norfolkdailynews.com Open in urlscan Pro
192.104.183.209 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dlvr.it/RnX4Yk
Effective URL:
https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb...
Submission Tags: falconsandbox
Submission: On September 22 via api (September 22nd 2022, 12:28:08 pm UTC) from US — Scanned from IT

Summary HTTP 167 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 52 IPs in 7 countries across 31 domains to perform 167 HTTP transactions. The main IP is 192.104.183.209, located in United States and belongs to LEE-ASN, US. The main domain is norfolkdailynews.com. The Cisco Umbrella rank of the primary domain is 728193.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on September 14th 2022. Valid for: 3 months.

This is the only time norfolkdailynews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	44.236.18.87 44.236.18.87	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400d:80d::2004	15169 (GOOGLE) (GOOGLE)
12	192.104.183.209 192.104.183.209	10668 (LEE-ASN) (LEE-ASN)
29	104.16.132.24 104.16.132.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	108.138.17.110 108.138.17.110	16509 (AMAZON-02) (AMAZON-02)
9	18.66.147.69 18.66.147.69	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a00:1450:400... 2a00:1450:400d:807::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:805::2011	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	34.249.231.255 34.249.231.255	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223d:ea00:11:615:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	54.194.226.232 54.194.226.232	16509 (AMAZON-02) (AMAZON-02)
1 3	52.212.128.245 52.212.128.245	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
10	172.66.41.9 172.66.41.9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.66.42.247 172.66.42.247	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80a::200a	15169 (GOOGLE) (GOOGLE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
4	104.254.150.241 104.254.150.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2 3	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 2	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
1	104.103.102.147 104.103.102.147	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.208.167.155 52.208.167.155	16509 (AMAZON-02) (AMAZON-02)
1	54.197.229.35 54.197.229.35	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.59.13.32 52.59.13.32	16509 (AMAZON-02) (AMAZON-02)
1	52.18.211.80 52.18.211.80	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:249... 2600:9000:2491:e800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f13:800... 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f	16509 (AMAZON-02) (AMAZON-02)
5	2a02:26f0:350... 2a02:26f0:3500:18::1724:a289	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6821	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	44.205.50.24 44.205.50.24	14618 (AMAZON-AES) (AMAZON-AES)
167	52

1 44.236.18.87 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-18-87.us-west-2.compute.amazonaws.com

dlvr.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80d::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.104.183.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

norfolkdailynews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.norfolkdailynews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-110.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.147.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-69.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:805::2011 (Ireland)

ASN15169 (GOOGLE, US)

survey.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

ampcid.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2b8dcae387ed4b8a0537d02afde4d3d7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.249.231.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-231-255.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:ea00:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-226-232.eu-west-1.compute.amazonaws.com

yeet.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.212.128.245 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-128-245.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
router.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rt3054.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)

rt3054.infolinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.150.241 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

lax1-ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.194.101 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

ad.sxp.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.103.102.147 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-102-147.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.167.155 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-167-155.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.229.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-229-35.compute-1.amazonaws.com

realtime.clinch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.13.32 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-13-32.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.211.80 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-211-80.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2491:e800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:18::1724:a289 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.clinch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:c::5c7b:6821 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

img-cdn.clinch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.205.50.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-50-24.compute-1.amazonaws.com

