www.eastbaytimes.com Open in urlscan Pro
192.0.66.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.eastbaytimes.com/
Effective URL:
https://www.eastbaytimes.com/
Submission: On December 20 via api (December 20th 2021, 7:44:57 am UTC) from BE — Scanned from DE

Summary HTTP 218 Redirects Links 43 Behaviour Indicators

Summary

This website contacted 68 IPs in 7 countries across 50 domains to perform 218 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.eastbaytimes.com.
TLS certificate: Issued by R3 on November 9th 2021. Valid for: 3 months.

This is the only time www.eastbaytimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 29	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
5	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.97 143.204.98.97	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	143.204.103.120 143.204.103.120	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.94 143.204.98.94	16509 (AMAZON-02) (AMAZON-02)
12	143.204.98.5 143.204.98.5	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:215... 2600:9000:2156:ba00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.82.152.48 13.82.152.48	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.103.127 143.204.103.127	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
15	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:e00... 2a04:4e42:e00::282	54113 (FASTLY) (FASTLY)
1	44.231.115.63 44.231.115.63	16509 (AMAZON-02) (AMAZON-02)
3	54.167.130.168 54.167.130.168	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.98.32 143.204.98.32	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	143.204.98.4 143.204.98.4	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.54 143.204.98.54	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
2	2600:9000:215... 2600:9000:2156:5a00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	143.204.98.87 143.204.98.87	16509 (AMAZON-02) (AMAZON-02)
1	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.29.163.83 52.29.163.83	16509 (AMAZON-02) (AMAZON-02)
1	104.111.248.191 104.111.248.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.80 178.250.2.80	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2600:1f18:730... 2600:1f18:730:b120:5b38:df27:617f:9396	14618 (AMAZON-AES) (AMAZON-AES)
1	52.5.181.6 52.5.181.6	14618 (AMAZON-AES) (AMAZON-AES)
1	108.128.243.153 108.128.243.153	16509 (AMAZON-02) (AMAZON-02)
4	13.85.16.224 13.85.16.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.217.200.209 52.217.200.209	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
8	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	178.18.231.144 178.18.231.144	50952 (DATAIX-AS...) (DATAIX-AS Peering Ltd.)
3 6	107.23.11.80 107.23.11.80	14618 (AMAZON-AES) (AMAZON-AES)
1	2.16.186.168 2.16.186.168	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
1 11	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	2600:1f18:444... 2600:1f18:444a:4602:2c20:3113:5c28:1366	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.249.17.6 34.249.17.6	16509 (AMAZON-02) (AMAZON-02)
1 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
5 5	18.194.0.84 18.194.0.84	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	104.26.4.15 104.26.4.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
2	13.69.106.88 13.69.106.88	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	3.124.152.181 3.124.152.181	16509 (AMAZON-02) (AMAZON-02)
218	68

29 192.0.66.2 (San Francisco, United States) 1 redirects

ASN2635 (AUTOMATTIC, US)

www.eastbaytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-97.fra50.r.cloudfront.net

mng-eastbaytimes.zeustechnology.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.103.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-120.fra50.r.cloudfront.net

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-94.fra50.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 143.204.98.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-5.fra50.r.cloudfront.net

p192.eastbaytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:ba00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.82.152.48 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prodmg2.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.103.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-127.fra50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loader-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fp-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g2insights-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ayc0zsm69431gfebd.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:e00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.231.115.63 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-115-63.us-west-2.compute.amazonaws.com

session.eastbaytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.167.130.168 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-130-168.compute-1.amazonaws.com

digitalfirstmedia.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-32.fra50.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-4.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-54.fra50.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

dfm-contracostatimes.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:5a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.87 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-87.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.163.83 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-163-83.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.248.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-248-191.deploy.static.akamaitechnologies.com

s.btstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.80 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

3pd.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b120:5b38:df27:617f:9396 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.5.181.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-181-6.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.243.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-243-153.eu-west-1.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-dfm-proxy-connext.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.200.209 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

578503375baa91212133b64501bdf37a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.18.231.144 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)

js.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 107.23.11.80 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-11-80.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.168 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-168.deploy.static.akamaitechnologies.com

sli.eastbaytimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:444a:4602:2c20:3113:5c28:1366 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.17.6 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-17-6.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.194.0.84 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-0-84.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.4.15 (United States)

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.88 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.152.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-152-181.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	eastbaytimes.com 1 redirects www.eastbaytimes.com p192.eastbaytimes.com session.eastbaytimes.com sli.eastbaytimes.com	811 KB
25	googlesyndication.com 1 redirects pagead2.googlesyndication.com 578503375baa91212133b64501bdf37a.safeframe.googlesyndication.com tpc.googlesyndication.com	269 KB
14	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	229 KB
13	liadm.com 4 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com i.liadm.com i6.liadm.com	20 KB
11	adnxs.com ib.adnxs.com cdn.adnxs.com ams1-ib.adnxs.com	75 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com	309 KB
10	ayc0zsm69431gfebd.xyz cdn.ayc0zsm69431gfebd.xyz	205 KB
6	googletagservices.com www.googletagservices.com	202 KB
5	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	amazon-adsystem.com c.amazon-adsystem.com	77 KB
4	adsrvr.org 2 redirects match.adsrvr.org insight.adsrvr.org	1 KB
4	azurewebsites.net prod-dfm-proxy-connext.azurewebsites.net	351 KB
4	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com	8 KB
4	criteo.com gum.criteo.com bidder.criteo.com 3pd.criteo.com	2 KB
4	rlcdn.com check.analytics.rlcdn.com ats.rlcdn.com api.rlcdn.com	76 KB
4	p-n.io cdn.p-n.io k.p-n.io	57 KB
3	azureedge.net loader-cdn.azureedge.net fp-cdn.azureedge.net g2insights-cdn.azureedge.net	238 KB
3	blueconic.net digitalfirstmedia.blueconic.net	2 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	90 KB
2	visualstudio.com dc.services.visualstudio.com	601 B
2	addthis.com 1 redirects x.dlx.addthis.com	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	clean.gg i.clean.gg	15 B
2	moatads.com js.moatads.com	844 B
2	google-analytics.com www.google-analytics.com	21 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	762 B
2	googletagmanager.com www.googletagmanager.com	148 KB
2	msecnd.net az416426.vo.msecnd.net	44 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	osano.com cmp.osano.com	101 KB
2	zeustechnology.com mng-eastbaytimes.zeustechnology.com	116 KB
2	jsdelivr.net cdn.jsdelivr.net	98 KB
1	db-ip.com api-mg2.db-ip.com	876 B
1	google.com 1 redirects www.google.com	299 B
1	taboola.com trc.taboola.com	240 B
1	mathtag.com 1 redirects sync.mathtag.com	676 B
1	adnxs-simple.com acdn.adnxs-simple.com	39 KB
1	amazonaws.com paywall-ad-bucket.s3.amazonaws.com	1 KB
1	thebrighttag.com s.thebrighttag.com	1 KB
1	btstatic.com s.btstatic.com	13 KB
1	3lift.com tlx.3lift.com	1 KB
1	rubiconproject.com fastlane.rubiconproject.com	3 KB
1	casalemedia.com htlb.casalemedia.com	397 B
1	disqus.com dfm-contracostatimes.disqus.com	2 KB
1	privacymanager.io geo.privacymanager.io	604 B
1	criteo.net static.criteo.net	38 KB
1	polyfill.io polyfill.io	581 B
1	parsely.com cdn.parsely.com	21 KB
1	windows.net prodmg2.blob.core.windows.net	144 KB
1	auth0.com cdn.auth0.com	38 KB
218	50

	Domain	Requested by
29	www.eastbaytimes.com	1 redirects www.eastbaytimes.com cmp.osano.com
13	pagead2.googlesyndication.com	az416426.vo.msecnd.net mng-eastbaytimes.zeustechnology.com www.eastbaytimes.com www.googletagservices.com acdn.adnxs-simple.com googleads.g.doubleclick.net
12	p192.eastbaytimes.com	www.eastbaytimes.com p192.eastbaytimes.com cmp.osano.com az416426.vo.msecnd.net
11	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net
10	googleads.g.doubleclick.net	mng-eastbaytimes.zeustechnology.com googleads.g.doubleclick.net www.eastbaytimes.com
10	cdn.ayc0zsm69431gfebd.xyz	cmp.osano.com
8	ams1-ib.adnxs.com	mng-eastbaytimes.zeustechnology.com www.eastbaytimes.com cdn.adnxs.com acdn.adnxs-simple.com
6	i.liadm.com	3 redirects cmp.osano.com i.liadm.com
6	www.googletagservices.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net acdn.adnxs-simple.com
5	x.bidswitch.net	5 redirects
5	fonts.gstatic.com	fonts.googleapis.com
5	c.amazon-adsystem.com	www.eastbaytimes.com c.amazon-adsystem.com
4	prod-dfm-proxy-connext.azurewebsites.net	cdn.ayc0zsm69431gfebd.xyz
3	i6.liadm.com	i.liadm.com
3	securepubads.g.doubleclick.net	cmp.osano.com securepubads.g.doubleclick.net
3	digitalfirstmedia.blueconic.net	p192.eastbaytimes.com cmp.osano.com
2	k.p-n.io	cdn.p-n.io
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	insight.adsrvr.org
2	x.dlx.addthis.com	1 redirects i.liadm.com
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	2 redirects
2	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	i.clean.gg	acdn.adnxs-simple.com
2	js.moatads.com	securepubads.g.doubleclick.net
2	cdn.adnxs.com	mng-eastbaytimes.zeustechnology.com
2	www.google-analytics.com	cmp.osano.com
2	bidder.criteo.com	static.criteo.net
2	sb.scorecardresearch.com	1 redirects www.eastbaytimes.com
2	b-code.liadm.com	cmp.osano.com
2	ads.pubmatic.com	cmp.osano.com
2	www.googletagmanager.com	cmp.osano.com
2	ats.rlcdn.com	cmp.osano.com
2	az416426.vo.msecnd.net	www.eastbaytimes.com cmp.osano.com
2	cmp.osano.com	www.eastbaytimes.com cmp.osano.com
2	cdn.p-n.io	www.eastbaytimes.com cmp.osano.com
2	mng-eastbaytimes.zeustechnology.com	www.eastbaytimes.com
2	fonts.googleapis.com	www.eastbaytimes.com googleads.g.doubleclick.net
2	cdn.jsdelivr.net	www.eastbaytimes.com cdn.jsdelivr.net
1	api.rlcdn.com	az416426.vo.msecnd.net
1	api-mg2.db-ip.com	cdn.ayc0zsm69431gfebd.xyz
1	www.google.com	1 redirects
1	trc.taboola.com	i.liadm.com
1	cm.g.doubleclick.net	1 redirects
1	sync.mathtag.com	1 redirects
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	sli.eastbaytimes.com	www.eastbaytimes.com
1	acdn.adnxs-simple.com	mng-eastbaytimes.zeustechnology.com
1	578503375baa91212133b64501bdf37a.safeframe.googlesyndication.com	cmp.osano.com
1	paywall-ad-bucket.s3.amazonaws.com	www.eastbaytimes.com
1	s.thebrighttag.com	cmp.osano.com
1	rp4.liadm.com	www.eastbaytimes.com
1	rp.liadm.com	1 redirects
1	3pd.criteo.com	static.criteo.net
1	image6.pubmatic.com	ads.pubmatic.com
1	s.btstatic.com	cmp.osano.com
1	tlx.3lift.com	mng-eastbaytimes.zeustechnology.com
1	fastlane.rubiconproject.com	mng-eastbaytimes.zeustechnology.com
1	hbopenbid.pubmatic.com	mng-eastbaytimes.zeustechnology.com
1	htlb.casalemedia.com	mng-eastbaytimes.zeustechnology.com
1	ib.adnxs.com	mng-eastbaytimes.zeustechnology.com
1	g2insights-cdn.azureedge.net	cmp.osano.com
1	fp-cdn.azureedge.net	cmp.osano.com
1	dfm-contracostatimes.disqus.com	cmp.osano.com
1	gum.criteo.com	cmp.osano.com
1	pixel.wp.com	www.eastbaytimes.com
1	loader-cdn.azureedge.net	ajax.googleapis.com
1	geo.privacymanager.io	ats.rlcdn.com
1	static.criteo.net	cmp.osano.com
1	check.analytics.rlcdn.com	mng-eastbaytimes.zeustechnology.com
1	session.eastbaytimes.com	www.eastbaytimes.com
1	polyfill.io	ajax.googleapis.com
1	stats.wp.com	www.eastbaytimes.com
1	cdn.parsely.com	www.eastbaytimes.com
1	prodmg2.blob.core.windows.net	www.eastbaytimes.com
1	cdn.auth0.com	www.eastbaytimes.com
1	ajax.googleapis.com	www.eastbaytimes.com
218	79

This site contains links to these domains. Also see Links.

Domain
www.medianewsgroup.com
www.accuweather.com
www.siliconvalley.com
thecannifornian.com
www.legacy.com
bang.theadhawk.com
checkout.eastbaytimes.com
eastbaytimes.com
mng-prod.auth0.com
enewspaper.eastbaytimes.com
myaccount.eastbaytimes.com
facebook.com
twitter.com
instagram.com
www.twincities.com
www.mercurynews.com
www.sgvtribune.com
www.bostonherald.com
eastbaytimes.ca.newsmemory.com
access.medianewsgroup.com
sponsor.medianewsgroup.com
eastbaytimes.newsbank.com
www.bayareanewsgroup.com
marketplace.bayareanewsgroup.com
homes.mercurynews.com
topworkplaces.bayareanewsgroup.com
www.digitalfirstmedia.com
eastbaytimes-ca.newsmemory.com
capublicnotice.com
vip.wordpress.com

Subject Issuer	Validity	Valid
eastbaytimes.com R3	`2021-11-09` - `2022-02-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.zeustechnology.com Amazon	`2021-05-15` - `2022-06-13`	a year	crt.sh
*.auth0.com Amazon	`2021-04-25` - `2022-05-24`	a year	crt.sh
pushlycdn.com Amazon	`2021-03-16` - `2022-04-14`	a year	crt.sh
u066.ocregister.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
cmp.osano.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2021-11-14` - `2022-11-14`	a year	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.eastbaytimes.com Amazon	`2021-12-13` - `2023-01-11`	a year	crt.sh
*.blueconic.net Thawte TLS RSA CA G1	`2019-12-04` - `2022-02-01`	2 years	crt.sh
analytics.rlcdn.com Amazon	`2021-08-26` - `2022-09-24`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
sni22a5dgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-08` - `2022-10-09`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.liadm.com Amazon	`2021-03-02` - `2022-03-31`	a year	crt.sh
sni1ad09gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-01` - `2022-11-01`	a year	crt.sh
sni1ad03gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-01` - `2022-11-01`	a year	crt.sh
sni9642gl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-20` - `2022-03-22`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
s.btstatic.com DigiCert SHA2 Secure Server CA	`2020-02-10` - `2022-02-17`	2 years	crt.sh
*.signal.co Entrust Certification Authority - L1K	`2021-01-26` - `2022-02-25`	a year	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 02	`2021-07-07` - `2022-07-07`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
sli.bayareanewsgroup.com R3	`2021-12-10` - `2022-03-10`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2021-12-19` - `2022-03-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 01	`2021-07-22` - `2022-07-22`	a year	crt.sh
*.p-n.io Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.eastbaytimes.com/
Frame ID: B8ABD1A243C0C9C2CD40F9548856CFA9
Requests: 142 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 36CF54D1C14CF67657CE0B68A8F15CAB
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.eastbaytimes.com&gdpr=1&gdpr_consent=CPRggwfPRggwfEXABADEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA
Frame ID: A8606E860E6FE1C49A31601B6C373C95
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160200&s=&predirect=&userIdMacro=&gdpr_consent=CPRggwhPRggwhEXABADEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&
Frame ID: 6404649D4ADF9EA017B1F9DB1D277D10
Requests: 2 HTTP requests in this frame

Frame: https://578503375baa91212133b64501bdf37a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8A5192C5DDAAA475321C30B776836C4C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 6B429B3EC5518D700C354E19F3DFB9ED
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: E346F920A30FC4709F33938D26B6F9FD
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js
Frame ID: CCBB17AC1A460789B5210DADB6F3F8FC
Requests: 14 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-04i2?s=&cim=&ps=true&ls=true&duid=a24f03d9278a--01fqbcsfb805k0w8ppjf0x1a1d&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Frame ID: 2260FA832CA0372671C1F7C5CF72A735
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Frame ID: 3C604A7B2672A16D8DE4753BEAF57B61
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2EC54C08C978F75773F32C3A52970069
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: D424E5AEEB598E401379EA661B3793C1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Frame ID: 263FA891456E5A3E628B08B111391AC9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

East Bay Times - Contra Costa and Alameda county news, sports, entertainment, lifestyle and commentarySchließen Sie diesen DialogSchließen Sie die Cookie-Einstellungen

Page URL History Show full URLs

http://www.eastbaytimes.com/ HTTP 301
https://www.eastbaytimes.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Signal (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

//s\.btstatic\.com/tag\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

218
Requests

87 %
HTTPS

36 %
IPv6

50
Domains

79
Subdomains

68
IPs

7
Countries

3861 kB
Transfer

12266 kB
Size

42
Cookies

43 Outgoing links

These are links going to different origins than the main page.

URL: https://www.medianewsgroup.com/privacy-policy/
Title: Datenspeicherungsrichtlinie

Search URL Search Domain Scan URL

URL: https://www.accuweather.com/en/us/walnut-creek/94596/current-weather/337291?lang=en-us&partner=mng_28
Title: Weather

Search URL Search Domain Scan URL

URL: http://www.siliconvalley.com/
Title: SiliconValley.com

Search URL Search Domain Scan URL

URL: http://thecannifornian.com/
Title: The Cannifornian

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/eastbaytimes/?_ga=2.161877052.1486875644.1541542006-42413358.1525709230
Title: Local Obituaries

Search URL Search Domain Scan URL

URL: https://bang.theadhawk.com/bang-adportal/obits/index.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://checkout.eastbaytimes.com/subscriptionmultiproduct?g2i_source=Event&g2i_medium=link&g2i_campaign=nav&g2i_or_o=event&g2i_or_p=nav&returnUrl=https%253A%252F%252Fwww.eastbaytimes.com%252F
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://eastbaytimes.com/login?returnUrl=https%3A%2F%2Fwww.eastbaytimes.com%2F
Title: Log in

Search URL Search Domain Scan URL

URL: https://mng-prod.auth0.com/v2/logout?returnTo=https%3A%2F%2Fwww.eastbaytimes.com%2F
Title: Logout

Search URL Search Domain Scan URL

URL: http://www.accuweather.com/en/us/walnut-creek-ca/94596/current-weather/39591_pc?lang=en-us&partner=mng_28
Title: 43°F

Search URL Search Domain Scan URL

URL: https://enewspaper.eastbaytimes.com/
Title: Today’s E Edition

Search URL Search Domain Scan URL

URL: https://myaccount.eastbaytimes.com/
Title: Manage Subscription

Search URL Search Domain Scan URL

URL: https://myaccount.eastbaytimes.com/ebt/preference
Title: Sign Up for Newsletters

Search URL Search Domain Scan URL

URL: https://facebook.com/eastbaytimes
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/eastbaytimes
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/ebtimes
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.twincities.com/2021/12/12/anonymous-person-sends-100-to-minnesota-school-library-64-years-after-losing-book/
Title: Anonymous Person Sends $100 To Minnesota School Library 64 Years After Losing Book

Search URL Search Domain Scan URL

URL: https://www.mercurynews.com/2021/12/12/her-husband-was-killed-even-after-months-of-frantic-police-calls-could-it-have-been-prevented/
Title: Her Husband Was Killed Even After Months Of Frantic Police Calls. Could It Have Been Prevented?

Search URL Search Domain Scan URL

URL: https://www.mercurynews.com/2021/12/12/as-californias-covid-cases-rise-antibody-treatments-go-unused/
Title: As California’s COVID Cases Rise, Antibody Treatments Go Unused

Search URL Search Domain Scan URL

URL: https://www.sgvtribune.com/2021/12/17/developer-used-stolen-taxpayer-funds-to-hire-andrea-bocelli-for-daughters-2-million-wedding-industry-alleges/
Title: Developer Used Stolen Taxpayer Funds To Hire Andrea Bocelli For Daughter’s $2 Million Wedding, Industry Alleges

Search URL Search Domain Scan URL

URL: https://www.bostonherald.com/2021/12/17/more-than-1000-have-asked-to-be-banned-from-massachusetts-casinos/
Title: More Than 1,000 Have Asked To Be Banned From Massachusetts Casinos

Search URL Search Domain Scan URL

URL: https://checkout.eastbaytimes.com/subscriptionmultiproduct?g2i_source=Event&g2i_medium=link&g2i_campaign=footer&g2i_or_o=event&g2i_or_p=footer
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://eastbaytimes.ca.newsmemory.com/
Title: Today’s e-Edition

Search URL Search Domain Scan URL

URL: https://access.medianewsgroup.com/d/bayarea
Title: Get Sponsored Access

Search URL Search Domain Scan URL

URL: https://sponsor.medianewsgroup.com/a/
Title: Sponsor a Group

Search URL Search Domain Scan URL

URL: https://eastbaytimes.newsbank.com/
Title: Archive Search

Search URL Search Domain Scan URL

URL: https://www.bayareanewsgroup.com/join-our-team
Title: Join our Team

Search URL Search Domain Scan URL

URL: http://marketplace.bayareanewsgroup.com/marketplace/
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://homes.mercurynews.com/
Title: Real Estate

Search URL Search Domain Scan URL

URL: http://bang.theadhawk.com/bang-adportal/obits/index.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: http://bang.theadhawk.com/bang-adportal/legals/index.html
Title: Place a Legal Notice

Search URL Search Domain Scan URL

URL: https://topworkplaces.bayareanewsgroup.com/
Title: Top Workplaces

Search URL Search Domain Scan URL

URL: https://www.digitalfirstmedia.com/advertise-with-us/
Title: MNG Network Advertising

Search URL Search Domain Scan URL

URL: https://eastbaytimes-ca.newsmemory.com/?marketplace
Title: Daily Ads

Search URL Search Domain Scan URL

URL: http://capublicnotice.com/
Title: Public Notes

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/copyright/
Title: Copyright ©2021 MediaNews Group, Inc.

