v02
server-timing: cdn-cache; desc=HIT, edge; dur=375, ak_p; desc="1701543267126_3245104773_394293810_37510_10399_7_0_146";dur=1
content-length: 1185

Redirect headers

Location: https://www.accuweather.com/ajax-service/oap/current?callback=jQuery191021674578306122894_1701543265850&uid=awcc1495048023036&locationkey=&unit=f&language=en-us&useip=true&targeturl=http%3A%2F%2Fsalem-news.com%2Fsevenday%2Findex.php&css=&_=1701543265851
Date: Sat, 02 Dec 2023 18:54:27 GMT
Server: AkamaiGHost
Connection: keep-alive
Server-Timing: ak_p; desc="1701543267097_3245104773_394293761_19_12405_6_0_-";dur=1
Content-Length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
55ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff49390548cbc5d60c6818a07f846df7b2d0e1756832cee5b325577ec1e8378d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12505
x-xss-protection: 0

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8076 50 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6195063521241979&output=html&h=90&slotname=8216531368&adk=1694498236&adf=1295419900&pi=t.ma~as.8216531368&w=728&lmt=1701543266&url=http%3A%2F%2Fsalem-news.com%2F&ea=0&wgl=1&dt=1701543265787&bpp=110&bdt=339&idt=524&shv=r20231129&mjsv=m202311150101&ptt=5&saldr=sd&abxe=1&prev_slotnames=8216531368%2C8216531368%2C8216531368%2C8216531368&correlator=4055791116417&frm=20&pv=1&ga_vid=370154182.1701543266&ga_sid=1701543266&ga_hid=1630760743&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=417&ady=4313&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079715%2C31078301%2C44800658%2C44807763%2C44808148%2C44808284%2C44809071%2C31079889&oid=2&pvsid=2169335244000908&tmod=1828398950&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=4&fsb=1&dtd=526

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 29 Nov 2024 11:42:28 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 41ms
41ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 18:54:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 02 Dec 2023 18:54:27 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 18:54:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2254 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://salem-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6BD7 829 B
560 B 19ms
19ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

db268ef2c97a3b9a76fa1c401b67031c11efb3ba072231b576d2733ce7f67941

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-njPO5WpUG5TZFmWbpOuU2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://salem-news.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-njPO5WpUG5TZFmWbpOuU2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 18:54:27 GMT
expires: Sat, 02 Dec 2023 18:54:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 2254 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:33:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 17:33:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6BD7 0
0 41ms
41ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=2169335244000908&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2254 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1rwQ2w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 19-xl.png
vortex.accuweather.com/adc2010/images/icons-numbered/ 47 KB
47 KB 30ms
30ms Image
image/png 2.17.179.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vortex.accuweather.com/adc2010/images/icons-numbered/19-xl.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.179.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-179-163.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d0bebe3e386244b7b2dab06bef1bf2ed47f33b550cb391103771a58d74c48f25

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:27 GMT
last-modified: Fri, 15 Mar 2013 20:51:00 GMT
server: Microsoft-IIS/8.5
etag: "80def1ccbe21ce1:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: max-age=31536000
servername: origin-v03
accept-ranges: bytes
content-length: 48348

GET
H2 200 icon-get-widget-blue.png
vortex.accuweather.com/adc2010/oap/images/ 1 KB
1 KB 36ms
36ms Image
image/png 2.17.179.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vortex.accuweather.com/adc2010/oap/images/icon-get-widget-blue.png
Requested by: Host: vortex.accuweather.com
URL: https://vortex.accuweather.com/adc2010/oap/stylesheets/widgets-20170109.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.179.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-179-163.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8ae54aefc607778dc3907fb07fb0dd871d70dd258abd89ca0d6259669073d647

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vortex.accuweather.com/adc2010/oap/stylesheets/widgets-20170109.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:27 GMT
last-modified: Mon, 15 Jul 2013 17:50:46 GMT
server: Microsoft-IIS/8.5
etag: "6c7b86d58381ce1:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: max-age=86400
servername: origin-v02
accept-ranges: bytes
content-length: 1111