trk.clinch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	townnews.com bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 14846	263 KB
18	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 survey.g.doubleclick.net — Cisco Umbrella Rank: 14971 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307	624 KB
17	googlesyndication.com 2b8dcae387ed4b8a0537d02afde4d3d7.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	566 KB
12	norfolkdailynews.com norfolkdailynews.com — Cisco Umbrella Rank: 728193 www.norfolkdailynews.com	135 KB
11	infolinks.com resources.infolinks.com — Cisco Umbrella Rank: 7496 router.infolinks.com — Cisco Umbrella Rank: 2830 rt3054.infolinks.com — Cisco Umbrella Rank: 72018	245 KB
10	clinch.co realtime.clinch.co — Cisco Umbrella Rank: 7669 cdn.clinch.co — Cisco Umbrella Rank: 6141 img-cdn.clinch.co — Cisco Umbrella Rank: 7546 trk.clinch.co — Cisco Umbrella Rank: 4699	107 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 774 static.adsafeprotected.com — Cisco Umbrella Rank: 575 dt.adsafeprotected.com — Cisco Umbrella Rank: 527	97 KB
9	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1600	232 KB
6	revcontent.com assets.revcontent.com — Cisco Umbrella Rank: 6354 trends.revcontent.com — Cisco Umbrella Rank: 1863 yeet.revcontent.com — Cisco Umbrella Rank: 7533	49 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 ampcid.google.com — Cisco Umbrella Rank: 2077 adservice.google.com — Cisco Umbrella Rank: 75	3 KB
5	adnxs-simple.com lax1-ib.adnxs-simple.com — Cisco Umbrella Rank: 35110 cdn.adnxs-simple.com — Cisco Umbrella Rank: 23179	32 KB
5	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 406 mug.criteo.com — Cisco Umbrella Rank: 2876	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
4	google.it adservice.google.it — Cisco Umbrella Rank: 47866 ampcid.google.it — Cisco Umbrella Rank: 379681 www.google.it — Cisco Umbrella Rank: 21871	2 KB
4	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1273 bcp.crwdcntrl.net — Cisco Umbrella Rank: 838 id.crwdcntrl.net — Cisco Umbrella Rank: 1389	13 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	131 KB
2	myvisualiq.net 1 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1689	1 KB
2	smartclip.net 1 redirects ad.sxp.smartclip.net — Cisco Umbrella Rank: 2926	480 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 436	608 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 905 pixel.quantserve.com — Cisco Umbrella Rank: 423	11 KB
2	gstatic.com fonts.gstatic.com	34 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	110 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40 imasdk.googleapis.com — Cisco Umbrella Rank: 424	128 KB
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 513	338 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 1581	360 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 342	394 B
1	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 983	550 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 846	691 B
1	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 462	61 KB
1	dlvr.it 1 redirects dlvr.it — Cisco Umbrella Rank: 65888	587 B
0	rlcdn.com Failed api.rlcdn.com Failed
167	31

	Domain	Requested by
29	bloximages.newyork1.vip.townnews.com	norfolkdailynews.com
11	norfolkdailynews.com	www.google.com norfolkdailynews.com tagan.adlightning.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com blank googleads.g.doubleclick.net
9	tagan.adlightning.com	norfolkdailynews.com tagan.adlightning.com
8	securepubads.g.doubleclick.net	norfolkdailynews.com tagan.adlightning.com securepubads.g.doubleclick.net www.googletagservices.com
6	tpc.googlesyndication.com	tagan.adlightning.com
5	cdn.clinch.co	realtime.clinch.co
5	dt.adsafeprotected.com
5	resources.infolinks.com	tagan.adlightning.com resources.infolinks.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com norfolkdailynews.com
4	lax1-ib.adnxs-simple.com	blank cdn.adnxs-simple.com
4	www.google.com	norfolkdailynews.com tagan.adlightning.com
3	static.adsafeprotected.com	fw.adsafeprotected.com blank
3	rt3054.infolinks.com	resources.infolinks.com tagan.adlightning.com
3	router.infolinks.com	resources.infolinks.com tagan.adlightning.com
3	www.googletagservices.com	tagan.adlightning.com googleads.g.doubleclick.net
3	gum.criteo.com	1 redirects tagan.adlightning.com
3	trends.revcontent.com	assets.revcontent.com
3	survey.g.doubleclick.net	norfolkdailynews.com survey.g.doubleclick.net
2	trk.clinch.co	realtime.clinch.co
2	img-cdn.clinch.co	realtime.clinch.co
2	t.myvisualiq.net	1 redirects blank
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
2	ad.sxp.smartclip.net	1 redirects googleads.g.doubleclick.net
2	cm.g.doubleclick.net	2 redirects
2	googleads.g.doubleclick.net	blank
2	pixel.tapad.com	1 redirects resources.infolinks.com
2	mug.criteo.com
2	bcp.crwdcntrl.net	1 redirects tagan.adlightning.com
2	yeet.revcontent.com	assets.revcontent.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.it	tagan.adlightning.com
2	www.googletagmanager.com	norfolkdailynews.com www.googletagmanager.com
1	beacon.krxd.net	blank
1	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
1	realtime.clinch.co	googleads.g.doubleclick.net
1	ad.yieldlab.net	googleads.g.doubleclick.net
1	cdn.adnxs-simple.com	blank
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	imasdk.googleapis.com	tagan.adlightning.com
1	www.google.it	norfolkdailynews.com
1	pixel.quantserve.com	norfolkdailynews.com
1	pxl.qccerttest.com	norfolkdailynews.com
1	rules.quantcount.com	secure.quantserve.com
1	2b8dcae387ed4b8a0537d02afde4d3d7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	tagan.adlightning.com
1	secure.quantserve.com	www.googletagmanager.com
1	ads.pubmatic.com	tagan.adlightning.com
1	ampcid.google.it	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	assets.revcontent.com	norfolkdailynews.com
1	www.norfolkdailynews.com	norfolkdailynews.com
1	tags.crwdcntrl.net	norfolkdailynews.com
1	fonts.googleapis.com	norfolkdailynews.com
1	dlvr.it	1 redirects
0	api.rlcdn.com Failed	ads.pubmatic.com
167	58