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/accessibility-statement/
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/arbitration/
Title: Arbitration

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: Powered by WordPress.com VIP

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/california-consumer-privacy-act/
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: http://www.bayareanewsgroup.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.eastbaytimes.com/ HTTP 301
https://www.eastbaytimes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1639986281699&ns_c=UTF-8&c8=East%20Bay%20Times%20-%20Contra%20Costa%20and%20Alameda%20county%20news%2C%20sports%2C%20entertainment%2C%20lifestyle%20and%20commentary&c7=https%3A%2F%2Fwww.eastbaytimes.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1639986281699&ns_c=UTF-8&c8=East%20Bay%20Times%20-%20Contra%20Costa%20and%20Alameda%20county%20news%2C%20sports%2C%20entertainment%2C%20lifestyle%20and%20commentary&c7=https%3A%2F%2Fwww.eastbaytimes.com%2F&c9=

Request Chain 104

https://rp.liadm.com/j?dtstmp=1639986281999&aid=a-04i2&se=e30&duid=a24f03d9278a--01fqbcsfb805k0w8ppjf0x1a1d&tna=v2.3.0&pu=https%3A%2F%2Fwww.eastbaytimes.com%2F&us_privacy=1---&wpn=lc-bundle&gdpr=1&gdpr_consent=CPRggwiPRggwiEXABADEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&c=PHRpdGxlPkVhc3QgQmF5IFRpbWVzIC0gQ29udHJhIENvc3RhIGFuZCBBbGFtZWRhIGNvdW50eSBuZXdzLCBzcG9ydHMsIGVudGVydGFpbm1lbnQsIGxpZmVzdHlsZSBhbmQgY29tbWVudGFyeTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkVhc3QgQmF5VGltZXMgaXMgdGhlIGxlYWRpbmcgc291cmNlIG9mIGJyZWFraW5nIG5ld3MsIGxvY2FsIG5ld3MsIHNwb3J0cywgZW50ZXJ0YWlubWVudCwgbGlmZXN0eWxlIGFuZCBvcGluaW9uIGZvciBDb250cmEgQ29zdGEgQ291bnR5LCBBbGFtZWRhIENvdW50eSwgT2FrbGFuZCBhbmQgYmV5b25kIj48aDEgY2xhc3M9ImN1c3RvbS1sb2dvIGxvZ28iPjxhIGhyZWY9Imh0dHBzOi8vd3d3LmVhc3RiYXl0aW1lcy5jb20iPjxpbWcgc3JjPSJodHRwczovL3d3dy5lYXN0YmF5dGltZXMuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy8yMDIwLzA5L0VCVElNQUdFcG5nLnBuZyIgYWx0PSJFYXN0IEJheSBUaW1lcyIgd2lkdGg9IjcxNCIgaGVpZ2h0PSI4MyI-PC9hPjwvaDE- HTTP 302
https://rp4.liadm.com/j?dtstmp=1639986281999&aid=a-04i2&se=e30&duid=a24f03d9278a--01fqbcsfb805k0w8ppjf0x1a1d&tna=v2.3.0&pu=https%3A%2F%2Fwww.eastbaytimes.com%2F&us_privacy=1---&wpn=lc-bundle&gdpr=1&gdpr_consent=CPRggwiPRggwiEXABADEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&c=PHRpdGxlPkVhc3QgQmF5IFRpbWVzIC0gQ29udHJhIENvc3RhIGFuZCBBbGFtZWRhIGNvdW50eSBuZXdzLCBzcG9ydHMsIGVudGVydGFpbm1lbnQsIGxpZmVzdHlsZSBhbmQgY29tbWVudGFyeTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkVhc3QgQmF5VGltZXMgaXMgdGhlIGxlYWRpbmcgc291cmNlIG9mIGJyZWFraW5nIG5ld3MsIGxvY2FsIG5ld3MsIHNwb3J0cywgZW50ZXJ0YWlubWVudCwgbGlmZXN0eWxlIGFuZCBvcGluaW9uIGZvciBDb250cmEgQ29zdGEgQ291bnR5LCBBbGFtZWRhIENvdW50eSwgT2FrbGFuZCBhbmQgYmV5b25kIj48aDEgY2xhc3M9ImN1c3RvbS1sb2dvIGxvZ28iPjxhIGhyZWY9Imh0dHBzOi8vd3d3LmVhc3RiYXl0aW1lcy5jb20iPjxpbWcgc3JjPSJodHRwczovL3d3dy5lYXN0YmF5dGltZXMuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy8yMDIwLzA5L0VCVElNQUdFcG5nLnBuZyIgYWx0PSJFYXN0IEJheSBUaW1lcyIgd2lkdGg9IjcxNCIgaGVpZ2h0PSI4MyI-PC9hPjwvaDE-&i6=MjAwMTphYzg6MzY6NjoyMDY6OjE%3D&n3pc=true

Request Chain 165

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC38N_xmQEQ6AcY6AcyCPnFKNiPI2N_ HTTP 301
https://tpc.googlesyndication.com/simgad/9861535539036549230

Request Chain 188

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-04i2/0/135281544f204c748e990961c50a3c00?mpid%3D7156%26muid%3D%5BMM_UUID%5D&26c2ce5b-6407-4994-8ee1-8372c5cacfdf&us_privacy=1--- HTTP 302
https://i.liadm.com/s/e/a-04i2/0/135281544f204c748e990961c50a3c00?mpid=7156&muid=c59f61c0-346b-4e00-b1d4-44aefa037c85

Request Chain 189

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1--- HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1--- HTTP 302
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=4b4fb9b1-6a8d-467e-8040-cc93fed88c39 HTTP 303
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=4b4fb9b1-6a8d-467e-8040-cc93fed88c39

Request Chain 190

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-04i2%2F0%2F135281544f204c748e990961c50a3c00%3Fmpid=82775&muid=$%7BDD_UUID%7D?us_privacy=1--- HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-04i2%2F0%2F135281544f204c748e990961c50a3c00%3Fmpid=82775&muid=$%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-04i2/0/135281544f204c748e990961c50a3c00?mpid=82775

Request Chain 191

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&us_privacy=1--- HTTP 302
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&us_privacy=1---&rd=Y

Request Chain 192

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1--- HTTP 302
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=eaf80285-641a-46ff-9319-dfebcc0da915 HTTP 303
https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=eaf80285-641a-46ff-9319-dfebcc0da915

Request Chain 193

https://x.bidswitch.net/sync?ssp=liveintent&user_id=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=liveintent&bsw_param=eaf80285-641a-46ff-9319-dfebcc0da915&google_hm=ZWFmODAyODUtNjQxYS00NmZmLTkzMTktZGZlYmNjMGRhOTE1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENv9zmmSK_zr3xCo2GTSTwI&google_cver=1&ssp=liveintent&bsw_param=eaf80285-641a-46ff-9319-dfebcc0da915 HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=eaf80285-641a-46ff-9319-dfebcc0da915 HTTP 303
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=eaf80285-641a-46ff-9319-dfebcc0da915

Request Chain 195

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

218 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.eastbaytimes.com/
Redirect Chain

http://www.eastbaytimes.com/
https://www.eastbaytimes.com/

275 KB
51 KB

46ms
14ms

Document
text/html

192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

eb51e6321f6a07376c577c6126c89e7725c982409514405abaef09c89e3143bc

Security Headers

Name

Value

Content-Security-Policy

default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Strict-Transport-Security

max-age=31536000;includeSubdomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 20 Dec 2021 07:44:40 GMT
content-type: text/html; charset=UTF-8
content-length: 51504
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.eastbaytimes.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/7ShK5>; rel=shortlink
x-rq: ams6 0 2 9980
cache-control: max-age=300, must-revalidate
content-encoding: gzip
age: 1478
x-cache: hit
vary: Accept-Encoding
accept-ranges: bytes
strict-transport-security: max-age=31536000;includeSubdomains

Redirect headers

Server: nginx
Date: Mon, 20 Dec 2021 07:44:40 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.eastbaytimes.com/

GET
H2 200 /
www.eastbaytimes.com/_static/ 102 KB
15 KB 14ms
13ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/_static/??-eJyNktFOwzAMRX8IN0JDQ31AiE9JE681c5IqdoT696Qt01qgiKfEvj7OtWLzMQJFx8WjGCdiPImajpO7AlOXbZ6M6MTYBIpNLXgwW+JdTEBPFhkDRt0FI9sJMzD21k3/w6u2jXeQS1HnmpFLT1FmjynAJWUYS8ckA2YxY6ru5zHmyyHqLwE0F9HqxJOzmioqapXcAn/X/vQxoM1XjGZxsfJfqdWYOyRD7MEWHWpufohSvJn4qTTLJ8hhLyFF2AWdjf12KHEZMf46imOqB4Ry75CdefNirAjquhghdcQI1g8o1RCsW1GV1/DyeD6157Y9PT1/AoFn4AA=

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b109a2a9a75008a9beaa77c21837bacc612b74cee2caf5452521852e9a008d24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Fri, 17 Dec 2021 00:02:27 GMT
server: nginx
age: 201582
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 15530

GET
H2 200 bootstrap-icons.min.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/ 56 KB
9 KB 72ms
30ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4791425
x-jsd-version: 1.5.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19154-FRA, cache-mxp6958-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"e199-MKfLdwDci4zij+cy307LMP/uJk4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6c073f2d894883b8-MXP

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 47ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=5.8.2

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3aa29d6340c1d354b2594b02413c66ec2775832ca183a3787514b03215069157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.eastbaytimes.com/
Origin: https://www.eastbaytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 07:44:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Dec 2021 07:44:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Dec 2021 07:44:40 GMT

GET
H2 200 /
www.eastbaytimes.com/_static/ 86 KB
17 KB 24ms
21ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/_static/??-eJyNjUsKAjEQRC9kpzP+GBfiWUKnHaL5YXcY5vYmoODSXVXBe4VrBSpZOSvW2JaQBf09gfOQihcUdRoISXqkF3M2KWTT6w5/yNTgCz9Yq6MnTNYcsStaZME1+IVVUEuFWkSHd4v8t2fcf4bB3NJ1Oh8up3k/W/sGYftFxQ==

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1acec2c5c795414b2cce688b0a3270a9b2b3f51bd594896e261010f61000be44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Wed, 15 Dec 2021 15:40:00 GMT
server: nginx
age: 174299
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 17050

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 52ms
11ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 610
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1TSAPDEDSENV9T2TMB6V
date: Mon, 20 Dec 2021 07:34:48 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZRb583He_b8q3R7iLIdqDS8DAMUAQXN0jGC7lC9GMnwQZs9N0WmHsg==

GET
H2 200 zeus-adapter.js Show response
www.eastbaytimes.com/wp-content/plugins/dfm_zeus/assets/dist/ 17 KB
6 KB 17ms
14ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-content/plugins/dfm_zeus/assets/dist/zeus-adapter.js?m=1639582800g

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

84c9c9d4de88f5cf5e9ed1803bc3dc4a3a60be607d5b1d1c690151144e6a8a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Wed, 15 Dec 2021 15:40:00 GMT
server: nginx
age: 201689
etag: W/"61ba0c50-43df"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 5667
expires: Tue, 20 Dec 2022 07:44:40 GMT

GET
H2 200 main.js Show response
mng-eastbaytimes.zeustechnology.com/ 221 KB
58 KB 38ms
9ms Script
application/javascript 143.204.98.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mng-eastbaytimes.zeustechnology.com/main.js
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-97.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c375b84e763e8bd62e10d50dad5e0c77219ddff4dae064e21f289a6d7e8cc398

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: aiClkDAgxzQzhiYMaby3SV.u9kP5Xtzx
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 18:35:40 GMT
server: AmazonS3
age: 3359
etag: W/"27e361d74ddbbdc3dbe4f4d11647fc5f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=3600
date: Mon, 20 Dec 2021 06:49:40 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5MuB1V36-eptnxMKp64IfVzxiAd0ANp7Po5SujDFelzeaTOUUlB78Q==

GET
H2 200 / Show response
www.eastbaytimes.com/_static/ 7 KB
2 KB 17ms
14ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/_static/??/wp-content/plugins/dfm_zeus/assets/dist/dfm-zeus-bundle.js,/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1639582800j

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

da640ae45fbcf4fb2cb9a590a3e223ef7e61be3ce5b77eb54552f6e1d8a4d1fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Wed, 15 Dec 2021 15:40:00 GMT
server: nginx
age: 201582
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 2355

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
88 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 00:01:42 GMT
x-content-type-options: nosniff
age: 459778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89476
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Dec 2022 00:01:42 GMT

GET
H2 200 loader.min.js Show response
www.eastbaytimes.com/wp-content/plugins/loader-wp/static/ 16 KB
5 KB 17ms
14ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
age: 3877051
etag: W/"61830d08-3e4a"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 5454
expires: Tue, 20 Dec 2022 07:44:40 GMT

GET
H2 200 global.js Show response
www.eastbaytimes.com/wp-content/plugins/bloom-for-publishers/lib/js/ 14 KB
9 KB 17ms
15ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-content/plugins/bloom-for-publishers/lib/js/global.js?m=1639582800g

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

041f41b6b98e101febe7d24b8d7fdd9fd696dabad0fbe296c978272491c2a791

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Fri, 17 Dec 2021 16:03:46 GMT
server: nginx
age: 201689
etag: W/"61bcb4e2-3985"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 8910
expires: Tue, 20 Dec 2022 07:44:40 GMT

GET
H2 200 auth0-spa-js.production.js Show response
cdn.auth0.com/js/auth0-spa-js/1.13/ 105 KB
38 KB 64ms
14ms Script
application/javascript 143.204.103.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/auth0-spa-js/1.13/auth0-spa-js.production.js?ver=5.8.2
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-120.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 6AzkYKZDwDnSxmQe5SqIWFlWTPBMtbyI
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 14:32:49 GMT
server: AmazonS3
age: 5422
etag: W/"8bea9e0d733d097381a1b5eb8c40983d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aab.cloudfront.net (CloudFront)
cache-control: max-age=10800,public
date: Mon, 20 Dec 2021 06:14:19 GMT
x-amz-replication-status: FAILED
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: In74G5BkgN66bsMH8rU8UwyrabVJPYxeyV8aomgLr-OcWalieAmhkQ==

GET
H2 200 / Show response
www.eastbaytimes.com/_static/ 115 KB
31 KB 17ms
15ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/_static/??-eJyt0MEKwjAMBuAXsi0ymfQgXn2Nrpaa0mTDpMzHNzsIGwge3CnJH/Id4ubJxJEkkbiptgzEDimb0OShGcQgMJJj0Rq/bCwGIDs0utdkCx/cv54eU3rJnuTSSk2olfd0G9zCgj1/oAySzGYYAuUPXFaZRX1m4Stejn3ne++707m8AQDdn5k=

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

45af391e553e1daeff476af88d25800dd037169145b04b456d20e510500215a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Fri, 17 Dec 2021 00:02:27 GMT
server: nginx
age: 201582
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 32167

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 296 KB
54 KB 68ms
20ms Script
application/javascript 143.204.98.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=jVaWZwiVJLZPQATfZvBdRlYI8yeoN9Y8bwWD&ver=5.8.2
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-94.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5c810abbf84d4d63085ac2896bb1cc14cd4e060f1e9166eb63879f266517700

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:41:06 GMT
content-encoding: gzip
last-modified: Mon, 13 Dec 2021 15:20:13 GMT
server: AmazonS3
age: 215
etag: W/"9d01a552889560cad924a28d67cf3420"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 12Lji4k7vUzOs2n-4uqfae_KZIzcQB2XxjgKlX6oabN39Zfs0itasQ==

GET
H2 200 dfm-pushly.min.js Show response
www.eastbaytimes.com/wp-content/plugins/dfm-pushly/static/js/ 160 B
206 B 21ms
19ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1639582800g

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Wed, 15 Dec 2021 15:40:00 GMT
server: nginx
age: 201689
etag: "61ba0c50-a0"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 160
expires: Tue, 20 Dec 2022 07:44:40 GMT

GET
H2 200 script.js Show response
p192.eastbaytimes.com/ 144 KB
43 KB 60ms
16ms Script
text/javascript 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p192.eastbaytimes.com/script.js

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-5.fra50.r.cloudfront.net

Software

- /

Resource Hash

40bc3208ad785d035cede16d8078a66949abff9b38b4be323a96add191ce601e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 43585
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Dec 2021 07:06:09 GMT
server: -
etag: fa7844edb05d2b2544b62c5c6db93594
content-type: text/javascript; charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: 6JgAR6bP7g94K59RwYxn4gcf6G7JGKmDtoEIg8EQ_3Drp9lsBu9EkA==
expires: Mon, 20 Dec 2021 07:49:22 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 417 KB
100 KB 35ms
11ms Script
application/javascript 2600:9000:2156:ba00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:ba00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

02b05ecea915fffbe48f3920e2f2c8248327827b62e8fcb3d59efdb29c058bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
x-content-type-options: nosniff
age: 30212
x-cache: Hit from cloudfront
date: Mon, 20 Dec 2021 06:58:48 GMT
content-length: 102005
x-xss-protection: mode=block
last-modified: Thu, 16 Dec 2021 01:15:47 GMT
server: CloudFront
etag: "eb4b4399f798babe399b9ec321710c86"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 70hbrfvPTf_XwTzv_gvSTv338OAfOOkNsoop-w-rklQIEYn7sf_lTQ==

GET
H/1.1 200
OK mg2nw.min.js Show response
prodmg2.blob.core.windows.net/newsletterwidget/mngcep/ 143 KB
144 KB 430ms
99ms Script
application/javascript 13.82.152.48
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prodmg2.blob.core.windows.net/newsletterwidget/mngcep/mg2nw.min.js
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.82.152.48 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c6dd85371ada6a77ee2ebc51b0ae9e48aca339c4bc2587a1e8e638d2016ec185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 20 Dec 2021 07:44:40 GMT
Last-Modified: Tue, 05 Oct 2021 13:00:39 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: 6BXSWoRxA3l7LFfl6gsOWg==
ETag: 0x8D98800215AA55E
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: a532a23e-901e-0063-2275-f5605a000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 146402

GET
H2 200 / Show response
www.eastbaytimes.com/_static/ 2 KB
956 B 21ms
20ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/_static/??-eJyNyzEOgCAMAMAPCUWNBgfjWwigFCloCvH7zm7efvBcwpZcfa5wpXZgZnA7CeMEFcfA1VS0EBlC4CRs8PaUhFlG7uD3dch348/eaO3ncZn0oJWKL0XLMFQ=

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d238270de539f85c1df5d20bbd5d6b8d729c433a64315629f87dbabce0bbafd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Wed, 15 Dec 2021 15:40:00 GMT
server: nginx
age: 201582
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 921

GET
H2 200 EBTIMAGEpng.png
www.eastbaytimes.com/wp-content/uploads/2020/09/ 13 KB
13 KB 15ms
14ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eastbaytimes.com/wp-content/uploads/2020/09/EBTIMAGEpng.png

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

005cc110b76c7eae962857262d6f3c2ece0452bc6c33969b640a6dc3d9d3d395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
x-rq: ams6 109 200 443
last-modified: Wed, 23 Sep 2020 17:43:31 GMT
server: nginx
etag: "934bc682cccec076"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: HIT
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13477
expires: Sat, 17 Sep 2022 22:51:05 GMT

GET
H2 200 boldcoastal.css
www.eastbaytimes.com/wp-content/themes/assets/static/css/ 387 KB
58 KB 20ms
19ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-content/themes/assets/static/css/boldcoastal.css?ver=1639768446

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e797f0805be511b74b52681499b8da7649a8fdf2bd83ec37d08b28fb597c31a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
x-rq: ams6 0 2 9980
last-modified: Fri, 17 Dec 2021 23:41:17 GMT
server: nginx
age: 201690
etag: W/"61bd201d-60d2f"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 59141
expires: Tue, 20 Dec 2022 07:44:41 GMT

GET
H2 200 main.js
mng-eastbaytimes.zeustechnology.com/ 0
58 KB 10ms
9ms Other
application/javascript 143.204.98.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mng-eastbaytimes.zeustechnology.com/main.js
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-97.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: aiClkDAgxzQzhiYMaby3SV.u9kP5Xtzx
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 18:35:40 GMT
server: AmazonS3
age: 3359
etag: W/"27e361d74ddbbdc3dbe4f4d11647fc5f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cache-control: max-age=600,s-maxage=3600
date: Mon, 20 Dec 2021 06:49:40 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 83-zT86TeBdPDg6erPNA3SR9hbV_0S9UiySmj7qxJKjiYiBqdm6FjA==