GET
H2 200 19-m.png
vortex.accuweather.com/adc2010/images/icons-numbered/ 12 KB
13 KB 34ms
34ms Image
image/png 2.17.179.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vortex.accuweather.com/adc2010/images/icons-numbered/19-m.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.179.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-17-179-163.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a0b2f568eefa7fc7fe8fb3ba8758ca7e8e9db78b2f7aa2cd0f0505109c0c577d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 18:54:27 GMT
last-modified: Fri, 15 Mar 2013 20:50:31 GMT
server: Microsoft-IIS/8.5
etag: "ec65b6bbbe21ce1:0"
x-powered-by: ASP.NET
content-type: image/png
cache-control: max-age=31536000
servername: origin-v03
accept-ranges: bytes
content-length: 12657

GET
H3

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

7ms
7ms

Script
text/javascript

2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Protocol

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 17:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3889
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 02 Dec 2023 19:49:38 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1630760743&t=pageview&_s=1&dl=http%3A%2F%2Fsalem-news.com%2F&dp=%2Foap-weather-widgets%2Fcurrent&ul=en-us&de=UTF-8&dt=Salem-News.Com%20News%20from%20Salem%20Oregon%20and%20the%20surrounding%20region.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABCAAAACAAI~&jid=62355967&gjid=2023489637&cid=370154182.1701543266&tid=UA-31945348-1&_gid=1686455679.1701543266&_r=1&_slc=1&cd1=OAP_Weather_Widgets&cd2=salem-news-com&cd3=accuweather&cd4=OAP_Widget_current&cd5=1&z=2052819667

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://salem-news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:54:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://salem-news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-31945348-1&cid=370154182.1701543266&jid=62355967&gjid=2023489637&_gid=1686455679.1701543266&_u=QACAAEAACAAAACAAI~&z=578614194