This site contains links to these domains. Also see Links.

Domain
www.pantherproject.com
www.ndnprintshop.com
jobs.norfolkdailynews.com
www.facebook.com
twitter.com
wa.me
www.ap.org
www.youtube.com

Subject Issuer	Validity	Valid
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
norfolkdailynews.com ZeroSSL ECC Domain Secure Site CA	`2022-09-14` - `2022-12-13`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-04-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adlightning.com Amazon	`2022-06-09` - `2023-07-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
assets.revcontent.com R3	`2022-09-14` - `2022-12-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.it GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
revcontent.com Amazon	`2022-07-25` - `2023-08-23`	a year	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2022-02-25` - `2023-03-28`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.clinch.co Go Daddy Secure Certificate Authority - G2	`2022-03-16` - `2023-04-17`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
static.adsafeprotected.com Amazon	`2022-08-06` - `2023-09-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Frame ID: AEACF87CCC02A6613CB8C1002C088530
Requests: 107 HTTP requests in this frame

Frame: https://2b8dcae387ed4b8a0537d02afde4d3d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 86DAEE5F4D26F0933EBEDF8570160499
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=9247/rand=195611923/pv=y/int=%23OpR%2371859%23Norfolk%20Daily%20News%20%20%3A%20norfolkdailynews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20commentary/med=%23OpR%2372333%23Keyword%20%3A%20republicans%2C%20democrats%2C%20presidential%20election%2C%20politics%2C%20fraud%2C%20joe%20biden%2C%20voter/rb=%7B%22meta_tag%22%3A%22republicans%2C%20democrats%2C%20presidential%20election%2C%20politics%2C%20fraud%2C%20joe%20biden%2C%20voter%22%2C%22ref_url%22%3A%22www.google.com%22%7D/rt=ifr
Frame ID: 1059CEAE24BF5143C867EC2D7FCCD1B6
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-92ee7c4-398b9c4d.js
Frame ID: F1493DB28C8DFC687C9D276E82E91B50
Requests: 12 HTTP requests in this frame

Frame: https://tagan.adlightning.com/townnews/b-92ee7c4-398b9c4d.js
Frame ID: 0CD779C5AB7404FF9325144BC83987FE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B326E90FE65F94369ADBCD085E22AF44
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B525DCE6DDF7E7D518963F81B9F355ED
Requests: 2 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=norfolkdailynews.com&purl=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Frame ID: 3A810D822874BB4C358A83C70E00EE74
Requests: 1 HTTP requests in this frame

Frame: https://resources.infolinks.com/static/container-1.0.html
Frame ID: 87F8559D06C3A7B4187F813BB7EF7CE4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7pb3dAhjgt4vOATAB&v=APEucNVs_lErfD02ujYwhahkB_7KNPkSsBAsOWG_EYuFUpZ7kmJ4Vf7tXZibltVxvlBxOHExA0Yr-RSIwKoRxmvrgUhEgAcH1xjRZI4px_WPEHz-A1KeIA0hoLNPwoMdJQ-roHYLhzP8BFswJz0v2ESwdkrU3oPT_3cKlr6_9bCl36gu_wsgBZrZZ7vFX5qGJbA3Hv8olS3e3b1xKJfTGiTog2_T2s3NLHUY8C_7B6UFrVtdfioijhU
Frame ID: E35C7E20F438716DB9FC5DBCEEF7F6CF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQbzcII5wiftv_PTvBwZZVIgYJMMmZDS3wsh-QQgx-VE9Qf9YWHRcNUavsnw2xN3cfRNGiRhTVwvMe58BsbSYo_Rl5oZOst7px4uF2waxXrAc4X3k
Frame ID: F0B22A215C57757A722E573BEAD40D3F
Requests: 17 HTTP requests in this frame