GET
H2 200 apstag.js
c.amazon-adsystem.com/aax2/ 0
36 KB 12ms
11ms Other
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 611
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1TSAPDEDSENV9T2TMB6V
date: Mon, 20 Dec 2021 07:34:48 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: mn9M1E864oec3khA0YKkRJoN8XmV_0ykBacVxJnuO5DnZql5GOqdxQ==

GET
H2 200 wp-emoji-release.min.js Show response
www.eastbaytimes.com/wp-includes/js/ 18 KB
5 KB 14ms
14ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
x-rq: ams6 0 2 9980
last-modified: Wed, 10 Nov 2021 18:46:10 GMT
server: nginx
age: 3401612
etag: W/"618c1372-4705"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 4926
expires: Tue, 20 Dec 2022 07:44:41 GMT

GET
H2 200 banglogo_small.png
www.eastbaytimes.com/wp-content/themes/wp-mason/static/images/site-logo/ 15 KB
12 KB 15ms
15ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eastbaytimes.com/wp-content/themes/wp-mason/static/images/site-logo/banglogo_small.png

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

75e752bf99299219069a5af90f61408be1ab85af71df9aea097bc70e9075c122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
x-rq: ams6 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
age: 3876477
etag: W/"61830d08-3b7b"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 11994
expires: Tue, 20 Dec 2022 07:44:41 GMT

GET
H2 200 / Show response
www.eastbaytimes.com/_static/ 26 KB
10 KB 14ms
14ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/_static/??-eJx9j90OgjAMRl/IUX+iwQvjoxDYioys61w3jTy9jMQrxasmJz39+sEzKM0+oU8QXL5ZL2B6aibMAq0IJgGJGsYFq4IVsZGKrK9G2cAPv3PMpHqOKuTOWRkwCgSWVK6UuSYaK/c5drGWSM1E80KjOftVKwyc2PfWOXigNxwhWJ1yxIL+/fktunZ6iZ3wU+9Kl93pcD7W+3q7Hd9k/XFi

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

23fca0a8a5d263dc2498a11db5bb7b4d85bdb373df7b971e72dc89b51d6cfeca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Wed, 15 Dec 2021 15:40:00 GMT
server: nginx
age: 199586
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 10055

GET
H2 200 ads.js Show response
www.eastbaytimes.com/wp-content/themes/wp-mason/static/js/ 87 B
140 B 14ms
14ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Wed, 03 Nov 2021 22:28:24 GMT
server: nginx
age: 3877050
etag: "61830d08-57"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87
expires: Tue, 20 Dec 2022 07:44:40 GMT

GET
H2 200 / Show response
www.eastbaytimes.com/_static/ 102 KB
28 KB 14ms
14ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/_static/??-eJydzkEKwjAQQNELmQ5qMboQzxKTtE3NzARnqnh7A7pQELFuPzz4cC3GM2kkBR0iRgEnElVA1GnyMAp4RmRq/DDRqcFEzSgL+MEVzrcu5Sxz0JFz8OxqyF9YLeiE6QVm7tkk7I1TPX+iJU99IoHQoXHBIAd547U9buZjWdElhch/yMJar5/wgPvlZr2z27a1drwDHqmYcQ==

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b0bd5be9d88362ebf60ae903f1cca6fa2cf646ff257ff109185ae739785153c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Fri, 17 Dec 2021 23:41:17 GMT
server: nginx
age: 201689
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 29059

GET
H2 404 global.min.js
www.eastbaytimes.com/wp-content/plugins/site-plugins/site-eastbaytimes/static/js/ 0
0 140ms
140ms Script
text/html 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-content/plugins/site-plugins/site-eastbaytimes/static/js/global.min.js?ver=0.1.0

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
server: nginx
age: 0
vary: Accept-Encoding
x-cache: miss
content-type: text/html
strict-transport-security: max-age=31536000;includeSubdomains
content-encoding: gzip

GET
H2 200 wp-embed.min.js Show response
www.eastbaytimes.com/wp-includes/js/ 1 KB
846 B 14ms
14ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-includes/js/wp-embed.min.js?m=1639688214g

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
x-rq: ams6 0 2 9980
last-modified: Thu, 16 Dec 2021 20:56:54 GMT
server: nginx
age: 296568
etag: W/"61bba816-592"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 765
expires: Tue, 20 Dec 2022 07:44:40 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/eastbaytimes.com/ 56 KB
21 KB 44ms
13ms Script
application/javascript 143.204.103.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/eastbaytimes.com/p.js?ver=2.6.1
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.103.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-103-127.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: c51b8104fdcf7eba17a179858d852c6fa263f6a7d072d70a2c3fee04174aca51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
last-modified: Fri, 17 Dec 2021 22:42:35 GMT
server: nginx
x-amz-cf-pop: FRA50-C1
etag: W/"61bd125b-df45"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-id: tz77zTtdbUv5tA2hVcCDIDb71sFyuJsHT39y8Yt7f9OeiWUl9qSI6Q==
expires: Tue, 21 Dec 2021 03:21:24 GMT

GET
H2 200 e-202151.js Show response
stats.wp.com/ 9 KB
3 KB 46ms
15ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202151.js
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT ams
date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 11 Dec 2022 23:07:14 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 28ms
12ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Mon, 20 Dec 2021 07:44:40 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-id: 7wvyxZBifUVt9atfCh2LrlnTgswTE5JjKbRKgqoTphSLoMNfyfW2-g==

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 165ms
42ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C34) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1192
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (mil/6C34)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0d629d52-101e-0004-5972-f56572000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Mon, 20 Dec 2021 08:14:41 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
581 B 28ms
8ms Script
text/javascript 2a04:4e42:e00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:e00::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2972265
detected-user-agent: Chrome/96.0.4664
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length: 101
referrer-policy: origin-when-cross-origin
last-modified: Mon, 15 Nov 2021 17:04:18 GMT
date: Mon, 20 Dec 2021 07:44:41 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/96.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 session Show response
session.eastbaytimes.com/api/ 93 B
256 B 598ms
187ms XHR
application/json 44.231.115.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://session.eastbaytimes.com/api/session
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/_static/??-eJyt0MEKwjAMBuAXsi0ymfQgXn2Nrpaa0mTDpMzHNzsIGwge3CnJH/Id4ubJxJEkkbiptgzEDimb0OShGcQgMJJj0Rq/bCwGIDs0utdkCx/cv54eU3rJnuTSSk2olfd0G9zCgj1/oAySzGYYAuUPXFaZRX1m4Stejn3ne++707m8AQDdn5k=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.115.63 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-115-63.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.eastbaytimes.com
date: Mon, 20 Dec 2021 07:44:41 GMT
access-control-allow-credentials: true
content-length: 93
vary: Origin
content-type: application/json; charset=utf-8

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 16 B
695 B 327ms
117ms Script
text/javascript 54.167.130.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json493

Requested by

Host: p192.eastbaytimes.com
URL: https://p192.eastbaytimes.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-130-168.compute-1.amazonaws.com

Software

- /

Resource Hash

436fcb0539f1e9d7a77cd0e219471182f52dedf89c0265c33c14333d090a533b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 316de93a-06fc-41f9-b657-56a97006c21d
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/316de93a-06fc-41f9-b657-56a97006c21d
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 pushly-sdk.min.css
cdn.p-n.io/ 26 KB
2 KB 9ms
9ms Stylesheet
text/css 143.204.98.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.css?domain_key=jVaWZwiVJLZPQATfZvBdRlYI8yeoN9Y8bwWD
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-94.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 15:32:42 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 15:59:32 GMT
server: AmazonS3
age: 58319
etag: W/"f78fe2b0b79df0619d393cfc42450ddf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Yxy-BifCLkFOdqmQbpx_umA9gdCZympxni_1GIWlFLHBIjtyU1jvqg==

GET
H2 200 13257 Show response
check.analytics.rlcdn.com/check/ 25 B
383 B 80ms
47ms XHR
application/json 143.204.98.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/13257
Requested by: Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-32.fra50.r.cloudfront.net
Software: /
Resource Hash: 8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amzn-requestid: 4b194cbe-76fd-448b-a6cf-764478046f13
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61c03469-299e884e1498836b188032c3
x-amz-apigw-id: Ko0gdH2-joEFs-g=
content-length: 25
x-amz-cf-id: 9Se1NeprULU2s0BMP3mVlTSAM0MjeCQdg5LTiAaEQwAawfFB04qUIQ==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 117 KB
38 KB 61ms
18ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
last-modified: Thu, 11 Nov 2021 06:35:13 GMT
server: nginx
etag: W/"618cb9a1-1d4ec"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 21 Dec 2021 07:44:41 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 939 B
1 KB 18ms
18ms XHR
application/json 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3391&u=https%3A%2F%2Fwww.eastbaytimes.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 59f8b91dc29bef50525840d78d7b567933a4492994ec6bc7ddb46edc09c1cc8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 06:32:12 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
server: Server
age: 4348
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.eastbaytimes.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 939
x-amz-cf-id: 5TDcwgme-3vWtk5fGOenX3m5K6SFtxbiZRdeeTMKocXDT7WmazTYsQ==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
38 KB 50ms
13ms Script
application/x-javascript 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding: gzip
etag: W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age: 68319
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 8c7650e47b7f894f6ae5a1fc4919cee6
last-modified: Thu, 16 Dec 2021 12:45:56 GMT
server: AmazonS3
date: Sun, 19 Dec 2021 12:46:04 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: A4Q6jlhzEbdWmi5456hYzpHzhXErpUiW9i7gNXnxnpOVhUiWE0tUPw==

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 16 B
696 B 309ms
100ms Script
text/javascript 54.167.130.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?&callback=bc_json494

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-130-168.compute-1.amazonaws.com

Software

- /

Resource Hash

4cc2137066db8d17208ced04e09afe0d9eacf654cc66e14427d290a0a78ea343

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
fonts.gstatic.com/s/droidsans/v12/ 22 KB
22 KB 39ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=5.8.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eastbaytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 16:11:48 GMT
x-content-type-options: nosniff
age: 401573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22340
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 02:52:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 16:11:48 GMT

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/ 88 KB
89 KB 48ms
26ms Font
font/woff2 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/fonts/bootstrap-icons.woff2?856008caa5eb66df68595e734e59580d

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.5.0/font/bootstrap-icons.min.css?ver=5.2.0
Origin: https://www.eastbaytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4791466
x-jsd-version: 1.5.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 90528
x-served-by: cache-fra19149-FRA, cache-mxp6963-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"161a0-RkmHeGigBozlCxBdDSojXoAQyY8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 6c073f31eabc599b-MXP

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/truetype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Referer
Origin: https://www.eastbaytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H3 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v13/ 25 KB
25 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=5.8.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eastbaytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 20:17:24 GMT
x-content-type-options: nosniff
age: 386837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25984
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 20:17:24 GMT

GET
H3 200 SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
fonts.gstatic.com/s/droidsans/v12/ 21 KB
21 KB 27ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=5.8.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eastbaytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 23:30:10 GMT
x-content-type-options: nosniff
age: 461671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21232
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 01:56:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 23:30:10 GMT

GET
BLOB 200
OK 4ca9cd8c-4419-457a-95b2-8896a3224e92
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/4ca9cd8c-4419-457a-95b2-8896a3224e92
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 83a426cd-b928-4667-8e8c-221cd0d3311b
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/83a426cd-b928-4667-8e8c-221cd0d3311b
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 3b61e6d8-72dd-47a7-88bc-31847476391b
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/3b61e6d8-72dd-47a7-88bc-31847476391b
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 0869adbe-c7ad-4c28-b9e0-9e13728314c6
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/0869adbe-c7ad-4c28-b9e0-9e13728314c6
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 59c0d2ec-7fec-4deb-a8d9-36655eefe08b
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/59c0d2ec-7fec-4deb-a8d9-36655eefe08b
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK ff1f1702-ea7b-4a6e-90c8-e412a697eb90
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/ff1f1702-ea7b-4a6e-90c8-e412a697eb90
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 common.chunk.min.js Show response
www.eastbaytimes.com/wp-content/themes/assets/static/js/ 42 KB
10 KB 14ms
14ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-content/themes/assets/static/js/common.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dbae94cba2ba3d07d6ae6e79a7c60c4efc36deb442e193ab18e0fd0cd4d97eef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
x-rq: ams6 0 2 9980
last-modified: Thu, 04 Nov 2021 16:34:10 GMT
server: nginx
age: 3877050
etag: W/"61840b82-a62f"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 10465
expires: Tue, 20 Dec 2022 07:44:41 GMT

GET
H2 200 common-async.chunk.min.js Show response
www.eastbaytimes.com/wp-content/themes/assets/static/js/ 56 KB
8 KB 14ms
14ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-content/themes/assets/static/js/common-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1ea03e7bb14df931f8a649756cffe9465c815aa0efc23acce14b50e21c3d20ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
x-rq: ams6 0 2 9980
last-modified: Thu, 04 Nov 2021 16:34:10 GMT
server: nginx
age: 3877050
etag: W/"61840b82-e145"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 8377
expires: Tue, 20 Dec 2022 07:44:41 GMT

GET
H2 200 boldcoastal-async.chunk.min.js Show response
www.eastbaytimes.com/wp-content/themes/assets/static/js/ 3 KB
1 KB 14ms
14ms Script
application/javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-content/themes/assets/static/js/boldcoastal-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ab5186d21dd8de73feda81815eb24a9906b827a0ff943d5a8d59a22e30245952

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
x-rq: ams6 0 2 9980
last-modified: Thu, 04 Nov 2021 16:34:10 GMT
server: nginx
age: 3877050
etag: W/"61840b82-abe"
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-encoding: gzip
content-length: 1217
expires: Tue, 20 Dec 2022 07:44:41 GMT

GET
H2 404 global.min.js
www.eastbaytimes.com/wp-content/plugins/site-plugins/site-eastbaytimes/static/js/ 0
0 14ms
13ms Script
text/html 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eastbaytimes.com/wp-content/plugins/site-plugins/site-eastbaytimes/static/js/global.min.js?ver=0.1.0

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
x-rq: ams6 0 2 9980
server: nginx
age: 0
vary: Accept-Encoding
x-cache: hit
content-type: text/html
strict-transport-security: max-age=31536000;includeSubdomains
content-encoding: gzip
content-length: 167

GET
H2 200 SJM-L-RICHMOND-1219-1.jpg
www.eastbaytimes.com/wp-content/uploads/2021/12/ 46 KB
46 KB 99ms
98ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eastbaytimes.com/wp-content/uploads/2021/12/SJM-L-RICHMOND-1219-1.jpg?w=520

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6223dcfab68589a4af101be4e8124ae23aa4669f3dbc28233e2da76fcd2cc82e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
x-rq: ams6 109 84 443
last-modified: Mon, 20 Dec 2021 07:44:41 GMT
server: nginx
etag: "09888a67f6fd3dbf"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 46928
expires: Tue, 20 Dec 2022 07:44:41 GMT

GET
BLOB 200
OK 334770bf-4ea2-4141-bf3d-602c6addee02
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/334770bf-4ea2-4141-bf3d-602c6addee02
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 78d984bc-da28-4ee2-9529-93d19502c951
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/78d984bc-da28-4ee2-9529-93d19502c951
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 1184a7e2-f2cb-4797-aa3d-c3fae2a798ea
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/1184a7e2-f2cb-4797-aa3d-c3fae2a798ea
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 2fbf2c17-87bb-47cf-b83b-92c75ba00db4
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/2fbf2c17-87bb-47cf-b83b-92c75ba00db4
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
604 B 38ms
10ms Fetch
application/json 143.204.98.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-54.fra50.r.cloudfront.net
Software: /
Resource Hash: 55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:28:25 GMT
via: 1.1 456733511c088f8435091e663b2c5430.cloudfront.net (CloudFront), 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
age: 976
x-amzn-requestid: 06968d3f-c7e5-481e-9642-1dc2df09afe3
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61c03099-1031275e4c5416186cc38747;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA50-C1
x-amz-apigw-id: KoyH-FgXjoEFTVw=
content-length: 30
x-amz-cf-id: 103TRkA2G5pRZQwNNuR9S8zARyM7HhWWZl6eBWLjY7-RYuMrNkhaGg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 loader-config.json Show response
loader-cdn.azureedge.net/prod/dfm/ 1011 B
843 B 191ms
39ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-cdn.azureedge.net/prod/dfm/loader-config.json?_=1639986280605
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C6F) /
Resource Hash: 96b34914f736b96f184920bea4cf3b30a7b76583c51bf1e9caf2add39705bffd

Request headers

Accept: */*
Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
content-md5: i1fC4Ue5p2n4u48t1IbEIQ==
age: 37209
x-cache: HIT
content-length: 465
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 10:13:01 GMT
server: ECAcc (mil/6C6F)
etag: 0x8D905773626BB80
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: eb1db301-401e-0048-351e-f514e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 / Show response
cmp.osano.com/ Frame 36CF 4 KB
1 KB 8ms
8ms Document
text/html 2600:9000:2156:ba00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.osano.com/
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ba00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/

Response headers

content-type: text/html
date: Sun, 19 Dec 2021 15:15:49 GMT
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
etag: W/"287b497c992487af362d33204f87d28f"
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: uR394ysFsqowWLh4woOMpTqBUHKbeJgO8BWtuQMiBt7NpXnz0jdYhQ==
age: 59333

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 15ms
14ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.4&blog=116372269&post=0&tz=-8&srv=www.eastbaytimes.com&host=www.eastbaytimes.com&ref=&fcp=855&rand=0.3312386274776218
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 20 Dec 2021 07:44:41 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v13/ 22 KB
22 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=5.8.2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eastbaytimes.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 23:27:38 GMT
x-content-type-options: nosniff
age: 461823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22492
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:03:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 23:27:38 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A860 291 B
597 B 53ms
16ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.eastbaytimes.com&gdpr=1&gdpr_consent=CPRggwfPRggwfEXABADEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 443
date: Mon, 20 Dec 2021 07:44:41 GMT
content-length: 321
strict-transport-security: max-age=86400; preload;

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 49ms
24ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1076 / 238 of 1000 / last-modified: 1639397097"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26912
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 20 Dec 2021 07:44:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 385 KB
92 KB 43ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35ebd663b49235847b05f9a164e9aa18eb27adbcda070f24e50e41648ebb576e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93426
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Dec 2021 07:44:41 GMT

GET
H2 200 userSync.js Show response
ads.pubmatic.com/AdServer/js/ 7 KB
3 KB 83ms
24ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/userSync.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:14 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300709-1af3-5c4c7cca9e573"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=63137
accept-ranges: bytes
content-type: text/javascript
content-length: 2267
expires: Tue, 21 Dec 2021 01:16:58 GMT

GET
H/1.1 200
OK count.js Show response
dfm-contracostatimes.disqus.com/ 1 KB
2 KB 57ms
24ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://dfm-contracostatimes.disqus.com/count.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 188
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 16 Dec 2021 01:06:03 GMT
Server: nginx
ETag: "61ba90fb-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: 9_N8C1cgTLrp7iWsXn7V4Z4zijz--cnrz8uhI2Hylccpa7xjuCJvxQ==

POST
H2 200 492 Show response
p192.eastbaytimes.com/DG/DEFAULT/rest/rpc/ 113 B
1016 B 374ms
373ms XHR
application/json 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p192.eastbaytimes.com/DG/DEFAULT/rest/rpc/492?referer=https%3A%2F%2Fwww.eastbaytimes.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-12-20T07%3A44%3A41%2B00%3A00&ts=1639986281631

Requested by

Host: p192.eastbaytimes.com
URL: https://p192.eastbaytimes.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-5.fra50.r.cloudfront.net

Software

- /

Resource Hash

9f146373eef70a751f341f44b157b684187225145df582c3e4b72b750a95d24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 125
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.eastbaytimes.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: aDU761KQ3ydWEB44MduR5LAcClHVMffI7gN0XyilYfg7uG-cPdrZ6w==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 492 Show response
p192.eastbaytimes.com/DG/DEFAULT/rest/rpc/ 120 KB
19 KB 472ms
471ms XHR
application/json 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p192.eastbaytimes.com/DG/DEFAULT/rest/rpc/492?referer=https%3A%2F%2Fwww.eastbaytimes.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-12-20T07%3A44%3A41%2B00%3A00&ts=1639986281632

Requested by

Host: p192.eastbaytimes.com
URL: https://p192.eastbaytimes.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-5.fra50.r.cloudfront.net

Software

- /

Resource Hash

93fdf7263b0738341bd97da6f30fca4e8525035e3e4cf89d90cf90b965c9b407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 18227
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.eastbaytimes.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: DBEGIq86WALGH8dNGu7lYahYFN7yND9XvAa4Jsz5ryUKhgykLXgbZA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 pubads_impl_2021120601.js Show response
securepubads.g.doubleclick.net/gpt/ 348 KB
117 KB 35ms
18ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119476
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 09:34:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 20 Dec 2021 07:44:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 184 B
142 B 31ms
15ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.eastbaytimes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

7ddaa998070b8c4034edc9354d81a544c9f544abfcfc9b227e4087feb2caa7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117
x-xss-protection: 0
expires: Mon, 20 Dec 2021 07:44:41 GMT

GET
H2 200 SJM-L-BUSSTOP-12XX-3-1.jpg
www.eastbaytimes.com/wp-content/uploads/2021/12/ 22 KB
22 KB 125ms
123ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eastbaytimes.com/wp-content/uploads/2021/12/SJM-L-BUSSTOP-12XX-3-1.jpg?w=322

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5f0d0c94f2cedc692f5d5415f2c41b3cd32b448a08ce16f5db8c43b3d5ee0f00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
x-rq: ams6 109 28 443
last-modified: Mon, 20 Dec 2021 07:44:41 GMT
server: nginx
etag: "7c62f643bb88a129"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 22162
expires: Tue, 20 Dec 2022 07:44:41 GMT

GET
H2 200 BNG-L-49ERS-1220-102-1-1.jpg
www.eastbaytimes.com/wp-content/uploads/2021/12/ 18 KB
18 KB 89ms
89ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eastbaytimes.com/wp-content/uploads/2021/12/BNG-L-49ERS-1220-102-1-1.jpg?w=290

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d8a69feb83dbbd3ba9a71803b4d93db683e1f51bdb7fdce141215a4a79a5db61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
x-rq: ams6 109 28 443
last-modified: Mon, 20 Dec 2021 07:44:41 GMT
server: nginx
etag: "11c5b48132795d9a"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 18152
expires: Tue, 20 Dec 2022 07:44:41 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
38 KB 9ms
8ms Script
application/x-javascript 143.204.98.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-4.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: 28x_tDvW9kJ.rWgfbdZIcgxbFDdgh9p3
content-encoding: gzip
etag: W/"d7dfa2940a5d5ce3beedd8774c961dd7"
age: 68319
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6fbe2bf4-0d3f-4234-a84e-c584de5ecb5e
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 8c7650e47b7f894f6ae5a1fc4919cee6
last-modified: Thu, 16 Dec 2021 12:45:56 GMT
server: AmazonS3
date: Sun, 19 Dec 2021 12:46:04 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: ae589a6335869a8948d0172dfafea0c42638763d87ea89591504c580a5c4f6c7
via: 1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: Mii1F4rfpCJtUrk4pHDoAiQXsqLnbKuVHov4VbYQAhzquR51E8xLXA==

GET
H2 200 a-04i2.min.js Show response
b-code.liadm.com/ 26 KB
10 KB 53ms
9ms Script
application/javascript 2600:9000:2156:5a00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-04i2.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: ZIO-Http /
Resource Hash: 362357020154e31d9090206b553e937a97acdd1cfe1d067679db47c9aa4cce33

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sun, 19 Dec 2021 19:30:28 GMT
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)
server: ZIO-Http
age: 44053
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
content-encoding: gzip
x-amz-cf-id: nnHc9_6aq0VPGJsWs2Nlq6iqrwj6AqHN7CsZegIFbeZ1JZrVjLCGvw==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1639986281699&ns_c=UTF-8&c8=East%20Bay%20Times%20-%20Contra%20Costa%20and%20Alameda%20county%20news%2C%20sports%2C%20entertainment%2C%20life...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1639986281699&ns_c=UTF-8&c8=East%20Bay%20Times%20-%20Contra%20Costa%20and%20Alameda%20county%20news%2C%20sports%2C%20entertainment%2C%20lif...