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://salem-news.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 02 Dec 2023 18:54:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://salem-news.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
32ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-31945348-1&cid=370154182.1701543266&jid=62355967&_u=QACAAEAACAAAACAAI~&z=1040878793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:54:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 67ms
46ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-31945348-1&cid=370154182.1701543266&jid=62355967&_u=QACAAEAACAAAACAAI~&z=1040878793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:54:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
45ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=2169335244000908&bg=!mJulm9TNAAY3kmNgF5I7ADQBe5WfOOonTkveJX5Js3lKPzqFNf3O4tVs1_fTY3a6EKXKF1NFKQqAysAQeqyR9NtSbRZiAgAAACxSAAAAA2gBB5kC0S18M9BL1wC4rAqVnVCr1JJ1PBHzbWG6UslWRHfmATQhV36Uq7AVS-yO6TCiR0TzhrUfvn_YD76MnUJ-vzhYN_mawsGtYruWUeTHU9f8yiHDPpyLqwdieXFPUgMRM7uRVFPzbUSS4vpXulUtInXhlvL2XJnXNQOZXj0zIkLCGaL3-BMp7G-_Ac-tNkXFopvy2jbm2ht-delNBmdMCeAU1i6qova8VugZecrqwbqzsFLzjLVNUvk1bnu6BErxOe6LDvtz51rPhxbF6mA0w1r9T3gaynvL0dJilJt5_ZGa7BsNTpNAvtTAGj3FDCz2T8LEpyEJSwVPEFmLMoQkweeUg_P6jgbHvXZkCeqNT8ci-XW2UlNflLBD3n_9V8PpKGTgHVIP0XWiahKWfqZ3xRIeLfjVciISBr34YmBDugkasbn13YeRxhIOjw61565eqeUQXXZECLh6CjFM_kX9uGosuvilE3AHysLMYIaEIrXcniRXpOIcW7KLeR4RJNVTwXlqjVsTuHz_Oevw0fwCyIfKKi-OkvuVo6PY_sa9HBPxqkTGwIA4WOkO2pu1_JN1aZ-CxocqbHhhCuDGR8DjJjeIN9l5lmefV8kO2-DK-BFjg2oShDDt1mG_YxSASg68g7ePspE35pkjI1sWhj9EiHKGRiiLwljFfypxK5jY4mBmiJWmcoYca5OaYmJfe1Kms9kIAsP299iRRnqWuigmxRhd6AkO_tWHhLTQQYy5vYmX4FUvWzyJ3QtDmi1i6D6rN3Yh909A7nxdLpmDHB8n_feOPuj5BEq5u-K3fFa1TtmJWul-8NNec5rUNFEhCCdUUeUJxMlEmzd23jT_yImbv9shd3MlztkPhFdqB5gKB0njboLWFZOXcrlmn7XVXeWMGN6zftD8Pfc1Xu-PH5Z6o31lY77wC3J5FKsYV1wX49_81FyqWkzf9TaRHXOJAWw3H5OAe48
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://salem-news.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 40CA 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTwa-Q8-p7WmX-CZido5CMnE27yUmpNN8lE-yF0ALG1SPXPSOeCopmrPlW6K6iR4KECh_8PwILZjZMDhf_nzgMYM6EACCgeb7E_a5_rmNn8K-NTWPTfzfVndMY-YK4l5YvVz8sgsl2Tzx_&sai=AMfl-YTetp53sBiwyQW74S_hH85gECPX3pFQlIH0zI7el7-a1NWIaDO8kzrVgj8jsOpG1aVPAmDpeasJZg4FVr-F6aG7hZNWqtfCZkZije235tzTqBnjy1RNzxrguJSITdSsrfLCWjLbqKrZPIpKTYw25h7z1B6rAuPQkHY&sig=Cg0ArKJSzMfsKMjMKkYlEAE&cid=CAQSTgDICaaNo3Rrtw79iLoBqDxChVun0rTgzZSKMAOKOUmBLpIHwZpiqlyzvfNBdadw1uHj-vhBAs7_YqwRkLuj6fGP7hWh2xHYWPUCpswndxgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3720366759&rs=2&la=0&cr=0&vs=4&r=v&rst=1701543266150&rpt=704&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 02 Dec 2023 18:54:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paypal.com/	1970-01-21 02:15:03	Name: ts Value: vreXpYrS%3D1796237665%26vteXpYrS%3D1701545065%26vr%3D2be1c5e218c0a55078b982dcf9e53ebf%26vt%3D2be1c5e218c0a55078b982dcf9e53ebe%26vtyp%3Dnew
.paypal.com/	1970-01-21 02:15:03	Name: ts_c Value: vr%3D2be1c5e218c0a55078b982dcf9e53ebf%26vt%3D2be1c5e218c0a55078b982dcf9e53ebe
.salem-news.com/	1970-01-21 02:15:03	Name: _ga Value: GA1.2.370154182.1701543266
.salem-news.com/	1970-01-20 16:40:29	Name: _gid Value: GA1.2.1686455679.1701543266
.salem-news.com/	1970-01-20 16:39:03	Name: _gat Value: 1
.salem-news.com/	1970-01-21 02:15:03	Name: _ga_VLL8LGN9EP Value: GS1.2.1701543266.1.0.1701543266.0.0.0