Frame: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12376&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsu-B0dJWronLkROvoGXkZqBXFkY2zza3NcW8Tb-G9EehI1085GD7xmUiC6xY97HyRYYmooV345M_I_SdoFyKraN6D1F9DbZnZh9a9szogKCMByp0Mu0kGKOY5YTeZyECBOuNisFYV4UhcSE5aDz4uWwZlt4mgixDWo55slfEXfY5ElHiOixeCRH_DRkcfYsN5Ht1v5YJbR20a_DmZOlSZjtSa1J5owxAyAgHQ70IkX3o8ghY6joq_FSC19DYUbsLlC5uxY5bF6qLocfys9rofO1fSzJChkrWrofGCPMHRBLN9BiTgG9WDPbvpyf7Nz6_pAmIjW3OZLZV53AsBZPxktG-LuTCoOS5lJhO8PCN9cMzTRESV5JpacZntOfqwXOcbjJMBdCBTYJ-5MWdQ0qTbXtmnq1hqLgX-me87_Oi4nmIG0sBUFka3LcdPE-90fsdqYx7tTMRsA-RJOhcv_h9lH7OqfMsnpUiTP2pnuQpeSvvHUN8JEM_u-mAJtrOjvr_Hrt4kJF0XdsF7Juou73f-Rqvw0vpaKpqR3Vfdnw5FFcFPBG80WfJ0Mvn7FsEmSmIX_K10idrJRhGiRUHfESi5MQ2mp480Rp-_6rziX6gSkgKoHiby2BEP1aZluQAUH7l_Eq8HWgvX2PA4Qv8y63xX006FiaQLuQyMxBpDM4u4XweVo14rlLmtBJeW53xZlHjqHOI1CHCRMsKZGdQ4hGEJ8sgvru-55cpvIMM-UBzE8wAxw4dFuQJmWrtZwFFCYwGlWljPMvKURqhKNEC-wFHeTywX7yq-rLpV_OWNFatByz54GC2fmzBbbA1Ccob06176FxO4WTUFFYo_HRBLiGYIm-6TWMqVxfjI9iBBYCMC1XQcJEQPG8kHT401EU-n9tnTDZxt0t8CBBHQ-OdlikdK90z4hDKjyiFnQI7MJfC4vzF-35jgzepFOhDp5n88MYWZW3sXXjHVHu98RSY01I3YvWtKRnBqbLwIzh-g6nu1XKU5aq9IAeG5iBDrrLiwDH27EG5E7FiYEKMoixeNx__SecZb32Z397BjSXJT-BLVYDjWltxYap74cXfbSQisbXGDVKSVfUtfgP4ErvdpTS4NwOEL24UMCUJuWYI8UO5c3QRnsllqEQ2vJMk8_1MXp3bSuWCitZcK5QAkbZ_VXvQ68RsjVlw-1pkDM6xCAHnUrO_vLIg1lTvqI3W0-2xw_-Y2BuVXt7N7xf95TWY8Cwo9gDuLlCVX6dHB37Npec%26sai%3DAMfl-YQ3byEgP7PSUe47sdwOv3wmgUy762J0E1Zy7JgMVNTpKj-zk-3nAuh4JSLXE8-v8Sykl2SJHZ5DjhWdyFBySFTgoytCJ_RkF-mJxDNMStW5aMdHYEfsJZHI3MLEJ_J-Qic119ButBlMKG4%26sig%3DCg0ArKJSzC5aw8glT0BMEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Peugeot_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Drse28bixr%26kxadvertiserid%3D8241423%26kxcampaignid%3D28019146%26kxsiteid%3D7079041%26kxsitename%3DN755990.4162781DV360IT0%26kxplacementid%3D339647168%26kxadid%3D531542318%26kxcreativeid%3D174133431%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28019146%26si%3D7079041%26ci%3D174133431%26pi%3D339647168%26ad%3D531542318%26sv1%3D%5Bkeyword_id%5D%26advt%3D8241423%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%241008904056_18222201110_432200672%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.peugeot.it%2Facquista%2Fpromozioni%2Fsuv-3008-promozioni.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N755990.4162781DV360IT0/B28019146.339647168&dsp_c1=8241423&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=339647168&site_id=7079041&dsp_insertion_order_id=1008904056&dsp_ad_id=531542318&dsp_caid=18222201110&dsp_grid=&dsp_crid=174133431&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=632220414&gdpr=&gdpr_consent=&gdpr_pd=
Frame ID: 2AD03CF6CC0334A2696FA63B54B24490
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 234DF8F7390801F91C313E4E0517BC51
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Investigation beyond media needed into alleged voter fraud | Commentary | norfolkdailynews.com