0
225 B

14ms
13ms

Image
text/plain

143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1639986281699&ns_c=UTF-8&c8=East%20Bay%20Times%20-%20Contra%20Costa%20and%20Alameda%20county%20news%2C%20sports%2C%20entertainment%2C%20lifestyle%20and%20commentary&c7=https%3A%2F%2Fwww.eastbaytimes.com%2F&c9=
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: H2
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 9m9dhjNKVCUxlCnMtDkW4HTbLOGbuD2FhmXBSRwxdBLW8z9cGGWcbA==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 20 Dec 2021 07:44:41 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1639986281699&ns_c=UTF-8&c8=East%20Bay%20Times%20-%20Contra%20Costa%20and%20Alameda%20county%20news%2C%20sports%2C%20entertainment%2C%20lifestyle%20and%20commentary&c7=https%3A%2F%2Fwww.eastbaytimes.com%2F&c9=
content-length: 289
x-amz-cf-id: kboIjCUnI4h5VK7fSAb_-dNctrBjBEjtzdb8V8SyZadPQCsjcCs3_g==

GET
BLOB 200
OK 86e5ed59-9035-44f3-bd16-c7fb01ff032c
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/86e5ed59-9035-44f3-bd16-c7fb01ff032c
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 631ea336-6587-4c2b-b7e9-8d52f5189439
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/631ea336-6587-4c2b-b7e9-8d52f5189439
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK dfc860b3-1ded-49b3-9822-c23ee5b96a08
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/dfc860b3-1ded-49b3-9822-c23ee5b96a08
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6404 14 KB
5 KB 20ms
19ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160200&s=&predirect=&userIdMacro=&gdpr_consent=CPRggwhPRggwhEXABADEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=36233
expires: Mon, 20 Dec 2021 17:48:34 GMT
date: Mon, 20 Dec 2021 07:44:41 GMT
vary: Accept-Encoding

GET
H2 200 fp.min.js Show response
fp-cdn.azureedge.net/prod/dfm/ 59 KB
20 KB 190ms
40ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://fp-cdn.azureedge.net/prod/dfm/fp.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C8E) /
Resource Hash: 9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
content-md5: I+TRQO5bVyRNfhz04pv14Q==
age: 32359
x-cache: HIT
content-length: 19745
x-ms-lease-status: unlocked
last-modified: Thu, 24 Dec 2020 08:54:59 GMT
server: ECAcc (mil/6C8E)
etag: 0x8D8A7E997F32F60
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d8c7d994-701e-0087-782a-f57350000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 g2i.min.js Show response
g2insights-cdn.azureedge.net/prod/dfm/ 1 MB
217 KB 61ms
8ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://g2insights-cdn.azureedge.net/prod/dfm/g2i.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F49) /
Resource Hash: a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
content-md5: MEV0XK+iSrlNTVyliS0EpQ==
age: 37070
x-cache: HIT
content-length: 221901
x-ms-lease-status: unlocked
last-modified: Tue, 29 Dec 2020 13:55:30 GMT
server: ECAcc (frc/8F49)
etag: 0x8D8AC0167971F78
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 82b9f06c-c01e-007b-211f-f54dcf000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 559 KB
118 KB 203ms
40ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C9A) /
Resource Hash: ea5d2befb0a4e0ce54a1e5014b440dcbec8a981df5921805bef7c080647dab6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
content-md5: qVIPcM+g3AcDoTOKAhEK0A==
age: 39089
x-cache: HIT
content-length: 119973
x-ms-lease-status: unlocked
last-modified: Wed, 11 Aug 2021 20:38:31 GMT
server: ECAcc (mil/6C9A)
etag: 0x8D95D07FB91B69A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d684a2ee-501e-00f6-101a-f50169000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 26 KB
11 KB 174ms
135ms XHR
application/json 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

eacbd85213ba4ff288ae89f5d955bad425b4f1474ea7c9f5144962f792cb14d5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Date: Mon, 20 Dec 2021 07:44:41 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 6614cabd-8729-4d26-827c-ac6a205370f7
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.eastbaytimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 507 B
534 B 78ms
36ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=116&profileId=184&cb=37493227764
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: ff375cb336035c8965e391e7361790b7f4d6dbbbe3e544888416c892cb16a704

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eastbaytimes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 288

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 46 B
397 B 360ms
322ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?ac=j&s=212590&v=7.2&sd=1&r=%7B%22id%22%3A%22785d76a3-58ad-4cd2-b666-4e27c585cbad%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221f1a0184-623f-4ad2-bf0e-84986b43e54d%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A50%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22652924%22%2C%22gpid%22%3A%228013%2Fzeus_Sponsorship_1%22%7D%7D%2C%7B%22id%22%3A%2276bdc3df-eeaf-49d1-a52a-907b2c4e6342%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22652925%22%2C%22gpid%22%3A%228013%2Fzeus_top_leaderboard%22%7D%7D%2C%7B%22id%22%3A%224963b656-2620-43ff-96fe-32b47d6984bd%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22652925%22%2C%22gpid%22%3A%228013%2Fzeus_top_leaderboard%22%7D%7D%2C%7B%22id%22%3A%2254e8ef8b-2c3b-41ea-a73a-bc566c9277d5%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22652925%22%2C%22gpid%22%3A%228013%2Fzeus_top_leaderboard%22%7D%7D%2C%7B%22id%22%3A%2228880634-dd72-40a9-8d97-fafdcc8d47ce%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22652926%22%2C%22gpid%22%3A%228013%2Fzeus_Cube1_RRail_ATF%22%7D%7D%2C%7B%22id%22%3A%221e44ad09-6493-4ef7-baeb-7101d33fe770%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22652926%22%2C%22gpid%22%3A%228013%2Fzeus_Cube1_RRail_ATF%22%7D%7D%2C%7B%22id%22%3A%22b76216d3-7baf-4f9b-81aa-e0537b6c4f17%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22652926%22%2C%22gpid%22%3A%228013%2Fzeus_Cube1_RRail_ATF%22%7D%7D%2C%7B%22id%22%3A%22f329ba1b-35f5-4281-a9fd-b457e0a6cfeb%22%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%7D%5D%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22652926%22%2C%22gpid%22%3A%228013%2Fzeus_Cube1_RRail_ATF%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.eastbaytimes.com%2F%22%2C%22ref%22%3A%22%22%7D%7D
Requested by: Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 07abab291cfe1bdb3a84191dd484a2b7bcd5ea63337b6197dccce31ecf678c9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[194.36.108.18], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.eastbaytimes.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 66
x-ak-client-geo: 12
expires: Mon, 20 Dec 2021 07:44:42 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 59ms
13ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=zeus_client
Requested by: Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.eastbaytimes.com
date: Mon, 20 Dec 2021 07:44:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 468 B
3 KB 305ms
216ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&site_id=368296&tk_flint=custom&slots=3&size_id=44%3B2%3B15&alt_size_ids=%3B55%2C57%3B9%2C10%2C54&zone_id=2004954%3B2004962%3B2004940&rp_floor=0.01&us_privacy=1---
Requested by: Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 02d226352aada242b8f151f6cc51811ad13b575cef81331ea5f384375963a494

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:42 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.eastbaytimes.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 468
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 2 KB
1 KB 146ms
120ms XHR
application/json 52.29.163.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=zeus&v=1&referrer=www.eastbaytimes.com&debug=false&us_privacy=1---

Requested by

Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.163.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-163-83.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c724c9348ceca7ab5c660389f037dc794a413d5909c60b7f6519c7a4bb8ef938

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eastbaytimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 1155
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
537 B 43ms
43ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3391&u=https%3A%2F%2Fwww.eastbaytimes.com%2F&pid=w3IaL2GANczCv&cb=0&ws=1600x1200&v=7.71.1&t=1000&slots=%5B%7B%22sd%22%3A%22zeus_Sponsorship_1%22%2C%22s%22%3A%5B%22300x50%22%5D%2C%22sn%22%3A%22%2F8013%2Feastbaytimes.com%2Fhome%2FSponsorship_1%22%7D%2C%7B%22sd%22%3A%22zeus_interstitial%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F8013%2Feastbaytimes.com%2Fhome%2Finterstitial%22%7D%2C%7B%22sd%22%3A%22zeus_top_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8013%2Feastbaytimes.com%2Fhome%2Ftop_leaderboard%22%7D%2C%7B%22sd%22%3A%22zeus_Cube1_RRail_ATF%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F8013%2Feastbaytimes.com%2Fhome%2FCube1_RRail_ATF%22%7D%5D&gdpre=1&gdprc=CPRggwiPRggwiEXABADEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 5DYTMVVS6FCY3J4HMMWM
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.eastbaytimes.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: sXHWb_9mZtF22XOZmWurzqwzohhw5gEhP7T1RXeB5LCfWxhDsVNHlw==

GET
H/1.1 200
OK tag.js Show response
s.btstatic.com/ 34 KB
13 KB 84ms
19ms Script
application/javascript 104.111.248.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.btstatic.com/tag.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.248.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-248-191.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Jul 2021 15:11:38 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: public, max-age=14400
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 12525

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2615
date: Mon, 20 Dec 2021 07:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 20 Dec 2021 09:01:06 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6404 0
42 B 76ms
18ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69465696&p=160200&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CPRggwhPRggwhEXABADEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=160200&s=&predirect=&userIdMacro=&gdpr_consent=CPRggwhPRggwhEXABADEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:40 GMT
content-length: 0

GET
BLOB 200
OK d47378ff-beab-4987-98b5-ca50fac16b79
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/d47378ff-beab-4987-98b5-ca50fac16b79
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 pixels Show response
3pd.criteo.com/user-sync/ 13 B
286 B 59ms
14ms XHR
application/json 178.250.2.80
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://3pd.criteo.com/user-sync/pixels?gdpr=CPRggwfPRggwfEXABADEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdprapplies=true&ccpa=1---&countrycode=DE
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.80 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:41 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eastbaytimes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin

POST
H2 204 events
bidder.criteo.com/csm/ 0
193 B 13ms
13ms Ping
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.eastbaytimes.com
date: Mon, 20 Dec 2021 07:44:41 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:2156:5a00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: CQKQeFXs_ero.dSxGj8yyrCkT6TzPcRS
content-encoding: gzip
etag: W/"ae5e94de938b0387eda6df8f20da811a"
last-modified: Wed, 02 Jun 2021 16:15:01 GMT
server: AmazonS3
age: 1255344
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fa5a3d5abd34c6fac657b045a4dcbdc5.cloudfront.net (CloudFront)
date: Sun, 05 Dec 2021 19:02:18 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: zpjM44S00CbH3qS6GpYU4aK-WNJtHugosPIW-9afSQBnaFFyKXJ87g==

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1639986281999&aid=a-04i2&se=e30&duid=a24f03d9278a--01fqbcsfb805k0w8ppjf0x1a1d&tna=v2.3.0&pu=https%3A%2F%2Fwww.eastbaytimes.com%2F&us_privacy=1---&wpn=lc-bundle&gdpr=1&...
https://rp4.liadm.com/j?dtstmp=1639986281999&aid=a-04i2&se=e30&duid=a24f03d9278a--01fqbcsfb805k0w8ppjf0x1a1d&tna=v2.3.0&pu=https%3A%2F%2Fwww.eastbaytimes.com%2F&us_privacy=1---&wpn=lc-bundle&gdpr=1...

49 B
605 B

325ms
103ms

XHR
application/json

52.5.181.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1639986281999&aid=a-04i2&se=e30&duid=a24f03d9278a--01fqbcsfb805k0w8ppjf0x1a1d&tna=v2.3.0&pu=https%3A%2F%2Fwww.eastbaytimes.com%2F&us_privacy=1---&wpn=lc-bundle&gdpr=1&gdpr_consent=CPRggwiPRggwiEXABADEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&c=PHRpdGxlPkVhc3QgQmF5IFRpbWVzIC0gQ29udHJhIENvc3RhIGFuZCBBbGFtZWRhIGNvdW50eSBuZXdzLCBzcG9ydHMsIGVudGVydGFpbm1lbnQsIGxpZmVzdHlsZSBhbmQgY29tbWVudGFyeTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkVhc3QgQmF5VGltZXMgaXMgdGhlIGxlYWRpbmcgc291cmNlIG9mIGJyZWFraW5nIG5ld3MsIGxvY2FsIG5ld3MsIHNwb3J0cywgZW50ZXJ0YWlubWVudCwgbGlmZXN0eWxlIGFuZCBvcGluaW9uIGZvciBDb250cmEgQ29zdGEgQ291bnR5LCBBbGFtZWRhIENvdW50eSwgT2FrbGFuZCBhbmQgYmV5b25kIj48aDEgY2xhc3M9ImN1c3RvbS1sb2dvIGxvZ28iPjxhIGhyZWY9Imh0dHBzOi8vd3d3LmVhc3RiYXl0aW1lcy5jb20iPjxpbWcgc3JjPSJodHRwczovL3d3dy5lYXN0YmF5dGltZXMuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy8yMDIwLzA5L0VCVElNQUdFcG5nLnBuZyIgYWx0PSJFYXN0IEJheSBUaW1lcyIgd2lkdGg9IjcxNCIgaGVpZ2h0PSI4MyI-PC9hPjwvaDE-&i6=MjAwMTphYzg6MzY6NjoyMDY6OjE%3D&n3pc=true

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Server

52.5.181.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-5-181-6.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

88ce64afc25269d237014297f1df9b1445d16decb4b970ff56fde484d109d000

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
x-pixel-event-id: c67d2dda-1271-4d1c-a9c5-f48e9df82bd8
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 0
vary: Origin
content-length: 49
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: d7b58d748b4fd889

Redirect headers

date: Mon, 20 Dec 2021 07:44:42 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1639986281999&aid=a-04i2&se=e30&duid=a24f03d9278a--01fqbcsfb805k0w8ppjf0x1a1d&tna=v2.3.0&pu=https%3A%2F%2Fwww.eastbaytimes.com%2F&us_privacy=1---&wpn=lc-bundle&gdpr=1&gdpr_consent=CPRggwiPRggwiEXABADEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&c=PHRpdGxlPkVhc3QgQmF5IFRpbWVzIC0gQ29udHJhIENvc3RhIGFuZCBBbGFtZWRhIGNvdW50eSBuZXdzLCBzcG9ydHMsIGVudGVydGFpbm1lbnQsIGxpZmVzdHlsZSBhbmQgY29tbWVudGFyeTwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IkVhc3QgQmF5VGltZXMgaXMgdGhlIGxlYWRpbmcgc291cmNlIG9mIGJyZWFraW5nIG5ld3MsIGxvY2FsIG5ld3MsIHNwb3J0cywgZW50ZXJ0YWlubWVudCwgbGlmZXN0eWxlIGFuZCBvcGluaW9uIGZvciBDb250cmEgQ29zdGEgQ291bnR5LCBBbGFtZWRhIENvdW50eSwgT2FrbGFuZCBhbmQgYmV5b25kIj48aDEgY2xhc3M9ImN1c3RvbS1sb2dvIGxvZ28iPjxhIGhyZWY9Imh0dHBzOi8vd3d3LmVhc3RiYXl0aW1lcy5jb20iPjxpbWcgc3JjPSJodHRwczovL3d3dy5lYXN0YmF5dGltZXMuY29tL3dwLWNvbnRlbnQvdXBsb2Fkcy8yMDIwLzA5L0VCVElNQUdFcG5nLnBuZyIgYWx0PSJFYXN0IEJheSBUaW1lcyIgd2lkdGg9IjcxNCIgaGVpZ2h0PSI4MyI-PC9hPjwvaDE-&i6=MjAwMTphYzg6MzY6NjoyMDY6OjE%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://www.eastbaytimes.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 188cd7c5a22b13b9
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
BLOB 200
OK c6a29625-a249-44ae-9141-8b9bf548932d
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/c6a29625-a249-44ae-9141-8b9bf548932d
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H/1.1 200
OK tag Show response
s.thebrighttag.com/ 2 KB
1 KB 100ms
33ms Script
text/javascript 108.128.243.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.thebrighttag.com/tag?site=t4tmU86&H=7y4pgq
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 108.128.243.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-243-153.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1095590c1f34d6efd337a4586d0da3dac48de8e97ea2c8d1a1b530513eaad868

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:42 GMT
Content-Encoding: gzip
Server: nginx
ETag: 0c11d1962563005d7b96c43e3dcd9bfe
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID
Cache-Control: private, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/javascript
X-BT-RequestId: b151e4b0-6168-11ec-836b-0000ac1508ca
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 295 KB
28 KB 41ms
40ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.css?
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C24) /
Resource Hash: 70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: gzip
content-md5: qePO0yKWifmYWvQdlK/DtQ==
age: 39089
x-cache: HIT
content-length: 28321
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:48 GMT
server: ECAcc (mil/6C24)
etag: 0x8D9056E3D33EB71
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 93d8b70c-501e-00fd-721a-f5191d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

OPTIONS
H/1.1 200
OK BANGWPPRODWAB
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ Frame 0
0 571ms
129ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/BANGWPPRODWAB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin: https://www.eastbaytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By: ASP.NET
Date: Mon, 20 Dec 2021 07:44:42 GMT
Content-Length: 0

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 41ms
40ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C34) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1193
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (mil/6C34)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0d629d52-101e-0004-5972-f56572000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Mon, 20 Dec 2021 08:14:42 GMT

GET
H/1.1 200
OK BANGWPPRODWAB Show response
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ 1 MB
350 KB 237ms
236ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/BANGWPPRODWAB
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: 7db80ba82287e68dd0dc20c5b339b615e827260fb32bc334946b076cb0e778b7

Request headers

source-system: Plugin
site-code: DFM
autoqa: false
Accept-Language: de-DE,de;q=0.9
settingskey: BANG,EBT
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2NDAwMDA2ODJ9.bqOEXy29A-EyYOlN1yZra2mw2FPeNKNKMQDpvV2Shig
environment: prod
config-code: BANGWPPRODWAB
access-control-allow-origin: *
ssid: 4b8107d31262312f83f76fddcdff1f5a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
accept: application/json
content-type: application/json
location: undefined
attr: EBT
Referer: https://www.eastbaytimes.com/
version: Version: 2.5.4.3_swg

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:42 GMT
Content-Encoding: gzip
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 357214
X-Server-Time: 12/20/2021 7:44:42 AM
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 432ms
119ms Image
image/jpeg 52.217.200.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.200.209 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:43 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: H3T4AG7KVP6NCSVS
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: z5RZ45LXSPQ7Mp6lKXQ7YjcgO1Dl8khhN2lDpd48sCc43oMB5LObNFxLNFmr2OXcZDuastJlAZ8=
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 23ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:20:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1477
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 20 Dec 2021 08:20:05 GMT