.salem-news.com/	1970-01-21 02:00:39	Name: __gads Value: ID=1c0985a17b8730aa:T=1701543266:RT=1701543266:S=ALNI_MYOshGWZtToJrxqXMLTAqwB1K7kFQ
.salem-news.com/	1970-01-21 02:00:39	Name: __gpi Value: UID=00000d01a6c7946f:T=1701543266:RT=1701543266:S=ALNI_Mbypu_EkKPkl_rlqpbfcHmNsNcZAQ
.doubleclick.net/	1970-01-20 16:39:06	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:00:39	Name: IDE Value: AHWqTUm7eKu0ToORCib45wl-2GTEKV9nytn7lAhTbAup2H-_vYcwLIilvJgm1viurUo
.doubleclick.net/	1970-01-20 16:39:04	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 18:48:39	Name: ar_debug Value: 1
.salem-news.com/	1970-01-20 16:39:03	Name: _gat_awxoapTracker Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: [Report Only] Refused to frame 'https://www.gofundme.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors gofundme.com .gofundme.com .hopin.com".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.gofundme.com
cdn.transcend.io
fonts.googleapis.com
fonts.gstatic.com
gateway.gofundme.com
googleads.g.doubleclick.net
oap.accuweather.com
pagead2.googlesyndication.com
region1.google-analytics.com
salem-news.com
snap.licdn.com
stats.g.doubleclick.net
sync.transcend.io
tpc.googlesyndication.com
vortex.accuweather.com
www.accuweather.com
www.gofundme.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
13.32.27.118
151.101.1.21
18.239.94.30
192.229.221.25
192.241.229.70
2.17.179.163
2001:4860:4802:32::36
216.58.206.34
2600:9000:2447:5400:2:8531:afc0:93a1
2600:9000:2644:3a00:a:de49:b100:93a1
2a00:1450:4001:802::2004
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c0c::9a
2a02:26f0:480:3::210:ee8f
65.9.66.127
0053aaaa79ecdcd48e89d0d2125e6a420e44be52c82fc48fcfaa8689d76758a8
032a8e307993735afc56cc3d3ee8d6e48ed2ac1ed355c7c64cd8487030eb622a
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0d99bd043a9640054fea34d71e6643856a431d41798d2d4483e2169f63804dfa
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
116c2f88c506b85750e80ada533a5dd3ce603f5fc627a9b196c4f5689b6f79c7
116c7e22845f8c8784d4633bc3170e02c6a12e8c7e56ed29e7250aafbe693953
134e1f5b534c68700dca4e7b9f91e7ff5123e11d2efdd6e54c846ca053b973a7
14a87b6e63904d54827a1573d793b9ea5af55a7e5636fdeb7733a79d7dbecee7
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
188bb1d3367ca5f38f23691125569df1cf1f98bfc6c96105758cb9c5e0f6aece
196c4f2450ae13e19621c2ecadbd2e178360d182312c6c01ef56e0f2ff4323f9
19adb8e1f6960d45a05c1a04f63a9d656706bb345a630d31e0042e2c77cf4ffa
19f4edf9189f8d003c27b29fcb6f1f1085660470101374fda6648c41d4280a60
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1be4cf253c424652647839d16c2b34b2ca8d8b1e5d216b7f3dfc68bd187f8867
25b3ea23988624592d1290004418dc7d0066a4a5087656d1bcf650a2e0c983ce
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f7b5f6365163c37daeefc494f041cd181de38fbf9499e68da1de2eab10feab3
2f85f7bf91ca6c32ce88373355f45e4d9f8ef5108456bee9031038fd1ac53d09
3077aac5c53527a4764bf45c64154cea8921af2da25096c28ee403b579c9b029
30c377bd73a0c3aec0c23d1546fd2bdf8b564817b75a8b8cfcde7c542cd736d5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33a91bd6d378215fcd413c279aa88d48bda6c8b2ef7695892777c87de37de256
35fba4016e9499e1fe4c5f2b72d18146207960f09da0fef4898ea74a86ed34d6
37bd58d8ac13064a13f443f0d285393c645e5292f90f55273ed72da7936f5832
38df18981c07411b258a130996357394cbdad9df24b7cb96c62db02214d43ca4
3a93180ffd33f76e71235602836bbdc16822ebff5209da7d2015ad4353d34f9e