Page URL History Show full URLs

http://dlvr.it/RnX4Yk HTTP 301
https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvesti... Page URL
https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/articl... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

167
Requests

96 %
HTTPS

52 %
IPv6

31
Domains

58
Subdomains

52
IPs

7
Countries

2887 kB
Transfer

6558 kB
Size

34
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.pantherproject.com/
Title: Panther Project

Search URL Search Domain Scan URL

URL: https://www.ndnprintshop.com/
Title: Print Shop

Search URL Search Domain Scan URL

URL: http://jobs.norfolkdailynews.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html%3Futm_medium%3Dsocial%26utm_source%3Dfacebook%26utm_campaign%3Duser-share
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?&text=Investigation%20beyond%20media%20needed%20into%20alleged%20voter%20fraud&via=norfolknews&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html%3Futm_medium%3Dsocial%26utm_source%3Dtwitter%26utm_campaign%3Duser-share
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Title: WhatsApp

Search URL Search Domain Scan URL

URL: http://www.ap.org/company/Terms-conditions
Title: AP Terms of Service

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Norfolk-Daily-News/147868319616
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/norfolknews
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ndnvideos
Title: YouTube

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dlvr.it/RnX4Yk HTTP 301
https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&ct=ga&cd=CAIyHGY1YmFjZGUwNzU4M2I1ZjQ6Y29tOmVuOlVTOkw&usg=AFQjCNGYCV6DrcYubhu3XLEM-JTxytZU3A&utm_source=dlvr.it&utm_medium=twitter Page URL
https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://dlvr.it/RnX4Yk HTTP 301
https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&ct=ga&cd=CAIyHGY1YmFjZGUwNzU4M2I1ZjQ6Y29tOmVuOlVTOkw&usg=AFQjCNGYCV6DrcYubhu3XLEM-JTxytZU3A&utm_source=dlvr.it&utm_medium=twitter

Request Chain 85

https://bcp.crwdcntrl.net/5/c=9247/rand=195611923/pv=y/int=%23OpR%2371859%23Norfolk%20Daily%20News%20%20%3A%20norfolkdailynews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20commentary/med=%23OpR%2372333%23Keyword%20%3A%20republicans%2C%20democrats%2C%20presidential%20election%2C%20politics%2C%20fraud%2C%20joe%20biden%2C%20voter/rb=%7B%22meta_tag%22%3A%22republicans%2C%20democrats%2C%20presidential%20election%2C%20politics%2C%20fraud%2C%20joe%20biden%2C%20voter%22%2C%22ref_url%22%3A%22www.google.com%22%7D/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=9247/rand=195611923/pv=y/int=%23OpR%2371859%23Norfolk%20Daily%20News%20%20%3A%20norfolkdailynews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20commentary/med=%23OpR%2372333%23Keyword%20%3A%20republicans%2C%20democrats%2C%20presidential%20election%2C%20politics%2C%20fraud%2C%20joe%20biden%2C%20voter/rb=%7B%22meta_tag%22%3A%22republicans%2C%20democrats%2C%20presidential%20election%2C%20politics%2C%20fraud%2C%20joe%20biden%2C%20voter%22%2C%22ref_url%22%3A%22www.google.com%22%7D/rt=ifr

Request Chain 121

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnorfolkdailynews.com%2F&domain=norfolkdailynews.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=SVNnyXxQNmJQOVlTNUI5SWtvSlhoSzk2NTgxNHc2UlltZEgwU25Yc1lQbUdIcmRlL2kwd0Z5eWhleUxlNjV4VkVDdGN3ZmwrQTFNSHBLdzlNT2RQVGoxNHZCL2g1UXgyNFVLeE5BUWtzemZrQk1ZVWcrMDdGM20zWmk1WG85OVBoTGNLZjdreVNuVkZhcTFjOWdENm5qNlJWVHpTOTA0MU1nTlZwMWREVzNVbnNYZWdqRnZyL3ZZMGlybXFRSURWSXNNOW1WQUc1ZzNBNExlYWU1VW04UVlYRXhPdjJKY0c5Rld5Vm0vOTRZMjNkcjd4T000SUxwZG1ENTZST0FuR1hVUjlufA&cppv=2