GET
BLOB 200
OK eece1dab-d2a9-4da4-b56f-9c767e764dd0
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/eece1dab-d2a9-4da4-b56f-9c767e764dd0
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 9fdad266a5bcc3d918f1420abed4d49f Show response
p192.eastbaytimes.com/plugin/plugin/ 385 KB
74 KB 10ms
10ms Script
text/javascript 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p192.eastbaytimes.com/plugin/plugin/9fdad266a5bcc3d918f1420abed4d49f

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-5.fra50.r.cloudfront.net

Software

- /

Resource Hash

852308486c7626fa325c508b416d8393b3c1b10a1317342dbf9f4f426ae65929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 08:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 2849702
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 75308
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Nov 2021 08:09:40 GMT
server: -
etag: 9fdad266a5bcc3d918f1420abed4d49f
content-type: text/javascript; charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: soji4_L0IiuU7wT_fhC02HLepD3GRlo1FhQdntRWdbiXYXiJ0cJB5Q==
expires: Thu, 17 Nov 2022 08:09:40 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 41 KB
11 KB 144ms
120ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?gdfp_req=1&pvsid=2853627796648461&correlator=3989851432963538&output=ldjh&impl=fifs&eid=31063899&vrg=2021120601&ptt=17&gdpr_consent=CPRggwoPRggwoEXABBDEBgCwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211220&iu_parts=8013%2Ceastbaytimes.com%2Chome%2CSponsorship_1%2Cinterstitial%2Ctop_leaderboard%2CCube1_RRail_ATF&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F6&prev_iu_szs=300x50%2C1x1%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%7C300x1050%7C160x600&prev_scp=POS%3DSponsorship_1%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_Sponsorship_1.init.dsk%26amznbid%3D2%26amznp%3D2%7CPOS%3Dinterstitial%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_interstitial.init.dsk%26amznbid%3D2%26amznp%3D2%7CPOS%3Dtop_leaderboard%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_top_leaderboard.init.dsk%26amznbid%3D2%26amznp%3D2%26zeus_appnexus%3D27%26zeus_auctionid_appnexus%3D8502928454333544499%7CPOS%3DCube1_RRail_ATF%26zeus_rendercount%3D1%26zeus_slot%3Dzeus_Cube1_RRail_ATF.init.dsk%26amznbid%3D2%26amznp%3D2%26zeus_triplelift%3D18%26zeus_auctionid_triplelift%3D450b5a7b-511d-4a57-bc7f-8fa33a070233%26zeus_appnexus%3D19%26zeus_auctionid_appnexus%3D1004618486098783463&eri=1&cust_params=zeus%3Dapplied%26zeus_8013%3Dwww.eastbaytimes.com%26kv%3Dhome%26page%3Dhome%26content%3D%26RPN%3D339995254246%26rurl%3D%26articleid%3D&bc=31&abxe=1&lmt=1639986282&dt=1639986282419&dlt=1639986280497&idt=1275&frm=20&biw=1600&bih=1200&oid=2&adxs=1290%2C160%2C800%2C1287&adys=17%2C177%2C303%2C495&adks=3223995776%2C4106657091%2C776516575%2C3343401588&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.eastbaytimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x50%7C1x1%7C1280x250%7C304x600&msz=1x0%7C1x0%7C1x0%7C1x0&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba02cf0e78330bfb2d3d95165ecfd04b739c77fb160b607cdc5d06701bd8b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10119
x-xss-protection: 0
google-lineitem-id: -2,-2,5544358459,5543117196
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,138331948099,138331947442
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.eastbaytimes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
578503375baa91212133b64501bdf37a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A51 6 KB
4 KB 60ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://578503375baa91212133b64501bdf37a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 20 Dec 2021 07:44:42 GMT
expires: Tue, 20 Dec 2022 07:44:42 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 136e74caf31d97aab776e1e692190b2b Show response
p192.eastbaytimes.com/plugin/library/ 655 KB
188 KB 9ms
9ms Script
text/javascript 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p192.eastbaytimes.com/plugin/library/136e74caf31d97aab776e1e692190b2b

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-5.fra50.r.cloudfront.net

Software

- /

Resource Hash

cebc26bed1c02dbd8b311e7d0121b4915cfd5ab25a239b82e00559a20044338d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 08:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 2849700
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 191632
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Nov 2021 08:09:42 GMT
server: -
etag: 136e74caf31d97aab776e1e692190b2b
content-type: text/javascript; charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: 6ikL79s3dNJRKSgsqAT0q4jb5hW1Pbaho_IDcdYGF_sFIVgECJVt4w==
expires: Thu, 17 Nov 2022 08:09:42 GMT

POST
H2 200 LB-Zone-2 Show response
p192.eastbaytimes.com/DG/DEFAULT/rest/rpc/492/ 3 KB
2 KB 377ms
377ms XHR
application/json 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p192.eastbaytimes.com/DG/DEFAULT/rest/rpc/492/LB-Zone-2?referer=https%3A%2F%2Fwww.eastbaytimes.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2021-12-20T07%3A44%3A42%2B00%3A00&ts=1639986282455

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-5.fra50.r.cloudfront.net

Software

- /

Resource Hash

d887af1c81a482a7ba4d8830669f6d326c892241c37bca0b1ec846aa744d6f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1131
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.eastbaytimes.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: YFPwk2_Y0QpAdmJZT1IpI0c_0GcCi-ZnyBCnseJ-qxLD8drG-yx8nQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
57 KB 42ms
22ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e078344764f8876cbc44f267ae2f453dbcb670d9623df44e0e5b3997afbef10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57964
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Dec 2021 07:44:42 GMT

GET
H2 200 EBT-L-SHOOTING-1218-01-3.jpg
www.eastbaytimes.com/wp-content/uploads/2021/12/ 10 KB
10 KB 54ms
53ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eastbaytimes.com/wp-content/uploads/2021/12/EBT-L-SHOOTING-1218-01-3.jpg?w=199

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a751590fd0844260b12b9e65753ec265b891d642faba3cb5aaf20a39dd60438b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
x-rq: ams6 109 86 443
last-modified: Mon, 20 Dec 2021 07:44:42 GMT
server: nginx
etag: "b12932dc741f0c3a"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 10178
expires: Tue, 20 Dec 2022 07:44:42 GMT

GET
H2 200 crime-scene-tape-generic451111-1-1-1-1611-1-2-7-1-1-6-1-2-1-4-1-3-2-1-13-3-1-2-1-5-1-2-3-1-2-2-2-1-3-1-8-4-1-3-1-1-1-1-4.jpg
www.eastbaytimes.com/wp-content/uploads/2021/12/ 25 KB
25 KB 67ms
66ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eastbaytimes.com/wp-content/uploads/2021/12/crime-scene-tape-generic451111-1-1-1-1611-1-2-7-1-1-6-1-2-1-4-1-3-2-1-13-3-1-2-1-5-1-2-3-1-2-2-2-1-3-1-8-4-1-3-1-1-1-1-4.jpg?w=311

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

422eb1a1bdc8d52bee1f259723954d273fadc971e2c1380dee228f44903f0c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
x-rq: ams6 109 88 443
last-modified: Mon, 20 Dec 2021 07:44:42 GMT
server: nginx
etag: "4846f224fe12b7db"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 25724
expires: Tue, 20 Dec 2022 07:44:42 GMT

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame 6B42 117 KB
39 KB 72ms
24ms Script
application/javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 24f164db30f201dfea047e885e44e77a310f64af80264642cddf21c22c395e5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:42 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Dec 2021 15:55:26 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61ae326e-1d543"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 39321
Expires: Tue, 21 Dec 2021 07:44:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B42 0
20 B 54ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-AHJ1v9crez0U71fqInV8pscbIoaUBPqG7ebqFhnf0MjLDUNhlGQtD5g61G0OzCtslxRb-T0hjmrhiQaq4kUXV3lJwp1w

Requested by

Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 6B42 13 KB
6 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4f31178f3fe6003e606295047fdb9be890c6a9c6c8594576435f86975af582f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5713
x-xss-protection: 0
server: cafe
etag: 4841097009533305096
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 08:39:34 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/222/ Frame 6B42 85 KB
29 KB 46ms
18ms Script
application/x-javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/222/trk.js
Requested by: Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:42 GMT
Content-Encoding: gzip
Age: 507777
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29209
X-Served-By: cache-lga13624-LGA, cache-hhn4070-HHN
Access-Control-Allow-Origin: *, *
Last-Modified: Tue, 14 Dec 2021 10:40:55 GMT
Server: AkamaiNetStorage
X-Timer: S1639986283.636027,VS0,VE0
ETag: "27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 14 Dec 2022 10:41:45 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 2366658

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame 6B42 0
802 B 51ms
14ms Image
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.eastbaytimes.com%252F&e=wqT_3QKEBugEAwAAAwDWAAUBCOnogI4GELPw8riPjJ6AdhgAKjYJLQq7KHrg0z8RhMvXI9x90T8ZAAAA4KNwJUAhhA0SACkRJMgxAAAAwB6F9z8wm9WQCjj8SEDlHkhlUK2iyyVY66ldYABo-4F3eLLnBYABAYoBA1VTRJIFBvBhmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApWgSOoCHWh0dHBzOi8vd3d3LmVhc3RiYXl0aW1lcy5jb20vgAMAiAMBkAMAmAMXoAMBqgPqAQq_AWgNM2RwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLgE8CR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0aQFfYj1BS0FtZi1EZXF1THZxdzNfODc3RHd5TWtTOXNodVFuT0ZqR0tIWGpqd0RndXM5dERpSEN0NDBaWVlLYTZieEVvNVcwdkFYZGNZVlVPSHFyODhLZHV2MjhKc3FncjQ5OHJCZyZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM4NTAyOTI4NDU0MzMzNTQ0NDk5Igg3ODgyNzgyMSoEMzk0MToBMMADrALIAwDYA93MkwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMTk0LjM2LjEwOC4xOKgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEraLLJYgFAZgFAKAFg7rT0OaRu412wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFk_YX-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAkWCQGgEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTMxNDkzOTU4OTkyugcRCAABKUwqBDEtLS04xAZAAcgHsucF0gcNCQlHAAAFSQjaBwYJKUDgBwDqBwIIAPAH3WeKCAIQAA..&s=5376fc4f53e586fe210f9d16629af0836041b605

Requested by

Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:42 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: fba3c4ae-51b2-4e4b-b7a3-c96ac61ddeb1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B42 119 KB
37 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 07:44:42 GMT

GET
H/1.1 200
OK moatad.js Show response
js.moatads.com/bangdfp107159576598/ Frame 6B42 0
422 B 291ms
75ms Script
application/x-javascript 178.18.231.144
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.moatads.com/bangdfp107159576598/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 178.18.231.144 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:42 GMT
Last-Modified: Mon, 14 May 2018 18:19:42 GMT
Server: AmazonS3
x-amz-request-id: 22AB56TD4KFKW7QM
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: application/x-javascript
Cache-Control: max-age=2474
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: XNDjHDYuc89jkQSzYmx0Z31QIYvXYlpdO1EmPgNbs5ZWczbeqYep9D5aDwJXNZ2rZTvL2FBdHK4=

GET
H2 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame E346 13 KB
5 KB 25ms
8ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 20 Dec 2021 04:09:13 GMT
expires: Tue, 21 Dec 2021 04:09:13 GMT
content-type: text/html; charset=UTF-8
etag: 12223946614886178233
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4980
x-xss-protection: 0
age: 12929
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame CCBB 13 KB
6 KB 25ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4f31178f3fe6003e606295047fdb9be890c6a9c6c8594576435f86975af582f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 308
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5713
x-xss-protection: 0
server: cafe
etag: 4841097009533305096
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Dec 2021 08:39:34 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/222/ Frame CCBB 85 KB
29 KB 33ms
7ms Script
application/x-javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/222/trk.js
Requested by: Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:42 GMT
Content-Encoding: gzip
Age: 507777
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29209
X-Served-By: cache-lga13624-LGA, cache-hhn4044-HHN
Access-Control-Allow-Origin: *, *
Last-Modified: Tue, 14 Dec 2021 10:40:55 GMT
Server: AkamaiNetStorage
X-Timer: S1639986283.630715,VS0,VE0
ETag: "27a82a9a755fe85e7882d2ba1e990a11:1639478455.565772"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 14 Dec 2022 10:41:45 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 2367276

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ Frame CCBB 0
802 B 52ms
22ms Image
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.eastbaytimes.com%252F&e=wqT_3QKEBugEAwAAAwDWAAUBCOnogI4GEOfZ1fWL5sf4DRgAKjYJDVUxlX7Cyz8R2EqmErdtyD8ZAAAAQDOzL0Ah2A0SACkRJMgxAAAAANejAEAwrNWQCjj8SEDlHkhlUM-iyyVY66ldYABo-4F3eLLnBYABAYoBA1VTRJIFBvBhmAGsAqABmgioAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApWgSOoCHWh0dHBzOi8vd3d3LmVhc3RiYXl0aW1lcy5jb20vgAMAiAMBkAMAmAMXoAMBqgPqAQq_AWgNM2RwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLgE8CR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0UwFfYj1BS0FtZi1DUktYb3JZNng3bEtyd216WUlaVkFDb3BkRFRxQWRqczhGLXNZaG9Ua0RxSXRwREV3QUtsV3VaUmtjVkZNS2xTZ1Qwc0VOTmJYbFhSeWZ0NzJsN0hlWlMyNjdYdyZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMxMDA0NjE4NDg2MDk4NzgzNDYzIgg3ODgyNzg1NSoEMzk0MToBMMADrALIAwDYA93MkwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMTk0LjM2LjEwOC4xOKgEALIEEAgAEAEYrAIgmggoADAAOAK4BADABADIBADaBAIIAeAEAfAEz6LLJYgFAZgFAKAFx7_hmLi84Ys8wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhPoV-gUECAAQAJAGAJgGALgGAMEGQS80AADwP9AG7o8B2gYWChAJEhkBoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEyNjc5NzcxNzk2OLoHEQgAASlMKgQxLS0tOMQGQAHIB7LnBdIHDQkRSwEgCNoHBgkpQOAHAOoHAggA8AfdZ4oIAhAA&s=e2569761ad87adc4601146fc7f8c224e6fe30efc

Requested by

Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:42 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b68b7079-239f-421e-a3d9-2da7c50dd5c1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCBB 0
20 B 48ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-C7SeBHl-F9vJ20uzE2n6dXzcqXi7ShvCF5ySkG5x0w2wFWfL2Np5enaTe6YMT6NyqsF9XRbTT7bl5n44D_fmp66n0gYA

Requested by

Host: mng-eastbaytimes.zeustechnology.com
URL: https://mng-eastbaytimes.zeustechnology.com/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCBB 119 KB
37 KB 43ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 07:44:42 GMT

GET
H/1.1 200
OK moatad.js Show response
js.moatads.com/bangdfp107159576598/ Frame CCBB 0
422 B 291ms
83ms Script
application/x-javascript 178.18.231.144
DATAIX-AS Peering...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.moatads.com/bangdfp107159576598/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120601.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 178.18.231.144 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:42 GMT
Last-Modified: Mon, 14 May 2018 18:19:42 GMT
Server: AmazonS3
x-amz-request-id: 22AB56TD4KFKW7QM
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Content-Type: application/x-javascript
Cache-Control: max-age=2474
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
x-amz-id-2: XNDjHDYuc89jkQSzYmx0Z31QIYvXYlpdO1EmPgNbs5ZWczbeqYep9D5aDwJXNZ2rZTvL2FBdHK4=

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6B42 0
0 42ms
41ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuk4p-CDtva-iAOUz8vf_anyyJy4tbDXNanmSPWkEEthS8BLXPC_ZW4_Iorc_To8kazGURyaJibdZVifdmDSFmpIko-gteN1wPDnwux_sta2gOJhz70MVhkvt33GDrZcTBOM_hjjI-lfquPiJTcZbNtno2kpgK88-D58HPROBrLILnaKZ8imZz4uhzM5RAfoEWYrizgZzEnm2QlSC9MdWn0FEV1MgoJ_JUuqASkk2wVhtVwigaffi2_E4D-p0whYYks8DvZhE9QwfrTte5KClscfJAU3WKHWXXAolTk6-QmGb10R6QSXTZkySXOhrILA6Zbtne48xY0aXm2QQ_LonR7sRM1dGM&sig=Cg0ArKJSzNN1VFUa5M2-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 07:44:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame CCBB 0
0 42ms
41ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuMUQy9DQNmQeBz5Qz8my0WR-OO1bY-pxxW7HhQDMVUsuTlq2ea7kLw4UhHWHcRWbPjO-gdU9cEzayn9LceTfJF5UCQQGTTnufw93JlPu9oPbuy-c8KPZOmcORcYBrDygQCVQNF0iwM-nMoHEwK0-sxDGdfN2PYT29daCuuh_ZvDKsJQE5LPAkj77IkqU8TQ_boWXPma02Ke4Fy2IfT2ZAJ5KKkAU8TU8Q4WTZMj9SkX2SBXSjbMyWHaEm3yAqQ_XntcsK8sI-dK_3v1XKlvakJfXV7w9ajptcif-Gk_40iCczsSOe8dfWnvBBXe3Gkq-Ri5pKoE5DiLLmNyap2UUuka1nXA_o&sig=Cg0ArKJSzLMW-o7cwzL3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 07:44:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame CCBB 73 KB
28 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8576ac4fad8d6a2eef6c1a412387cb3e7a6909b0a647f33bb0686d57d300d02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28114
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461277931444"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 07:44:42 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame CCBB 0
802 B 28ms
14ms Script
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.eastbaytimes.com%2F&e=wqT_3QLwA3zwAQAAAwDWAAUBCOnogI4GEO6_6t2ZrOPHMhgAKjYJAA0BABENCCgAGQAAAKCZmRJAIRESACkRCfQOATEAAAAgXI_qPzCZ1ZAKOPxIQPxISABQAFjrqV1gAGj7gXd4sucFgAEBigEAkgEDVVNEmAGsAqABMqgBAbABALgBAMABAMgBANABANgBAOABAPABANgCAOAClaBI6gIdaHR0cHM6Ly93d3cuZWFzdGJheXRpbWVzLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2APdzJMB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE5NC4zNi4xMDguMTioBACyBA8IABABGKwCIDIoADAAOAK4BADABADIBADaBAIIAOAEAPAEAIgFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAAApF2jYBQHgBQDwBQD6BQQIABAAkAYAmAYAuAYAwQYJIRgAANoGFgoQEQ0RAVwQABgA4AYA8gYCCACABwGIBwCgBwC6BxEBRFAYACoEMS0tLTjEBkAByAey5wXSBw01qwE6CNoHBgkpQOAHAOoHAggA8AfdZ4oIAhAA&s=14a582a34aaf031fcfb377599b2d8f2515cbcfcb&bdref=https%3A%2F%2Fwww.eastbaytimes.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.eastbaytimes.com%2F,https%3A%2F%2Fwww.eastbaytimes.com%2F&

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:42 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 32d508d4-2c67-4445-821f-79426f037c8a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame E346 113 KB
33 KB 116ms
101ms XHR
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab77a03a7d7c6f1cb531a912193e0fe8b75fc9772c73aebc2f67ed8cdee5cd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34105
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame CCBB 0
0 55ms
41ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstaSywyYh1FFZ5qE5jR2kEavE31juJP736iNrpaz31tgRkDva0qDLMMtNGPutYbD-JtsRig1gVLWqrmbqShMz_8k82gs6CqgbWEWp_MFxwx7s_nhCWbXp8WhQ4roNb3A0bI5dfwF-R-BmODNfHsmOb94i-XOeiyw11Ep9u8xTgHHqOeFsmtWUxeRH08jHt2Xld4IMqnQ2G5V2DhDXR9qgt2yC8EJMSSPoQxjCrmdzW7BuRO8h6osxJ8bb9OavnyaZQKaOjU-tr85XQIY3VykSji5C-H7jPHiW5x4FJ7Msw3AFA8b1pQo98iwiskdUjfgRkxRIf4D3CZFfYXgfr7TLfIhrk28TIj_Q&sig=Cg0ArKJSzDHT2qgDauOOEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 07:44:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame CCBB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02c52cff67e539ec8595b1cb0ae361606fdca05b9b87c706a15fd59aff98ebef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame CCBB 0
829 B 36ms
36ms Ping
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.eastbaytimes.com%2F&e=wqT_3QKEBugEAwAAAwDWAAUBCOnogI4GEOfZ1fWL5sf4DRgAKjYJDVUxlX7Cyz8R2EqmErdtyD8ZAAAAQDOzL0Ah2A0SACkRJMgxAAAAANejAEAwrNWQCjj8SEDlHkhlUM-iyyVY66ldYABo-4F3eLLnBYABAYoBA1VTRJIFBvBhmAGsAqABmgioAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApWgSOoCHWh0dHBzOi8vd3d3LmVhc3RiYXl0aW1lcy5jb20vgAMAiAMBkAMAmAMXoAMBqgPqAQq_AWgNM2RwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLgE8CR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0UwFfYj1BS0FtZi1DUktYb3JZNng3bEtyd216WUlaVkFDb3BkRFRxQWRqczhGLXNZaG9Ua0RxSXRwREV3QUtsV3VaUmtjVkZNS2xTZ1Qwc0VOTmJYbFhSeWZ0NzJsN0hlWlMyNjdYdyZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMxMDA0NjE4NDg2MDk4NzgzNDYzIgg3ODgyNzg1NSoEMzk0MToBMMADrALIAwDYA93MkwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMTk0LjM2LjEwOC4xOKgEALIEEAgAEAEYrAIgmggoADAAOAK4BADABADIBADaBAIIAeAEAfAEz6LLJYgFAZgFAKAFx7_hmLi84Ys8wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhPoV-gUECAAQAJAGAJgGALgGAMEGQS80AADwP9AG7o8B2gYWChAJEhkBoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEyNjc5NzcxNzk2OLoHEQgAASlMKgQxLS0tOMQGQAHIB7LnBdIHDQkRSwEgCNoHBgkpQOAHAOoHAggA8AfdZ4oIAhAA&s=e2569761ad87adc4601146fc7f8c224e6fe30efc&type=nv&nvt=5&jm=1003&px=1138&py=495&bw=300&bh=1050&sid=1523517081072821603&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21244588&sw=1600&sh=1200&pw=1600&ph=6891&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:42 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 43519155-2a2d-4377-91a3-360384fb2995
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.eastbaytimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK a-04i2 Show response
i.liadm.com/s/c/ Frame 2260 1 KB
1 KB 432ms
112ms Document
text/html 107.23.11.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-04i2?s=&cim=&ps=true&ls=true&duid=a24f03d9278a--01fqbcsfb805k0w8ppjf0x1a1d&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.11.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-11-80.compute-1.amazonaws.com