3b3a565398ec361ad761f8d6a94cbbbc31603e9484c70b84a01d210fd2b5e15e
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3d8f46e9931e4cceab7104a18bdd2c7fcacf5e28e8b967cc9936762f3b2b920d
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
43c8024ea22de1aee05a017907ce857fd3b53ffb32f93dc94c68bc0c16af50b7
46c3ba83e97a2903af8cd0138d88f3e95c63a68290b711e615c2aeb9ed4b586f
48048f34cf11962d4837a2f1f659afd79b26f76e519de06239a55275280ac8d5
4b1631c611c13425f58f76a0e8252f5a4c4ec4cdd9235b88a734b419e1d03e53
4b28206a13b0f6352988ec154ed3ea6636a9e0e74a74f1b4f3abfbddede09cf4
4c9c0bd30ea7c18ad8eaec470ca5d594a0b43291cd814f15c10485e23fc100e7
5057f243a74669066cd09e0b4fbb01018d119b3eb24414389106a175dc2f64cf
52ae61c0720ae779b166ba75eb15923913725a390383be86868c33bfc191c1fe
55380e58ed3ded7e334522936f36fa41165a06efe7a6120b6da630574a160aa2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565094c22d6752044ea6fd47d572c205542e867bca1ee533c648a2c506087aee
56d89b377215a2306e4ff05be06b585078ec0e1af709beeee704d602df5d96a2
580639228472737e0702fdc4c587ef1ff7ca2f7a1f099d9f1d831fd169a9080a
5de17a06142490aa81f4f131c6554accbc24383992f00df1663e240881a2e891
5fe7d225fa2af2d7a7faafb430f93c1910b58cbf8d9761c5f14fcd9e9f75aa0d
60daeea203aee456b836e399b25d5677bce0c2076d228807f2cfc95de4930074
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
640c9cbb97ba18dc1bcde7f36eed441db79a02b0912d0f4325d4b475d3b84565
66a90fc0eab330da5d186b06a1f7526e7ce7ec0dddeaf42ede8bab46429aad6c
67abb48de10855a099eb2f3fbc6e1256d4027e2905bea1cc0700ab5a299fb490
67c9becbda158bb8b5be6f6e6a6c55c48e7a2f11ac473bb55e0be86a533b5dfe
67f84c2da68c280ef9e1a68357a14c50955602a162088bfc6c1b75d61a06b8b4
69a7fc2f1fc7012efd2b677b916dd33a500f98428e214db1c34a87b9baa0aa19
69bde83057e3e3193b6b27e7e7a1fa6c31e0a15cee27553b8ec526bfcd9188d1
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6d777e128fb84a4ecd883849c0d7f3ea2d90c0360965ad5fc870715e9fc45022
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
700afc566672b794789c1a2e5671be9b4f63b330a91f982342a7ff9010ec97f1
7387021408574afb13687c47d583f43c70cf9511d5dfd772be64f8ec975895a8
7473bc597d499a69d196a66572dac2f92a1108c9e698dd52565ce150008e2c80
7485f98c769235c979c928fb91bd85dbbaa634ce06e7b7f2041801967a4939f4
7552de241abd01d675b1f18165b19887978f59cb023b4f76bd9fa6448fac6f0c
765aaacbe9b34b21f019208ed14620d557cb039cd22a68019104a8e7d7da7702
7846b5904b602bd64bea1eb4557c03b09dabc580b07f18b8d1567d1345f0a040
7d2eb555e59265345971b7c22235e9d26bbd3019d1a688e8fbacd6bed0ed2bc1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ea1fa6dd07a757f7c271f640f0c984180f46e001ad52c663fe3e827766dc79
89743cbd09c8fe6c1738afcc3ceaaaae1d13193d5b066c1b3fcf3945b7c3d9b9
89fed9e209d6a8fbbd713449160af0bbb37c92d61d4b7d4ef42b13bb3ed76df8
8ae54aefc607778dc3907fb07fb0dd871d70dd258abd89ca0d6259669073d647
8fe6acb606204bb51fd9130bca281a23ad25aafaf98e912bca79323adbb14c67
90354c2817fc223875574baffd036bb1041d5f56de7028eb724a5c3941691e6e
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
9843d04261fa1702f892e164c89479cabfa8ee9923bfc536ad12c5771dd9ff3f
9aec1dbe7374063ae2a777d91c1caa0216e35d0b1536bb5674e2e83cf36f3f2d
9bb30e2bc446aa2301690bf87752244412e4e23f2756a0f4839539cca6dc9174
9d21419a8c51578a659b5f1871f155cdb61775ba3efd4a4c8e3aadb7604ced6e
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a0b2f568eefa7fc7fe8fb3ba8758ca7e8e9db78b2f7aa2cd0f0505109c0c577d
a4471af875ca2c441d8b82ccc89c3a2cbd43bc53a25a87f230046b0176c2e595