Request Chain 126

https://pixel.tapad.com/idsync/ex/receive?partner_device_id=1ae8aaad-8751-4b7b-84e0-88f2b060d0df=&partner_id=3337 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=1ae8aaad-8751-4b7b-84e0-88f2b060d0df=&partner_id=3337

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEGeOOfB2vxpTuw3JaBuul00&google_cver=1 HTTP 302
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEGeOOfB2vxpTuw3JaBuul00&google_cver=1&ang_testid=1

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEExpmsvt5ANw9xnaSGeSQbc&google_cver=1

Request Chain 147

https://t.myvisualiq.net/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=28019146&si=7079041&ci=174133431&pi=339647168&ad=531542318&advt=8241423&chnl=-7&vndr=115&sz=10125&u=$$1008904056_18222201110_432200672$$&viq_did=&pt=i HTTP 302
https://t.myvisualiq.net/ul_cb/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=28019146&si=7079041&ci=174133431&pi=339647168&ad=531542318&advt=8241423&chnl=-7&vndr=115&sz=10125&u=$$1008904056_18222201110_432200672$$&viq_did=&pt=i

Request Chain 151

https://fw.adsafeprotected.com/rfw/st/1083723/64080112/skeleton.js?ias_dspID=3&ias_campId=1008904056&ias_pubId=3251&ias_chanId=10&ias_placementId=18222201110&bidurl=norfolkdailynews.com&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jIip1QawwFoX1OLRwAUqHp&adsafe_url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&adsafe_type=abeq&adsafe_url=https%3A%2F%2Fwww.google.com%2F&adsafe_type=c&adsafe_jsinfo=,id:dce20775-f162-1856-d3fa-6c447bb874fd,c:oWH5uE,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-57d69b9c8c-blx8k,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:131,mot:0,app:0,maw:0,fm:tiajIeq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1083723-64080112%7C191%7C192,idMap:19*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:146,oid:01837ad8-3a72-11ed-9c0e-36104584ae62,v:19.8.352,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

167 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

url
www.google.com/
Redirect Chain

http://dlvr.it/RnX4Yk
https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced...

1 KB
1 KB

196ms
90ms

Document
text/html

2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&ct=ga&cd=CAIyHGY1YmFjZGUwNzU4M2I1ZjQ6Y29tOmVuOlVTOkw&usg=AFQjCNGYCV6DrcYubhu3XLEM-JTxytZU3A&utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 554
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 12:27:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

Redirect headers

Cache-Control: private; max-age=90
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 22 Sep 2022 12:27:58 GMT
Location: https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&ct=ga&cd=CAIyHGY1YmFjZGUwNzU4M2I1ZjQ6Y29tOmVuOlVTOkw&usg=AFQjCNGYCV6DrcYubhu3XLEM-JTxytZU3A&utm_source=dlvr.it&utm_medium=twitter
Server: nginx
Transfer-Encoding: chunked
X-Backend-Server: web02.web

GET
H2 200 Primary Request article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html Show response
norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/ 204 KB
41 KB 946ms
529ms Document
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Requested by

Host: www.google.com
URL: https://www.google.com/url?rct=j&sa=t&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&ct=ga&cd=CAIyHGY1YmFjZGUwNzU4M2I1ZjQ6Y29tOmVuOlVTOkw&usg=AFQjCNGYCV6DrcYubhu3XLEM-JTxytZU3A&utm_source=dlvr.it&utm_medium=twitter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

b8aa5ad9206d8b11dbc8aecf530736bf6508027c18f1ac710b66a291c5c5888b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 40242
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 12:27:59 GMT
etag: W/be3405e65adb434c476886d074d02435
last-modified: Thu, 30 Jun 2022 13:51:13 GMT
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.cfb7b302c42616744a59428baa754111.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.81be8dcdc3040973d38ec593fcfe8805.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.63.1; app7; 0.27s; 4.2M
x-ua-compatible: IE=edge
x-vcache: MISS
x-xss-protection: 1; mode=block