Software

Resource Hash

55d0f6bcae13893219a90ac014e844b9276601ce0e76643fbc876676218d1110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/

Response headers

Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Mon, 20 Dec 2021 07:44:42 GMT
ETag: 1.61803398874
Strict-Transport-Security: max-age=31536000; includeSubDomains
trace-id: f133b9b95cee39e4
Vary: Accept-Encoding
Content-Length: 667
Connection: keep-alive

GET
H/1.1 200
OK baker
sli.eastbaytimes.com/ 19 B
369 B 121ms
32ms Image
image/gif 2.16.186.168
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sli.eastbaytimes.com/baker?dtstmp=1639986282726
Requested by: Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.168 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-168.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:42 GMT
Cache-Control: max-age=0, no-cache, no-store
Expires: Mon, 20 Dec 2021 07:44:42 GMT
Connection: keep-alive
Content-Length: 19
Content-Type: image/gif

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 119ms
93ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.eastbaytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.17.4
date: Mon, 20 Dec 2021 07:44:42 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 1a Show response
i.clean.gg/ Frame 6B42 0
15 B 104ms
95ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 render_post_ads_v1.html Show response
googleads.g.doubleclick.net/pagead/ Frame 3C60 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 20 Dec 2021 04:09:13 GMT
expires: Tue, 21 Dec 2021 04:09:13 GMT
content-type: text/html; charset=UTF-8
etag: 12223946614886178233
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4980
x-xss-protection: 0
age: 12929
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B42 73 KB
27 KB 34ms
19ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8576ac4fad8d6a2eef6c1a412387cb3e7a6909b0a647f33bb0686d57d300d02e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28114
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461277931444"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 07:44:42 GMT

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 6B42 0
802 B 108ms
108ms Script
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:42 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 46f309f0-7baa-4883-a150-eaabc28c48ae
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 3C60 79 KB
29 KB 50ms
50ms XHR
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13d817a14b4b489ccedde94cc6e56d3b996cfbb6deaa1f1486dbb7c974a3a199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30145
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame E346 2 KB
532 B 32ms
16ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 20 Dec 2021 06:06:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 20 Dec 2021 07:44:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 20 Dec 2021 07:44:42 GMT

GET
H2 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E346 2 KB
1 KB 39ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2cb797c032b97fe5bf080e4d0e2537fd7f9a78e8ccc3fb8c4c5bc8ca7415e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:07:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 939
x-xss-protection: 0
server: cafe
etag: 11779016803434629492
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 07:07:43 GMT

GET
H2 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame E346 24 KB
10 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 07:19:03 GMT

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E346 2 KB
1 KB 38ms
13ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e371c9ea0fd636a3ecd29ae5e8413d144d470f77ca4bdda94b6e61ec3b980eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:32:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
server: cafe
etag: 11377196957905752455
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 07:32:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E346 119 KB
36 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 07:44:42 GMT

GET
H2 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame E346 18 KB
7 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51bbe57479b8c393497c12c8a7a3e3db77d4d60751017cbebd63ddc54a328819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7337
x-xss-protection: 0
server: cafe
etag: 7465115486436736623
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 07:41:05 GMT

GET
H2 200 253a7d78465f16f9f81c5652782f72f1.js Show response
www.gstatic.com/mysidia/ Frame E346 36 KB
14 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/253a7d78465f16f9f81c5652782f72f1.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d3bed09ea42550f14c8721f27a7076c4f2a73692c1b8c3191a98c4d3603aace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 19:06:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 477477
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14076
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 14 Mar 2022 19:06:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E346 0
20 B 30ms
30ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSIrpaTTAYdq9NIay3gOg-bH4A4-SoIVnz8eIicUOrgIQASDml9YlYJX68IGMB6ABzMmtzwPIAQmpAkhkDSZZ2rI-qAMByAPLBKoE4QFP0JebvQsZdhiWsZFnXwIzAufHSvyW4MSCWh90mJuNuPDhlJnJN7qKiuBGigF_pT1RY0-iQOLKE23ClIgB3FW-EdnxA5aHQBhqLtdqF0lIVSmfFwzEaUn3YP91_zQEW-2sqpFHvusl51K6v2DUfbofqAsEtGWJ6uG9s7HBV6-ugWz8EDuUoacRruvA4bLxYgnK7mujHl_xZB_-fqWvWIlBcUiBu4EQESPFpzV0m8gq7wkFK9UE6on0P45Qdl50RF5B8mM-1QZzAkkMaffwUsc-8eWGJ3DJyb58ycfgUK3oaQrABNDD7q3YA5IFBAgEGAGSBQQIBRgEoAYugAecttIwqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA0ggHCIBhEAEYAPIIDmJpZGRlci01NTUyMjkxgAoEyAsB2BMMiBQC0BUBmBYBgBcBshcICgYIABIAGAA&sigh=Iv5qNK42RFI&uach_m=[UACH]&pr=10:0.216873&template_id=494&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 20 Dec 2021 07:44:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Dec 2021 07:44:42 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E346 39 KB
39 KB 49ms
8ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSrdZ4SXoQGLz0iGnnTZ39whjSG9nE4MvMVsw3JPtxnZmcCQGLUS__cWn_4yLQ&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a16f40f95240d1b118d056bd488cbecc704778dcd85a87caa26768a821a9d927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 11:35:43 GMT
x-content-type-options: nosniff
age: 418139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39675
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 08:49:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 15 Dec 2022 11:35:43 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E346 33 KB
34 KB 48ms
7ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcR7btS1_Il-aod8qUORLLMGi6JfU1fqtxlu7ukX4TJtdJRT-Ye_YObDgtMjVg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c19e8e2f6d5663a14b1acd8e86726447ee3b290faacbb130a953d5eae391f6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 10:24:43 GMT
x-content-type-options: nosniff
age: 422399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34104
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 05:08:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 15 Dec 2022 10:24:43 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E346 36 KB
37 KB 57ms
7ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQSe1jq4l8Nksk3fKQOHXKdy7E4iMtNNK9XXh3ivac2PUsW4tMZJDAbAvYmTD0&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8a3f6ee4fd2e64afa7094b048cba6dbb12dc3e0ea0d0a007949dc666f9d67c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 10:32:15 GMT
x-content-type-options: nosniff
age: 421947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37135
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 08:37:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 15 Dec 2022 10:32:15 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E346 37 KB
37 KB 56ms
16ms Image
image/jpeg 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ8kA0pk-XeXWeuoYmNzK-o9iQGNaHkpdW9NFVYa0TGUV7C3SsrIdnAvywd0Fc&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b0183d411b54f12bfedbf7fc23d569f9cd6b55948d4914be7bb916beb7a68ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 09:26:23 GMT
x-content-type-options: nosniff
age: 425899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38177
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 08:48:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 15 Dec 2022 09:26:23 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame E346 36 KB
36 KB 65ms
15ms Image
image/jpeg 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRp7ySPfwDIcmnt72nzzHWlrc41L45tLkMuFSEtiS0CSZ4OnOT5R8O7bhQoqh4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fbbfc6d23ad3217d41e65ccd02c6aab9fc3f89ed664ca9c2817a25d5b0f041d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 10:56:27 GMT
x-content-type-options: nosniff
age: 420495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36833
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 08:32:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 15 Dec 2022 10:56:27 GMT

GET
H3

200

9861535539036549230
tpc.googlesyndication.com/simgad/ Frame E346
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC38N_xmQEQ6AcY6AcyCPnFKNiPI2N_
https://tpc.googlesyndication.com/simgad/9861535539036549230

53 KB
53 KB

29ms
12ms

Image
image/jpeg

2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9861535539036549230

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e967bd196b4efddf8c2818dedf1a80c0d739ee9d522da3eeda5a604ca4584a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 23:28:21 GMT
x-content-type-options: nosniff
age: 461781
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54673
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 15:44:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Dec 2022 23:28:21 GMT

Redirect headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 05:32:14 GMT
x-content-type-options: nosniff
server: cafe
age: 7948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/9861535539036549230
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 19 Jan 2022 05:32:14 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 3C60 24 KB
9 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1539
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9516
x-xss-protection: 0
server: cafe
etag: 14328493792227503680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 07:19:03 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3C60 2 KB
1 KB 20ms
11ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e371c9ea0fd636a3ecd29ae5e8413d144d470f77ca4bdda94b6e61ec3b980eb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:32:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 704
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
server: cafe
etag: 11377196957905752455
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 07:32:58 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C60 119 KB
36 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 20 Dec 2021 07:44:42 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3C60 18 KB
7 KB 18ms
9ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51bbe57479b8c393497c12c8a7a3e3db77d4d60751017cbebd63ddc54a328819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:41:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 217
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7337
x-xss-protection: 0
server: cafe
etag: 7465115486436736623
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 07:41:05 GMT

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 3C60 36 KB
14 KB 28ms
19ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/one_click_handler_one_afma.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

603aba830ea0e035c90c5c4a95a4f2a79de9c8f6b479a4f5e599402dedf9cdcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 06:07:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14065
x-xss-protection: 0
server: cafe
etag: 12717653882186688320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Jan 2022 06:07:16 GMT

GET
H3 200 17262124967302191928
tpc.googlesyndication.com/simgad/ Frame 3C60 123 KB
123 KB 26ms
17ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17262124967302191928?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlVvConPmX4ucreT0PKXQEq7xTwsg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a654e8f97178e7240402caf70d43f4cde175e42997541a55752441332d515b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 16 Dec 2021 04:34:16 GMT
x-content-type-options: nosniff
age: 357026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126015
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 04:27:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 16 Dec 2022 04:34:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3C60 0
21 B 37ms
36ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHMPBaTTAYabKNKyj7_UP8eue-AnNj9CZZ5vOp8KLD7_hHhABIOaX1iVglfrwgYwHoAHxg_2VA8gBAqgDAcgDyQSqBNsBT9BwbtkQVFo9dE---qZZ_6WMNbVcPAWu_fDxBXDBWTFsQGV7G8v9YXR6sFfnEuaol73NsA2IkLC_2j0h836I6utxoG59kWxTfwU4mPm3G_2YwQ0WLah7M8h1LCXP5vsWr9sH2LtfCaVwV1EVjLXLIb9dgECVG055x19_lrYQSd-45z20eOxLqqUcC7eospYXQR7c5Fl-nUW9cvjRbrOCdUVYSbzQhXESCHrdP0niutAL9_5n6YEthj9ORkgDKSFeEmNlO3JOS078FiGEqpOpCmZOa8IAaRe_XckVwATQqprt6QOSBQQIBBgBkgUECAUYBKAGAoAHn_7fjwGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAdIIBwiAYRABGADyCA5iaWRkZXItNTU1MjI5MYAKBMgLAdgTDdAVAYAXAbIXCAoGCAASABgA&sigh=a582aK8IadM&uach_m=[UACH]&pr=10:0.310576&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 20 Dec 2021 07:44:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 20 Dec 2021 07:44:42 GMT

GET
DATA 200
OK truncated
/ Frame E346 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 093efa8138cefd2a5c30bebca10ff68d0c6bead8c651ad9caa676d741729cca0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame E346 20 KB
20 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 23:19:29 GMT
x-content-type-options: nosniff
age: 462313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 23:19:29 GMT

GET
H2 200 c82b4907e1d878a7212b792043ce335f Show response
p192.eastbaytimes.com/templates/ 474 KB
69 KB 9ms
9ms Script
text/javascript 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p192.eastbaytimes.com/templates/c82b4907e1d878a7212b792043ce335f

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-5.fra50.r.cloudfront.net

Software

- /

Resource Hash

e878e3e995e89c125a8187b3af26ec48cc6e89c48709316d5389e4066d7ceb5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 17:02:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 17246505
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 70537
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Jun 2021 17:02:56 GMT
server: -
etag: c82b4907e1d878a7212b792043ce335f
content-type: text/javascript; charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-amz-cf-pop: FRA50-C1
x-robots-tag: noindex, nofollow
x-amz-cf-id: IlRWrXuWxjlviTwozsMlKqAJp0deq5erYezspyBsJNSHvV5W08mOiw==
expires: Fri, 03 Jun 2022 17:02:56 GMT

POST
H2 200 492 Show response
p192.eastbaytimes.com/DG/DEFAULT/rest/rpc/ 193 B
1 KB 371ms
371ms XHR
application/json 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p192.eastbaytimes.com/DG/DEFAULT/rest/rpc/492?referer=https%3A%2F%2Fwww.eastbaytimes.com%2F&bcsessionid=2ddb8c30-f2fb-4584-987e-a5d0af12797b&bctempid=&overruleReferrer=&time=2021-12-20T07%3A44%3A42%2B00%3A00&ts=1639986282899

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-5.fra50.r.cloudfront.net

Software

- /

Resource Hash

7e3642a6b45cd8813051e15cbbc7f9d0377fd9f67a803631effaddcc5b4c237d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 156
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.eastbaytimes.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: gfxYGNWBc103LumT99BhJkzJSKSMr2MgghWKN5aSrtfaCnURfYMqNw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 492 Show response
p192.eastbaytimes.com/DG/DEFAULT/rest/rpc/ 379 B
1 KB 376ms
375ms XHR
application/json 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-5.fra50.r.cloudfront.net

Software

- /

Resource Hash

25dcc632c2655b3a00a4e8b40b2ba9edb6a526bab8428e00f9d75f5bfa609ef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 180
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.eastbaytimes.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Nci8l8rXWX-LfkB82nPXWh7gNovXeF5tqSDYp5jPyAZIrCvji3gJVA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 492 Show response
p192.eastbaytimes.com/DG/DEFAULT/rest/rpc/ 190 B
1 KB 101ms
101ms XHR
application/json 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-5.fra50.r.cloudfront.net

Software

- /

Resource Hash

ecec2a347bd237f1e9cc0d0ffd18bb5e4464e4fcb7d055a3da063d979bd4b6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.eastbaytimes.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: iyjy2S8wIhyYLL3Rd70EogjACtXKKQuwiqxWScZZ66byQiC7OC-fgg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 6B42 0
0 42ms
42ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstiO8_zR1b5NbspUsE3kcRDEiAoO7uun5UvY5Ux8bAc196IWFGbUgPhG6G3u6NlkaJK2nsFaE8Z6eZ7JbElowsr5i5RIOcO7rXep__HCCWAmHSWbGXps9mI7Q7RaVOjgLtkNtQ9aJGLq0aPBdhuNT-wy_biM7lmnK9uItmy1fuZBh1YuVm67CPwdqN9ilR1t7VxSRPtPvyBNyM8U6_U_zwuEc0dtUpvtEVEVsPMi62_S7MaaMIedWRwfu99pwV1ViTGiUOmE696SW0cboTsXzOhlXeyYGpcQn1o3RovMAYuOtjERKDLIuW-NNrNpzBS86u4v4VY7Z9IlMZuXdjGmOG48V2CP5rzkA&sig=Cg0ArKJSzAnqJ3oYdElYEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 20 Dec 2021 07:44:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 6B42 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f850b3139267f7413b046bef8d1629812e0b9289ef5c4ac13c5a68e3cb453a3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cs Show response
digitalfirstmedia.blueconic.net/DG/DEFAULT/ 66 B
855 B 100ms
100ms Script
text/javascript 54.167.130.168
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://digitalfirstmedia.blueconic.net/DG/DEFAULT/cs?bcsessionid=2ddb8c30-f2fb-4584-987e-a5d0af12797b&&callback=bc_json495

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.167.130.168 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-167-130-168.compute-1.amazonaws.com

Software

- /

Resource Hash

2dff5554b3e30b5ae25a96df74aac7a4661d0fff280aaec81daffc0a31aca387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript; charset=utf-8
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2EC5 143 B
163 B 9ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 20 Dec 2021 07:04:45 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3C60 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f7df054a99da83e4285326418b60a865f666b9882ae7880d48891e3160cb5d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame D424 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: www.eastbaytimes.com
URL: https://www.eastbaytimes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 18 Dec 2021 09:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 09:46:52 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 6B42 0
829 B 15ms
15ms Ping
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.eastbaytimes.com%2F&e=wqT_3QKEBugEAwAAAwDWAAUBCOnogI4GELPw8riPjJ6AdhgAKjYJLQq7KHrg0z8RhMvXI9x90T8ZAAAA4KNwJUAhhA0SACkRJMgxAAAAwB6F9z8wm9WQCjj8SEDlHkhlUK2iyyVY66ldYABo-4F3eLLnBYABAYoBA1VTRJIFBvBhmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApWgSOoCHWh0dHBzOi8vd3d3LmVhc3RiYXl0aW1lcy5jb20vgAMAiAMBkAMAmAMXoAMBqgPqAQq_AWgNM2RwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLgE8CR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0aQFfYj1BS0FtZi1EZXF1THZxdzNfODc3RHd5TWtTOXNodVFuT0ZqR0tIWGpqd0RndXM5dERpSEN0NDBaWVlLYTZieEVvNVcwdkFYZGNZVlVPSHFyODhLZHV2MjhKc3FncjQ5OHJCZyZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM4NTAyOTI4NDU0MzMzNTQ0NDk5Igg3ODgyNzgyMSoEMzk0MToBMMADrALIAwDYA93MkwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMTk0LjM2LjEwOC4xOKgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEraLLJYgFAZgFAKAFg7rT0OaRu412wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFk_YX-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAkWCQGgEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTMxNDkzOTU4OTkyugcRCAABKUwqBDEtLS04xAZAAcgHsucF0gcNCQlHAAAFSQjaBwYJKUDgBwDqBwIIAPAH3WeKCAIQAA..&s=5376fc4f53e586fe210f9d16629af0836041b605&type=nv&nvt=5&jm=1003&px=315&py=178&bw=970&bh=250&sid=1523517081072821603&vd=ct~0|rr~0&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21244571&sw=1600&sh=1200&pw=1600&ph=6891&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:43 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 88ffec43-b0d5-406f-a8b4-35e0f46d4bb9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.eastbaytimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 492 Show response
p192.eastbaytimes.com/DG/DEFAULT/rest/rpc/ 5 KB
3 KB 379ms
378ms XHR
application/json 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-5.fra50.r.cloudfront.net

Software

- /

Resource Hash

7ebff852e484a85b77a6236129ec0f83378fde381dc7ea6b718fc56a238bbabf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2393
x-xss-protection: 1; mode=block
pragma: no-cache
access-control-allow-origin: https://www.eastbaytimes.com
server: -
content-type: application/json; charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: lS5d8LcPmFwMWwz8gLTOrhoDeH4yyc420EM8eQUQp7hC1W2ytvBy7g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 recommendations Show response
p192.eastbaytimes.com/rest/ 457 B
1 KB 389ms
388ms Script
text/javascript 143.204.98.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p192.eastbaytimes.com/rest/recommendations?storeId=8b49c406-3fbd-4a9a-8805-c1cd7bfd40e7&profileId=undefined&frequencyCap=8&itemId=www.eastbaytimes.com%2F&request=%5B%7B%22id%22%3A1561661563872%2C%22filters%22%3A%5B%22VIEWED%22%2C%22publicationDate%3E%3D2021-12-18T07%3A44%3A43.093Z%22%2C%22hasproperty%3Alede%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A10%2C%22algorithm%22%3A%22SAME_CATEGORY%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENCY%22%7D%2C%7B%22value%22%3A3%2C%22algorithm%22%3A%22RECENT_VIEW%22%7D%5D%2C%22count%22%3A2%7D%2C%7B%22id%22%3A1561661593537%2C%22filters%22%3A%5B%22VIEWED%22%2C%22publicationDate%3E%3D2021-12-18T07%3A44%3A43.093Z%22%2C%22hasproperty%3Alede%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A10%2C%22algorithm%22%3A%22LOOK_ALIKE%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENCY%22%7D%5D%2C%22count%22%3A2%7D%2C%7B%22id%22%3A1561661645802%2C%22filters%22%3A%5B%22VIEWED%22%2C%22publicationDate%3E%3D2021-12-18T07%3A44%3A43.093Z%22%2C%22hasproperty%3Alede%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A10%2C%22algorithm%22%3A%22COLLABORATIVE_FILTERING%22%2C%22rampUp%22%3A%22INSTANT%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENCY%22%7D%5D%2C%22count%22%3A3%7D%2C%7B%22id%22%3A1561661684113%2C%22filters%22%3A%5B%22VIEWED%22%2C%22publicationDate%3E%3D2021-12-18T07%3A44%3A43.093Z%22%2C%22hasproperty%3Alede%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A10%2C%22algorithm%22%3A%22RECENT_CTR%22%7D%2C%7B%22value%22%3A7%2C%22algorithm%22%3A%22RECENCY%22%7D%5D%2C%22count%22%3A3%7D%2C%7B%22id%22%3A%22default%22%2C%22filters%22%3A%5B%22VIEWED%22%2C%22publicationDate%3E%3D2021-12-18T07%3A44%3A43.093Z%22%2C%22hasproperty%3Alede%22%5D%2C%22boosts%22%3A%5B%7B%22value%22%3A10%2C%22algorithm%22%3A%22RECENT_VIEW%22%7D%5D%2C%22count%22%3Anull%7D%5D&&callback=bc_json496