a5c42a65ca37c60e289e38521c822c73dff57156d9da86fee8f39012c0d5d05e
a7e57d2c9b793a1704cf7100df44c7ffedc1c9354df7f0fc7b989b42010ee86c
a7e943ef5e30e220196f66d125e9840c4f13acd9d6bf933c05696a85ec983a75
a82328fa8918a5c92717a60ac8026959f9089783088dc3cc1b6f7d6e03fe6900
a87ecc29279c740015f9460447e8bf465401d93faa38c171399c549cbd0feb7d
acba35f81cb42520870d3f065e20322b4a02942c2fb39d7e7ab788fefe65085e
adbda63eddcb8adba7a43fe15c6d0bec2367695e2074b5b96270c2bf5813cf66
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af9a57271ee08c3ab3dafcb1c35e5e881721f89b33f33173531ef4a151af1201
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b7a16954120a4fcc5e1214138706474f4dbca9cfa7cd15eaa3cf615e382a2b3c
b7b777b658f7d547e39e268662498f378ba5e39f6c32347f825b5b7ccfaccda3
bc5d352be9fcdb0f9483ba4abc3f87322d2f29fca5d7d4e7503133ad659f008b
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
bfcc9c4a8d874c2f858efdadcb0f4f1f3d9a1b8a395b8ebeb6031944da4eb4a1
c06e4410d24951c9bc4e29dad8151c1763a8e0200d518199c7ff5980997b5122
c115adf4dd85c1f13fd4723cf45e4c21f83bf1607b2cf803fac917f4e3513829
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1f37beaead769da889ea47445b6780280f330c7b4d7414450608d5baafca2f5
c32d0654f562632c8e2588ca33800e1b70161f2435e977125fd6eee0709be82a
c66edf77e0f8f8f549672123f9e5d3d6a7b05c3e592450028eabde53346bd55d
c6ff7da07b2db565d5bbbe4f57c52f5bd44ef3819a2c48ed02ca9f312fbef287
c79f29371229689e06a0000378321ea423e087047795d3519c3d05ae19038e80
d09aaa440416576f53833003f60a324cc907c346e3fb49d0b644d731a8558913
d0bebe3e386244b7b2dab06bef1bf2ed47f33b550cb391103771a58d74c48f25
d175ae345afe14519bca3ebe152a9f863e5116f8993a641c26f619f926436df0
db268ef2c97a3b9a76fa1c401b67031c11efb3ba072231b576d2733ce7f67941
ddf8e3efe47854d847fe89f7035bef1e4d1839cca355b437166ad62a4ef216ce
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e07b2c0c2abbe3dd90e211312b921dfbdf96af044c0925555ef0735b109b0f8b
e10160ba40661d947c08e0e9671df881c6bcfecf054888ad323e7362225566d9
e15be8b05d69ccad0da49bec0980b8aa124e204954d36b0de56efa1039e090ef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46c3cf698504822a851df2c84cdcca9f62c2c09890f083541bb50ea016478db
e6969ac810744e45841920273702f7b5eea59b1bd4b963ba052f48b7d655a11d
e75ef3c11d0d3b2f841e8e07a6f82bdd8b3e54085997418ef107479efebbcf09
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e34e6156e006e95579f7fd649583a85175b331452c3cb0aac883c472cee0fe
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5d22eee47a54fec107105abfb733e0759d69bfab519a5e2370321e5ae6c7b70
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fbd9d31a2a3e4eb50342e65b3fca5ee367cfdb626f85571bca56376fd9fcc7f9
fdad85fd06357e62d3b63d49ffc4b352db761a8c31db32aec67ba981f303f7fc
fe188a12938cd48042a6dd4536b0c233ab40714ac48833dee2b6408e668ed6ed
ff49390548cbc5d60c6818a07f846df7b2d0e1756832cee5b325577ec1e8378d

salem-news.com Open in urlscan Pro 192.241.229.70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

157 Requests

62 %HTTPS

68 %IPv6

17 Domains

27 Subdomains

25 IPs

3 Countries

2782 kBTransfer

7307 kBSize

13 Cookies

28 Outgoing links

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

salem-news.com Open in urlscan Pro
192.241.229.70 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

62 %
HTTPS

68 %
IPv6

17
Domains

27
Subdomains

25
IPs

3
Countries

2782 kB
Transfer

7307 kB
Size

13
Cookies

157 HTTP transactions
3 data transactions