GET
H2 200 user.js Show response
norfolkdailynews.com/shared-content/art/tncms/user/ 12 KB
4 KB 107ms
105ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://norfolkdailynews.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:26:45 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:53:51 GMT
age: 74
etag: W/"6328babf-2f01"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 4332
service-worker-allowed: /

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 124ms
44ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b57d170e22-MXP
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e609f2-1882c"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 31 Aug 2023 19:02:05 GMT

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 122ms
42ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b57d220e22-MXP
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sun, 23 Apr 2023 12:04:01 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
12 KB 111ms
31ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b57d240e22-MXP
last-modified: Tue, 10 May 2022 15:14:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a815c-8154"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 11 May 2023 19:01:41 GMT

GET
H2 200 tnt.cfb7b302c42616744a59428baa754111.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 22 KB
6 KB 122ms
43ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.cfb7b302c42616744a59428baa754111.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7376ac5d189aa6709ce824da6ab6a3c2c85bacb7cf8dafbf5c423de19c891e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b57d230e22-MXP
last-modified: Tue, 12 Jul 2022 17:52:02 GMT
cross-origin-resource-policy: cross-origin
x-vcache: MISS
server: cloudflare
etag: W/"62cdb4c2-580e"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 15 Sep 2023 17:01:22 GMT

GET
H2 200 application.81be8dcdc3040973d38ec593fcfe8805.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 120ms
41ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.81be8dcdc3040973d38ec593fcfe8805.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfd126ac0ab625bcf5593a41432b04177248382666e755aeeaf5458a822bee72

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b57d270e22-MXP
last-modified: Fri, 09 Sep 2022 13:51:13 GMT
cross-origin-resource-policy: cross-origin
x-vcache: MISS
server: cloudflare
etag: W/"631b44d1-113a"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 13 Sep 2023 19:01:24 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
1 KB 124ms
45ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b57d260e22-MXP
last-modified: Thu, 23 Jun 2022 13:40:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62b46d3b-9ae"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 06 Jul 2023 19:01:17 GMT

GET
H2 200 bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 108ms
30ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b56d0e0e22-MXP
last-modified: Tue, 04 Jan 2022 21:06:09 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61d4b6c1-1ab8e"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 05 Jan 2023 20:01:10 GMT

GET
H2 200 layout.09e7f7119e41075ed44c163695847d91.css
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 154 KB
28 KB 102ms
25ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.09e7f7119e41075ed44c163695847d91.css

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae49b4e46526473b9fe869adfd3387e7a132351bb3a3c50ed6340d13cdc559dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b56d100e22-MXP
last-modified: Thu, 15 Sep 2022 13:15:46 GMT
cross-origin-resource-policy: cross-origin
x-vcache: MISS
server: cloudflare
etag: W/"63232582-26989"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 15 Sep 2023 17:01:22 GMT

GET
H2 200 theme-basic.6ee2c17f3ef34e32b5fa02524f5978e7.css
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 41 KB
8 KB 103ms
26ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.6ee2c17f3ef34e32b5fa02524f5978e7.css

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10a7a0628a349694c1156941903e2b965e98f1056a4dfea35ec010d09259569b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b56d110e22-MXP
last-modified: Thu, 21 Jul 2022 21:08:07 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9c037-a44c"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 26 Jul 2023 09:38:51 GMT

GET
H2 200 site.css
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/live/global/resources/styles/ 0
108 B 106ms
29ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/live/global/resources/styles/site.css?_dc=1455111657

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
last-modified: Wed, 10 Feb 2016 13:40:57 GMT
content-length: 0
x-vcache: MISS
server: cloudflare
etag: "56bb3de9-0"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74eb09b57d130e22-MXP
expires: Wed, 24 May 2023 11:01:17 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
2 KB 117ms
39ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto|Martel:400,900|Martel+Sans|Raleway:400,900

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3fa0645c3e2ba8a6cae712190376e4a538d0c85d6636222d33a7b3ed3bc5c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 12:28:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 22 Sep 2022 12:28:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 22 Sep 2022 12:28:00 GMT

GET
H2 200 flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 960 B
514 B 121ms
44ms Stylesheet
text/css 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d27a2237dd1e05c016cffdd6e7f19af210d5ab0f278a1090d0c342ee151a69