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-5.fra50.r.cloudfront.net

Software

- /

Resource Hash

1edf949ed31ff6ede936ed8b38018e110107a0b26c42b345620e773c6ab46866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 247
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: text/javascript;charset=utf-8
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
x-amz-cf-id: lv23d0cPPCBDaG1zLAO5YjgE_AYcj_j2S5gSPp-j_rPyVdyq3ovbmg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

135281544f204c748e990961c50a3c00
i.liadm.com/s/e/a-04i2/0/ Frame 2260
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https://i.liadm.com/s/e/a-04i2/0/135281544f204c748e990961c50a3c00?mpid%3D7156%26muid%3D%5BMM_UUID%5D&26c2ce5b-6407-4994-8ee1-8372c5cacfdf&us_priva...
https://i.liadm.com/s/e/a-04i2/0/135281544f204c748e990961c50a3c00?mpid=7156&muid=c59f61c0-346b-4e00-b1d4-44aefa037c85

43 B
285 B

102ms
102ms

Image
image/gif

107.23.11.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-04i2/0/135281544f204c748e990961c50a3c00?mpid=7156&muid=c59f61c0-346b-4e00-b1d4-44aefa037c85

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-04i2?s=&cim=&ps=true&ls=true&duid=a24f03d9278a--01fqbcsfb805k0w8ppjf0x1a1d&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&

Protocol

HTTP/1.1

Server

107.23.11.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-11-80.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:42 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: a7f657706225f9a4
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Date: Mon, 20 Dec 2021 07:44:43 GMT
Server: MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://i.liadm.com/s/e/a-04i2/0/135281544f204c748e990961c50a3c00?mpid=7156&muid=c59f61c0-346b-4e00-b1d4-44aefa037c85
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 20 Dec 2021 07:44:42 GMT

GET
H/1.1

200
OK

35759
i6.liadm.com/s/ Frame 2260
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1---
https://match.adsrvr.org/track/cmb/generic?ttd_pid=liveintent&ttd_tpi=1&us_privacy=1---
https://i.liadm.com/s/35759?bidder_id=44489&bidder_uuid=4b4fb9b1-6a8d-467e-8040-cc93fed88c39
https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=4b4fb9b1-6a8d-467e-8040-cc93fed88c39

43 B
447 B

422ms
248ms

Image
image/gif

2600:1f18:444a:4602:2c20:3113:5c28:1366
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=4b4fb9b1-6a8d-467e-8040-cc93fed88c39

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:2c20:3113:5c28:1366 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:43 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: cd99aa241b22ad52
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/35759?bidder_id=44489&bidder_uuid=4b4fb9b1-6a8d-467e-8040-cc93fed88c39
Date: Mon, 20 Dec 2021 07:44:43 GMT
Connection: keep-alive
trace-id: 3756f30a02880a9f
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

135281544f204c748e990961c50a3c00
i.liadm.com/s/e/a-04i2/0/ Frame 2260
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-04i2%2F0%2F135281544f204c748e990961c50a3c00%3Fmpid=82775&muid=$%7BDD_UUI...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&redir=https:%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-04i2%2F0%2F135281544f204c748e990961c50a3c00%3Fmpid...
https://i.liadm.com/s/e/a-04i2/0/135281544f204c748e990961c50a3c00?mpid=82775

43 B
285 B

241ms
102ms

Image
image/gif

107.23.11.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-04i2/0/135281544f204c748e990961c50a3c00?mpid=82775

Requested by

Protocol

HTTP/1.1

Server

107.23.11.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-107-23-11-80.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:43 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 16d94ed3b654dae3
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

DCS: dcs-prod-irl1-2-v025-0deaff2a8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: JGOG98NGQwM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://i.liadm.com/s/e/a-04i2/0/135281544f204c748e990961c50a3c00?mpid=82775
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

live_intent_sync
x.dlx.addthis.com/e/ Frame 2260
Redirect Chain

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&us_privacy=1---
https://x.dlx.addthis.com/e/live_intent_sync?na_exid=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&us_privacy=1---&rd=Y

43 B
604 B

166ms
166ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/live_intent_sync?na_exid=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&us_privacy=1---&rd=Y

Requested by

Protocol

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:43 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 20 Dec 2021 07:44:43 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

Redirect headers

location: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&us_privacy=1---&rd=Y
pragma: no-cache
date: Mon, 20 Dec 2021 07:44:43 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 20 Dec 2021 07:44:43 GMT

GET
H/1.1

200
OK

52176
i6.liadm.com/s/ Frame 2260
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
https://x.bidswitch.net/ul_cb/syncd?dsp_id=256&user_group=2&user_id=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&redir=//i.liadm.com/s/52176?bidder_id%3D5298%26bidder_uuid%3D$%7BBSW_UID%7D&us_privacy=1---
https://i.liadm.com/s/52176?bidder_id=5298&bidder_uuid=eaf80285-641a-46ff-9319-dfebcc0da915
https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=eaf80285-641a-46ff-9319-dfebcc0da915

43 B
447 B

298ms
96ms

Image
image/gif

2600:1f18:444a:4602:2c20:3113:5c28:1366
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=eaf80285-641a-46ff-9319-dfebcc0da915

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:2c20:3113:5c28:1366 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:43 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 7ddbdb34f22f935e
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52176?bidder_id=5298&bidder_uuid=eaf80285-641a-46ff-9319-dfebcc0da915
Date: Mon, 20 Dec 2021 07:44:43 GMT
Connection: keep-alive
trace-id: e69277fcb1a38852
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

52164
i6.liadm.com/s/ Frame 2260
Redirect Chain

https://x.bidswitch.net/sync?ssp=liveintent&user_id=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=liveintent&user_id=26c2ce5b-6407-4994-8ee1-8372c5cacfdf&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=liveintent&bsw_param=eaf80285-641a-46ff-9319-dfebcc0da915&google_hm=ZWFmODAyODUtNjQxYS00NmZmLTkzMTktZGZlYmNjMGRhOTE1
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENv9zmmSK_zr3xCo2GTSTwI&google_cver=1&ssp=liveintent&bsw_param=eaf80285-641a-46ff-9319-dfebcc0da915
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=eaf80285-641a-46ff-9319-dfebcc0da915
https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=eaf80285-641a-46ff-9319-dfebcc0da915

43 B
447 B

241ms
98ms

Image
image/gif

2600:1f18:444a:4602:2c20:3113:5c28:1366
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=eaf80285-641a-46ff-9319-dfebcc0da915

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:444a:4602:2c20:3113:5c28:1366 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 20 Dec 2021 07:44:43 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: e535028d6afb2976
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=eaf80285-641a-46ff-9319-dfebcc0da915
Date: Mon, 20 Dec 2021 07:44:43 GMT
Connection: keep-alive
trace-id: 3f44b1a5c0061dbc
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 2260 43 B
240 B 91ms
45ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/?us_privacy=1---
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-04i2?s=&cim=&ps=true&ls=true&duid=a24f03d9278a--01fqbcsfb805k0w8ppjf0x1a1d&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1---&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms: 27
pragma: no-cache
date: Mon, 20 Dec 2021 07:44:43 GMT
via: 1.1 varnish
server: nginx
x-timer: S1639986283.266741,VS0,VE27
x-served-by: cache-mxp6925-MXP
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2EC5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

82ms
82ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 20 Dec 2021 07:44:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 20 Dec 2021 07:44:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 20 Dec 2021 07:44:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js Show response
pagead2.googlesyndication.com/bg/ Frame 263F 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/render_post_ads_v1.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 18 Dec 2021 09:46:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Dec 2022 09:46:52 GMT

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 527 B
876 B 242ms
212ms Fetch
application/json 104.26.4.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1639986283575
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3afec9d918c94a228622f465a37ad7d51d2131839e54bcdd4f9c8f604dff838b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 20 Dec 2021 07:44:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sR1DT7Xdi8NJXj8pTZjXTqRfC46Kmyv22SMsjmZoyTebqG8rZs%2BS825GmRa0RQM7l7Cc113xQayYUJDeFysuXLiygBHR82NM49kVwmZPd9Iyp0j%2F4eVHuo%2BBvNOldrSNHlhl"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c073f4089eb1f31-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CCBB 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWroSOerVRHtwL66CRG7etCC4dyJi42vllukZJUAelEcHd0pr4sj0c-3QB4iKnft1CV2nuVdA3qFSoygaN-KJT7x8Dw7hE_kg6PvzhFUwOhkIYCofy&sig=Cg0ArKJSzC43TqdHmjxPEAE&id=lidar2&mcvt=1000&p=495,1138,1545,1438&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=0.67&app=0&itpl=19&adk=3343401588&rs=4&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639986282596&rpt=107&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame CCBB 0
829 B 14ms
14ms Ping
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.eastbaytimes.com%2F&e=wqT_3QKEBugEAwAAAwDWAAUBCOnogI4GEOfZ1fWL5sf4DRgAKjYJDVUxlX7Cyz8R2EqmErdtyD8ZAAAAQDOzL0Ah2A0SACkRJMgxAAAAANejAEAwrNWQCjj8SEDlHkhlUM-iyyVY66ldYABo-4F3eLLnBYABAYoBA1VTRJIFBvBhmAGsAqABmgioAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApWgSOoCHWh0dHBzOi8vd3d3LmVhc3RiYXl0aW1lcy5jb20vgAMAiAMBkAMAmAMXoAMBqgPqAQq_AWgNM2RwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLgE8CR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0UwFfYj1BS0FtZi1DUktYb3JZNng3bEtyd216WUlaVkFDb3BkRFRxQWRqczhGLXNZaG9Ua0RxSXRwREV3QUtsV3VaUmtjVkZNS2xTZ1Qwc0VOTmJYbFhSeWZ0NzJsN0hlWlMyNjdYdyZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhMxMDA0NjE4NDg2MDk4NzgzNDYzIgg3ODgyNzg1NSoEMzk0MToBMMADrALIAwDYA93MkwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMTk0LjM2LjEwOC4xOKgEALIEEAgAEAEYrAIgmggoADAAOAK4BADABADIBADaBAIIAeAEAfAEz6LLJYgFAZgFAKAFx7_hmLi84Ys8wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFhPoV-gUECAAQAJAGAJgGALgGAMEGQS80AADwP9AG7o8B2gYWChAJEhkBoBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHDDEyNjc5NzcxNzk2OLoHEQgAASlMKgQxLS0tOMQGQAHIB7LnBdIHDQkRSwEgCNoHBgkpQOAHAOoHAggA8AfdZ4oIAhAA&s=e2569761ad87adc4601146fc7f8c224e6fe30efc&type=pv&jm=1003&px=1138&py=495&bw=300&bh=1050&sf=0.67&sid=1523517081072821603&vd=ct~0|rr~5&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21244588&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:43 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9edddb22-3c41-4ed4-9c42-00f010e5e33d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.eastbaytimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 vendors~Auth0UniversalLoginAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 143 KB
42 KB 43ms
43ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/vendors~Auth0UniversalLoginAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C64) /
Resource Hash: 6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
content-md5: o/3Cfwyx2Hdo/xXi+KtqIw==
age: 38498
x-cache: HIT
content-length: 43195
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:48 GMT
server: ECAcc (mil/6C64)
etag: 0x8D9056E3D50F079
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e132120c-b01e-009a-781b-f5aaba000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0UniversalLoginAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 11 KB
3 KB 47ms
47ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0UniversalLoginAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C7B) /
Resource Hash: dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
content-md5: E5fyjsIr92YKgvTS5SE4ZA==
age: 38498
x-cache: HIT
content-length: 3400
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (mil/6C7B)
etag: 0x8D9056E339D05A5
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c40c18e1-d01e-00c5-131b-f55844000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0AuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 7 KB
2 KB 48ms
48ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0AuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C4C) /
Resource Hash: 99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
content-md5: jBig/iW/Mpw+sfYWVt9mLw==
age: 38498
x-cache: HIT
content-length: 2320
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:31 GMT
server: ECAcc (mil/6C4C)
etag: 0x8D9056E3391B836
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 242d473c-101e-011b-201b-f54eb8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 CustomAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 6 KB
2 KB 49ms
49ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/CustomAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C99) /
Resource Hash: 80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
content-md5: WtHQ46VooZh5jhibUEIm/g==
age: 38498
x-cache: HIT
content-length: 2146
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (mil/6C99)
etag: 0x8D9056E33BE9F96
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5f9c81a3-901e-00af-791b-f504ef000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 JanrainAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 9 KB
3 KB 50ms
49ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/JanrainAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C38) /
Resource Hash: 1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
content-md5: 3loC7XOiphfHLLmAxSEZ5g==
age: 38498
x-cache: HIT
content-length: 2639
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (mil/6C38)
etag: 0x8D9056E33C99EC8
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 97c2e9b6-d01e-006f-1d1b-f58eab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 MG2AuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 9 KB
3 KB 48ms
48ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/MG2AuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C78) /
Resource Hash: 8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
content-md5: 53DSePPJylXjWw4MlYhYcA==
age: 38498
x-cache: HIT
content-length: 2456
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (mil/6C78)
etag: 0x8D9056E33DFC44A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3f3628f5-a01e-00c1-161b-f5adc6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 NewzwareAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 13 KB
4 KB 48ms
48ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/NewzwareAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6CA8) /
Resource Hash: 2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:43 GMT
content-encoding: gzip
content-md5: XXTxgTgPuF9lg38Cul1d8Q==
age: 38498
x-cache: HIT
content-length: 4009
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (mil/6CA8)
etag: 0x8D9056E33EAC378
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d3bc4f4b-c01e-00b7-441b-f5297a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 LikeButtons4.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 114 B
242 B 47ms
47ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/LikeButtons4.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C41) /
Resource Hash: 64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 20 Dec 2021 07:44:43 GMT
content-md5: 0is0k5hNwCAMRJ10IGm41w==
age: 38498
x-cache: HIT
content-length: 114
x-ms-lease-status: unlocked
last-modified: Thu, 22 Apr 2021 09:08:32 GMT
server: ECAcc (mil/6C41)
etag: 0x8D9056E33D49E04
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2cfab3a9-701e-000f-421b-f5cb89000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
accept-ranges: bytes

OPTIONS
H/1.1 200
OK views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 0
0 129ms
129ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=fc429d9de8d0d4ec0e5fcb8967abe7a3&ConfigCode=BANGWPPRODWAB&SiteCode=DFM&SettingsKey=BANG%2CEBT
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin: https://www.eastbaytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By: ASP.NET
Date: Mon, 20 Dec 2021 07:44:43 GMT
Content-Length: 0

GET
H/1.1 200
OK views Show response
prod-dfm-proxy-connext.azurewebsites.net/api/ 65 B
1 KB 185ms
184ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=fc429d9de8d0d4ec0e5fcb8967abe7a3&ConfigCode=BANGWPPRODWAB&SiteCode=DFM&SettingsKey=BANG%2CEBT
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec

Request headers

source-system: Plugin
site-code: DFM
autoqa: false
Accept-Language: de-DE,de;q=0.9
settingskey: BANG,EBT
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2NDAwMDA2ODJ9.bqOEXy29A-EyYOlN1yZra2mw2FPeNKNKMQDpvV2Shig
environment: prod
config-code: BANGWPPRODWAB
access-control-allow-origin: *
ssid: 4b8107d31262312f83f76fddcdff1f5a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
accept: application/json
content-type: application/json
location: System
attr: EBT
Referer: https://www.eastbaytimes.com/
version: Version: 2.5.4.3_swg

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:44 GMT
Content-Encoding: gzip
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 177
X-Server-Time: 12/20/2021 7:44:44 AM
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E346 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZYqhXAAIwk3v6kF7a-XinkrWB43ZW_67y4FTiexe7PsQTnAUDrryFYHe0D68VRDcWXVMMsNecTvmXFFa_2xU1P1DzyWyZ5eCnbYZOxToFfAfY9DU&sig=Cg0ArKJSzCoyXQ4gUaWREAE&id=lidar2&mcvt=1034&p=0,0,1050,300&mtos=0,0,1034,1034,1034&tos=0,0,1034,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=0.67&if=1&app=0&itpl=22&adk=1559262597&exk=343820216&rs=5&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639986282600&rpt=380&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B42 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLNakL-wO5XP8O5kb2nPcX1gf6VpeyXN-GXnmtiE79f7x6VoQeam3JBeYIIuud27tiQV3RnMCeblEplhifH2nh9rznwExlJESibDctIzKoTlPm674-&sig=Cg0ArKJSzMQXhmumx_qQEAE&id=lidar2&mcvt=1035&p=178,315,428,1285&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20211202&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=776516575&rs=4&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639986282588&rpt=402&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
260 B 39ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=64gxdrp&ct=0:6swk5ma&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
260 B 39ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=64gxdrp&ct=0:vnlat9i&fmt=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
BLOB 200
OK 904a99be-f047-4973-9f20-9dedb53ddd6c
https://www.eastbaytimes.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.eastbaytimes.com/904a99be-f047-4973-9f20-9dedb53ddd6c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3C60 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2RZ7XYvwnyNU-YCt2Fc_JHXRLuiQist_Uv9l7Odm0mslCeaFAarySo4Y8pfDEepMfhtI1ZSCSKzoe_aQGk2GJq0baxEWmNNXpIN3RyxejrVlZFnU&sig=Cg0ArKJSzLOj09hhdbh9EAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=281997102&exk=622981572&rs=5&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1639986282745&rpt=298&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Dec 2021 07:44:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
331 B 41ms
17ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=13257

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.eastbaytimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 07:44:44 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.eastbaytimes.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 139ms
16ms Preflight 13.69.106.88
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.eastbaytimes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Mon, 20 Dec 2021 07:44:43 GMT
content-length: 0

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 415 B
601 B 63ms
63ms XHR
application/json 13.69.106.88
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.88 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 99171B3B-AD5A-4463-B53C-772E5FF87587
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Mon, 20 Dec 2021 07:44:43 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 415

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 6B42 0
829 B 14ms
13ms Ping
text/html 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.eastbaytimes.com%2F&e=wqT_3QKEBugEAwAAAwDWAAUBCOnogI4GELPw8riPjJ6AdhgAKjYJLQq7KHrg0z8RhMvXI9x90T8ZAAAA4KNwJUAhhA0SACkRJMgxAAAAwB6F9z8wm9WQCjj8SEDlHkhlUK2iyyVY66ldYABo-4F3eLLnBYABAYoBA1VTRJIFBvBhmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgApWgSOoCHWh0dHBzOi8vd3d3LmVhc3RiYXl0aW1lcy5jb20vgAMAiAMBkAMAmAMXoAMBqgPqAQq_AWgNM2RwYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLgE8CR5EL2dlbl8yMDQ_aWQ9YXdiaWQmBQb0aQFfYj1BS0FtZi1EZXF1THZxdzNfODc3RHd5TWtTOXNodVFuT0ZqR0tIWGpqd0RndXM5dERpSEN0NDBaWVlLYTZieEVvNVcwdkFYZGNZVlVPSHFyODhLZHV2MjhKc3FncjQ5OHJCZyZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhM4NTAyOTI4NDU0MzMzNTQ0NDk5Igg3ODgyNzgyMSoEMzk0MToBMMADrALIAwDYA93MkwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNMTk0LjM2LjEwOC4xOKgEALIEEAgAEAEYygcg-gEoADAAOAK4BADABADIBADaBAIIAeAEAfAEraLLJYgFAZgFAKAFg7rT0OaRu412wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFk_YX-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBu6PAdoGFgoQAAAAAAkWCQGgEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcMMTMxNDkzOTU4OTkyugcRCAABKUwqBDEtLS04xAZAAcgHsucF0gcNCQlHAAAFSQjaBwYJKUDgBwDqBwIIAPAH3WeKCAIQAA..&s=5376fc4f53e586fe210f9d16629af0836041b605&type=pv&jm=1003&px=315&py=178&bw=970&bh=250&sf=1&sid=1523517081072821603&vd=ct~0|rr~5&sv=222&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21244571&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/222/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 20 Dec 2021 07:44:44 GMT
X-Proxy-Origin: 194.36.108.18; 194.36.108.18; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a1bb70a4-56e0-4b99-9868-743b309e54cf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.eastbaytimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 33ms
7ms Fetch 3.124.152.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=jVaWZwiVJLZPQATfZvBdRlYI8yeoN9Y8bwWD&ver=5.8.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.152.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-152-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 20 Dec 2021 07:44:46 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 8ms
7ms Fetch 3.124.152.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=jVaWZwiVJLZPQATfZvBdRlYI8yeoN9Y8bwWD&ver=5.8.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.152.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-152-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eastbaytimes.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Mon, 20 Dec 2021 07:44:46 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
p192.eastbaytimes.com/DG/DEFAULT	1970-01-20 09:09:06	Name: BCSessionID Value: 2ddb8c30-f2fb-4584-987e-a5d0af12797b
digitalfirstmedia.blueconic.net/DG/DEFAULT	1970-01-20 08:18:42	Name: BCSessionID Value: 2ddb8c30-f2fb-4584-987e-a5d0af12797b
i.liadm.com/s	1970-01-20 00:16:18	Name: _li_ss Value: MgUIBhCTETIFCAoQkxEyBQh-EJIRMgYIiwEQkxEyBQgLEJMRMgUIDBCTETIFCHkQkhEyCQj_____BxCTEQ
.eastbaytimes.com/	1970-01-20 08:18:42	Name: bc_tstgrp Value: 7
.eastbaytimes.com/	1970-01-29 23:31:39	Name: _pnvl Value: false
.eastbaytimes.com/	1970-01-29 23:31:39	Name: pushly.user_puuid Value: ryXv7l98wtPvXlk1PvxHoC0ckIrC0g47
.eastbaytimes.com/	1970-01-29 23:31:39	Name: _pndnt Value:
www.eastbaytimes.com/	1970-01-19 23:33:09	Name: liveramp_id_env_sampling_rate Value: 100
www.eastbaytimes.com/	1970-01-19 23:34:32	Name: _lr_geo_location Value: DE
.scorecardresearch.com/	1970-01-20 16:49:54	Name: UID Value: 1KBOIJCUNI4H5VK7FSABDNg1639986282
.eastbaytimes.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .eastbaytimes.com
.eastbaytimes.com/	1970-01-20 17:04:18	Name: _lc2_fpi Value: a24f03d9278a--01fqbcsfb805k0w8ppjf0x1a1d
.adnxs.com/	1970-01-20 01:42:42	Name: icu Value: ChgIhYRKEAoYASABKAEw6eiAjgY4AUABSAEQ6eiAjgYYAA..
.adnxs.com/	1970-01-20 01:42:42	Name: uuid2 Value: 561725017246310076
.rubiconproject.com/	1970-01-20 08:18:42	Name: khaos Value: KXEDHLT2-2-9O42
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+dZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==
.rubiconproject.com/	1970-01-20 08:18:42	Name: audit Value: 1\|naVuGyos1qp5R9R/J/25xEZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lgqQSbabwYOfSBPHpKVMaydn37WC6Ig0LHKY++jymV4/aCFOaQK4KY/m483AcCYUhA==
.liadm.com/	1970-01-20 17:04:18	Name: lidid Value: 26c2ce5b-6407-4994-8ee1-8372c5cacfdf
.eastbaytimes.com/	1970-02-25 11:33:06	Name: anonDeviceId Value: fc429d9de8d0d4ec0e5fcb8967abe7a3
www.eastbaytimes.com/	1970-01-19 23:33:06	Name: _liChk Value: 0.21400161614342528
.doubleclick.net/	1970-01-20 08:54:42	Name: IDE Value: AHWqTUmJJ1EF4RPnWfQiT4r3x4R5hixXpS8fSxhoU3TQBPQuqg_8lRuSlNhFzJfvwao
digitalfirstmedia.blueconic.net/	1970-01-19 23:43:11	Name: AWSALBCORS Value: DjcNErmUFbtuRmpJ7GfGi9KRdFbG8oY6fyoKsI0B1rtDmpBg5BygUmY71kgko20BMVjek81cG9gJT3xmDxz7yyB5dquhb6awgYlrYNwKBkQc2BYBwwRPobKtBMIi
.bidswitch.net/	1970-01-20 08:18:42	Name: c Value: 1639986283
.bidswitch.net/	1970-01-20 08:18:42	Name: tuuid_lu Value: 1639986283
.bidswitch.net/	1970-01-20 08:18:42	Name: tuuid Value: eaf80285-641a-46ff-9319-dfebcc0da915
.mathtag.com/	1970-01-20 08:59:01	Name: uuid Value: c59f61c0-346b-4e00-b1d4-44aefa037c85
.adsrvr.org/	1970-01-20 08:18:42	Name: TDID Value: 4b4fb9b1-6a8d-467e-8040-cc93fed88c39
.demdex.net/	1970-01-20 03:52:18	Name: demdex Value: 69269514907272023060389040302325230708
.adsrvr.org/	1970-01-20 08:18:42	Name: TDCPM Value: CAESGQoKbGl2ZWludGVudBILCObSyejT5aE6EAUYBSABKAIyCwjYlKOV6uWhOhAFOAE.
.dpm.demdex.net/	1970-01-20 03:52:18	Name: dpm Value: 69269514907272023060389040302325230708
.doubleclick.net/	1970-01-19 23:33:09	Name: DSID Value: NO_DATA
.addthis.com/	1970-01-20 09:03:20	Name: na_id Value: 2021122007444300047223008412
.addthis.com/	1970-01-20 09:03:20	Name: na_tc Value: Y
.addthis.com/	1970-01-20 09:03:20	Name: uid Value: 61c0346bd4934a2d
.addthis.com/	1970-01-20 09:03:20	Name: ouid Value: 61c0346b0001d74cc0b8e67d389f5b49b389b067cead2f533a7e
p192.eastbaytimes.com/	1970-01-19 23:43:11	Name: AWSALB Value: 5ps69EcEwMnOfxeU0RI6AKNV6xXO21Ioq4yYYF3zIZr3vHM7iS8smI4VMQuZKMIN3WTkUwTVHQc33TTjXzSBY/1DlpWKdhkp183ruslQtdMh/e2j3P2eATSweqv2
p192.eastbaytimes.com/	1970-01-19 23:43:11	Name: AWSALBCORS Value: 5ps69EcEwMnOfxeU0RI6AKNV6xXO21Ioq4yYYF3zIZr3vHM7iS8smI4VMQuZKMIN3WTkUwTVHQc33TTjXzSBY/1DlpWKdhkp183ruslQtdMh/e2j3P2eATSweqv2
www.eastbaytimes.com/	1970-01-20 00:16:18	Name: ABTestCookie Value: A
.dlx.addthis.com/	1970-01-20 00:16:18	Name: na_sc_x Value: 1
.eastbaytimes.com/	1970-01-29 23:31:39	Name: _pnlspid Value: 10406
.eastbaytimes.com/	1970-01-29 23:31:39	Name: _pnss Value: dismissed
.eastbaytimes.com/	1970-01-19 23:43:11	Name: _pnpdm Value: true

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.eastbaytimes.com/wp-content/plugins/site-plugins/site-eastbaytimes/static/js/global.min.js?ver=0.1.0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.eastbaytimes.com/wp-content/plugins/site-plugins/site-eastbaytimes/static/js/global.min.js?ver=0.1.0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13257 Message: Failed to load resource: the server responded with a status of 451 ()
javascript	warning	URL: https://www.eastbaytimes.com/ Message: The resource https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/JanrainAuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.eastbaytimes.com/ Message: The resource https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/MG2AuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.eastbaytimes.com/ Message: The resource https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/NewzwareAuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.eastbaytimes.com/ Message: The resource https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0AuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.eastbaytimes.com/ Message: The resource https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/LikeButtons4.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.eastbaytimes.com/ Message: The resource https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/CustomAuthSystem.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header

Value

Content-Security-Policy

Strict-Transport-Security

max-age=31536000;includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3pd.criteo.com
578503375baa91212133b64501bdf37a.safeframe.googlesyndication.com
acdn.adnxs-simple.com
ads.pubmatic.com
ajax.googleapis.com
ams1-ib.adnxs.com
api-mg2.db-ip.com
api.rlcdn.com
ats.rlcdn.com
az416426.vo.msecnd.net
b-code.liadm.com
bidder.criteo.com
c.amazon-adsystem.com
cdn.adnxs.com
cdn.auth0.com
cdn.ayc0zsm69431gfebd.xyz
cdn.jsdelivr.net
cdn.p-n.io
cdn.parsely.com
check.analytics.rlcdn.com
cm.g.doubleclick.net
cmp.osano.com
dc.services.visualstudio.com
dfm-contracostatimes.disqus.com
digitalfirstmedia.blueconic.net
dpm.demdex.net
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
geo.privacymanager.io
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
i.liadm.com
i6.liadm.com
ib.adnxs.com
image6.pubmatic.com
insight.adsrvr.org
js.moatads.com
k.p-n.io
loader-cdn.azureedge.net
match.adsrvr.org
mng-eastbaytimes.zeustechnology.com
p192.eastbaytimes.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pixel.wp.com
polyfill.io
prod-dfm-proxy-connext.azurewebsites.net
prodmg2.blob.core.windows.net
rp.liadm.com
rp4.liadm.com
s.btstatic.com
s.thebrighttag.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
session.eastbaytimes.com
sli.eastbaytimes.com
static.criteo.net
stats.wp.com
sync.mathtag.com
tlx.3lift.com
tpc.googlesyndication.com
trc.taboola.com
www.eastbaytimes.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.dlx.addthis.com
104.111.215.191
104.111.248.191
104.26.4.15
107.23.11.80
108.128.243.153
13.69.106.88
13.82.152.48
13.85.16.224
142.250.185.226
142.250.185.66
143.204.103.120
143.204.103.127
143.204.95.188
143.204.98.32
143.204.98.4
143.204.98.5
143.204.98.54
143.204.98.87
143.204.98.94
143.204.98.97
151.101.193.108
178.18.231.144
178.250.2.131
178.250.2.80
18.194.0.84
185.29.134.244
185.33.221.13
185.33.221.52
185.64.189.112
185.64.190.78
192.0.66.2
192.0.76.3
199.232.192.134
2.16.186.168
2.18.232.130
2.18.233.180
23.37.38.181
2600:1f18:444a:4602:2c20:3113:5c28:1366
2600:1f18:730:b120:5b38:df27:617f:9396
2600:9000:2156:5a00:8:8845:1500:93a1
2600:9000:2156:ba00:3:b7e:8940:93a1
2602:803:c003:200::41
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6810:5614
2a00:1450:4001:802::200e
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200e
2a02:2638::1c
2a02:2638::3
2a04:4e42:400::300
2a04:4e42:e00::282
3.124.152.181
34.120.133.55
34.249.17.6
34.95.69.49
44.231.115.63
52.217.200.209
52.223.40.198
52.29.163.83
52.5.181.6
54.167.130.168
005cc110b76c7eae962857262d6f3c2ece0452bc6c33969b640a6dc3d9d3d395
01d6389de5581a2a3eb0cd4d6a05cb136bf07d221306f89173a080c73a38e392
02b05ecea915fffbe48f3920e2f2c8248327827b62e8fcb3d59efdb29c058bea
02c52cff67e539ec8595b1cb0ae361606fdca05b9b87c706a15fd59aff98ebef
02d226352aada242b8f151f6cc51811ad13b575cef81331ea5f384375963a494
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
041f41b6b98e101febe7d24b8d7fdd9fd696dabad0fbe296c978272491c2a791
04819970a784f5b35e5618e45433e7813caeabefca573681b08b4efe83a1c2f1
04f5d63c75f9fabede423b3d013e6efd9a448190898a34499a4010a59014a8d2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c572e99c878362d40d1f358efdfe400ae1310f35cf22174dcdd5db022dd810
07abab291cfe1bdb3a84191dd484a2b7bcd5ea63337b6197dccce31ecf678c9c
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
093efa8138cefd2a5c30bebca10ff68d0c6bead8c651ad9caa676d741729cca0
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
1095590c1f34d6efd337a4586d0da3dac48de8e97ea2c8d1a1b530513eaad868
123830b3c1bb951b81bee61657d5ff2d7061c67316a4210df730462d093b0a23
13d817a14b4b489ccedde94cc6e56d3b996cfbb6deaa1f1486dbb7c974a3a199
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
1907478e8fa62801a1db26be87cab0755288131c9c8e80320582e560825df3cc
1acec2c5c795414b2cce688b0a3270a9b2b3f51bd594896e261010f61000be44
1d3bed09ea42550f14c8721f27a7076c4f2a73692c1b8c3191a98c4d3603aace
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0
1ea03e7bb14df931f8a649756cffe9465c815aa0efc23acce14b50e21c3d20ad
1edf949ed31ff6ede936ed8b38018e110107a0b26c42b345620e773c6ab46866
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
23fca0a8a5d263dc2498a11db5bb7b4d85bdb373df7b971e72dc89b51d6cfeca
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
24f164db30f201dfea047e885e44e77a310f64af80264642cddf21c22c395e5c
25dcc632c2655b3a00a4e8b40b2ba9edb6a526bab8428e00f9d75f5bfa609ef2
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2d5ae5a515a688823dc98d032242c2ed6f490a74c4281bdd599567898f9fa675
2dff5554b3e30b5ae25a96df74aac7a4661d0fff280aaec81daffc0a31aca387
2f7df054a99da83e4285326418b60a865f666b9882ae7880d48891e3160cb5d0
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35ebd663b49235847b05f9a164e9aa18eb27adbcda070f24e50e41648ebb576e
362357020154e31d9090206b553e937a97acdd1cfe1d067679db47c9aa4cce33
3aa29d6340c1d354b2594b02413c66ec2775832ca183a3787514b03215069157
3afec9d918c94a228622f465a37ad7d51d2131839e54bcdd4f9c8f604dff838b
3ba33eb784e76cff5ade272712ed0e7b15d325196ec089aca7baa20e3034098a
40bc3208ad785d035cede16d8078a66949abff9b38b4be323a96add191ce601e
422eb1a1bdc8d52bee1f259723954d273fadc971e2c1380dee228f44903f0c13
436fcb0539f1e9d7a77cd0e219471182f52dedf89c0265c33c14333d090a533b
45af391e553e1daeff476af88d25800dd037169145b04b456d20e510500215a9
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4cc2137066db8d17208ced04e09afe0d9eacf654cc66e14427d290a0a78ea343
501b84d7db37a158e0313efd545c334fc75d82750e1248fa383321c67728b1ce
51bbe57479b8c393497c12c8a7a3e3db77d4d60751017cbebd63ddc54a328819
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55033882e1bc61cac58471a0ce5372606abd57a9663921dbd6f9a4a926c601b0
55d0f6bcae13893219a90ac014e844b9276601ce0e76643fbc876676218d1110
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
59f8b91dc29bef50525840d78d7b567933a4492994ec6bc7ddb46edc09c1cc8d
5a49ffdeec0e61058ab6cdd783275b84a2c27a7a26b95a644f7764a78b510a7a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c2b76989e49a2bd8c651a35634fd43081b13bde1a6385fb8e36dccc1d0d42d8
5e967bd196b4efddf8c2818dedf1a80c0d739ee9d522da3eeda5a604ca4584a5
5f0d0c94f2cedc692f5d5415f2c41b3cd32b448a08ce16f5db8c43b3d5ee0f00
603aba830ea0e035c90c5c4a95a4f2a79de9c8f6b479a4f5e599402dedf9cdcb
6223dcfab68589a4af101be4e8124ae23aa4669f3dbc28233e2da76fcd2cc82e
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914
72c5d10e99c6620a2561415895a84064b5b5616c2b1914602263886be4cdc229
75e752bf99299219069a5af90f61408be1ab85af71df9aea097bc70e9075c122
76506e128f2b47b7179f5037bd885a1674455ffeb6b5093cdb4c7eefbf436ce8
7b6fc69a9da277bb118dbe07973e75598ff107f8d5c69aec6a3e0f5e6884603a
7db80ba82287e68dd0dc20c5b339b615e827260fb32bc334946b076cb0e778b7
7ddaa998070b8c4034edc9354d81a544c9f544abfcfc9b227e4087feb2caa7f1
7e3642a6b45cd8813051e15cbbc7f9d0377fd9f67a803631effaddcc5b4c237d
7ebff852e484a85b77a6236129ec0f83378fde381dc7ea6b718fc56a238bbabf
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
84c9c9d4de88f5cf5e9ed1803bc3dc4a3a60be607d5b1d1c690151144e6a8a5c
852308486c7626fa325c508b416d8393b3c1b10a1317342dbf9f4f426ae65929
8576ac4fad8d6a2eef6c1a412387cb3e7a6909b0a647f33bb0686d57d300d02e
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
88ce64afc25269d237014297f1df9b1445d16decb4b970ff56fde484d109d000
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8b0183d411b54f12bfedbf7fc23d569f9cd6b55948d4914be7bb916beb7a68ed
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e078344764f8876cbc44f267ae2f453dbcb670d9623df44e0e5b3997afbef10
8fbbfc6d23ad3217d41e65ccd02c6aab9fc3f89ed664ca9c2817a25d5b0f041d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93fdf7263b0738341bd97da6f30fca4e8525035e3e4cf89d90cf90b965c9b407
96b34914f736b96f184920bea4cf3b30a7b76583c51bf1e9caf2add39705bffd
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a
9f146373eef70a751f341f44b157b684187225145df582c3e4b72b750a95d24b
a16f40f95240d1b118d056bd488cbecc704778dcd85a87caa26768a821a9d927
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b000b433199bfd60632e61b74bb2c4abd074dce072784e7acd55b1e4158cee
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a615849237c0ce94e73fc69d86e5f9c58bdaca8d9756a5ff4c88fa86b14e6177
a654e8f97178e7240402caf70d43f4cde175e42997541a55752441332d515b90
a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a751590fd0844260b12b9e65753ec265b891d642faba3cb5aaf20a39dd60438b
a8a3f6ee4fd2e64afa7094b048cba6dbb12dc3e0ea0d0a007949dc666f9d67c9
ab5186d21dd8de73feda81815eb24a9906b827a0ff943d5a8d59a22e30245952
ab77a03a7d7c6f1cb531a912193e0fe8b75fc9772c73aebc2f67ed8cdee5cd2e
ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec
b0bd5be9d88362ebf60ae903f1cca6fa2cf646ff257ff109185ae739785153c1
b109a2a9a75008a9beaa77c21837bacc612b74cee2caf5452521852e9a008d24
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b4f31178f3fe6003e606295047fdb9be890c6a9c6c8594576435f86975af582f
b5c810abbf84d4d63085ac2896bb1cc14cd4e060f1e9166eb63879f266517700
b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec
ba02cf0e78330bfb2d3d95165ecfd04b739c77fb160b607cdc5d06701bd8b1c5
baf437304d79006a4f050b871807483c921e783a2a91808ad4b8f77802cde740
c0fb763f2f2e80a902d63860360c9ae467315055f06d4ac3a8cf0bd5982573ef
c19e8e2f6d5663a14b1acd8e86726447ee3b290faacbb130a953d5eae391f6f1
c2cb797c032b97fe5bf080e4d0e2537fd7f9a78e8ccc3fb8c4c5bc8ca7415e04
c375b84e763e8bd62e10d50dad5e0c77219ddff4dae064e21f289a6d7e8cc398
c51b8104fdcf7eba17a179858d852c6fa263f6a7d072d70a2c3fee04174aca51
c6dd85371ada6a77ee2ebc51b0ae9e48aca339c4bc2587a1e8e638d2016ec185
c724c9348ceca7ab5c660389f037dc794a413d5909c60b7f6519c7a4bb8ef938
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cebc26bed1c02dbd8b311e7d0121b4915cfd5ab25a239b82e00559a20044338d
d238270de539f85c1df5d20bbd5d6b8d729c433a64315629f87dbabce0bbafd9
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d887af1c81a482a7ba4d8830669f6d326c892241c37bca0b1ec846aa744d6f11
d8a69feb83dbbd3ba9a71803b4d93db683e1f51bdb7fdce141215a4a79a5db61
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da640ae45fbcf4fb2cb9a590a3e223ef7e61be3ce5b77eb54552f6e1d8a4d1fa
dbae94cba2ba3d07d6ae6e79a7c60c4efc36deb442e193ab18e0fd0cd4d97eef
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e371c9ea0fd636a3ecd29ae5e8413d144d470f77ca4bdda94b6e61ec3b980eb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e797f0805be511b74b52681499b8da7649a8fdf2bd83ec37d08b28fb597c31a8
e878e3e995e89c125a8187b3af26ec48cc6e89c48709316d5389e4066d7ceb5e
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ea5d2befb0a4e0ce54a1e5014b440dcbec8a981df5921805bef7c080647dab6d
eacbd85213ba4ff288ae89f5d955bad425b4f1474ea7c9f5144962f792cb14d5
eb51e6321f6a07376c577c6126c89e7725c982409514405abaef09c89e3143bc
ecec2a347bd237f1e9cc0d0ffd18bb5e4464e4fcb7d055a3da063d979bd4b6aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f850b3139267f7413b046bef8d1629812e0b9289ef5c4ac13c5a68e3cb453a3b
feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9
ff375cb336035c8965e391e7361790b7f4d6dbbbe3e544888416c892cb16a704

www.eastbaytimes.com Open in urlscan Pro 192.0.66.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

218 Requests

87 %HTTPS

36 %IPv6

50 Domains

79 Subdomains

68 IPs

7 Countries

3861 kBTransfer

12266 kBSize

42 Cookies

43 Outgoing links

Page URL History

Redirected requests

218 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.eastbaytimes.com Open in urlscan Pro
192.0.66.2 Public Scan

Screenshot
Live screenshot

Full Image

218
Requests

87 %
HTTPS

36 %
IPv6

50
Domains

79
Subdomains

68
IPs

7
Countries

3861 kB
Transfer

12266 kB
Size

42
Cookies

218 HTTP transactions
5 data transactions