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b57d150e22-MXP
last-modified: Thu, 23 Jun 2022 13:41:19 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62b46d7f-3c0"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 12 Jul 2023 00:51:03 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/9247/ 38 KB
12 KB 108ms
31ms Script
application/json 108.138.17.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/9247/cc.js?ns=_cc9247
Requested by: Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-110.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c8a7da9895562fc23ab618833b9d92543486d62b92de9b5cc81aab8bc73f25c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 09:01:00 GMT
content-encoding: gzip
etag: W/"c09de8a72e1d924c05e04c6b6d2961e4"
last-modified: Wed, 23 Feb 2022 22:47:46 GMT
server: AmazonS3
age: 12421
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 3199fed6c4260c9448326645d333530a.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: Aib_RPAfkpazdMPp6jSop9jVEJxF6OOVpRarccZUFObClut6irc1NQ==

GET
H2 200 tracking.js Show response
norfolkdailynews.com/shared-content/art/tncms/ 3 KB
1 KB 112ms
110ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://norfolkdailynews.com/shared-content/art/tncms/tracking.js
Requested by: Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:26:45 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 18:53:51 GMT
age: 74
etag: W/"6328babf-a4b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1149
service-worker-allowed: /

GET
H2 200 subscription.js Show response
norfolkdailynews.com/shared-content/art/tncms/ 4 KB
2 KB 110ms
108ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://norfolkdailynews.com/shared-content/art/tncms/subscription.js
Requested by: Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 54317318cf662dbbb03ff87d8bafa484b37c773b8de906581d576b4d0de158be

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:24:43 GMT
content-encoding: gzip
last-modified: Wed, 21 Sep 2022 18:44:13 GMT
age: 196
etag: W/"632b5b7d-f1e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1794
service-worker-allowed: /

GET
H2 200 access.js Show response
norfolkdailynews.com/shared-content/art/tncms/api/ 86 KB
34 KB 119ms
119ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://norfolkdailynews.com/shared-content/art/tncms/api/access.js
Requested by: Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de

Request headers

Referer: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Origin: https://norfolkdailynews.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:27:15 GMT
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 13:21:04 GMT
age: 44
etag: W/"63247840-15686"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 34923
service-worker-allowed: /

GET
H2 200 tnt.access.status.828de94349981272665c0fb0107f3e49.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/ 925 B
390 B 107ms
31ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/subscription/resources/scripts/tnt.access.status.828de94349981272665c0fb0107f3e49.js

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4530108a7846e31d33b46c776fcd52a54aa52c879577dee1cd75dbae68dc0585

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b57d180e22-MXP
last-modified: Fri, 01 Apr 2022 13:29:38 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6246fe42-39d"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sun, 23 Apr 2023 12:04:00 GMT

GET
H2 200 user-controls.578df3df79d812af55ab13bae47f9857.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 532 B
435 B 35ms
33ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b64e0e0e22-MXP
last-modified: Fri, 01 Apr 2022 13:29:35 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6246fe3f-214"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sun, 23 Apr 2023 12:04:00 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/townnews/ 48 KB
20 KB 109ms
32ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/op.js
Requested by: Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 95ce51d9f65d01377bd148ff3692896597d961f01c6b9654c3a90478126d5de4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: 6NxEkxD8Gqeno090oUTS0SAnKPOBKXsS
content-encoding: gzip
etag: "8bb1aab39487ce2855299dc33cb5fc7e"
age: 2757
x-cache: Hit from cloudfront
content-length: 19506
x-amz-meta-git_commit: 92ee7c4
last-modified: Tue, 20 Sep 2022 16:38:15 GMT
server: AmazonS3
date: Thu, 22 Sep 2022 11:44:46 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: ivrmHAs82dTV4b4yh4HnfpJvelBuFPmAat6xr4JwFbwEovtRGmrB-A==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 132ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfec8d71ac555df33d10782b39cce35a902732152ef54d2e303630097fbe05e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27780
x-xss-protection: 0
server: sffe
etag: "1341 / 565 of 1000 / last-modified: 1663844945"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 22 Sep 2022 12:28:00 GMT

GET
H2 200 sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 1 KB
776 B 32ms
30ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b64e0f0e22-MXP
last-modified: Tue, 10 May 2022 15:14:29 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a8155-5bb"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 25 May 2023 07:20:35 GMT

GET
H2 200 tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 9 KB
3 KB 104ms
28ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/tnt.ads.init.c2b9574823d0d16ffc6f20eef83f4232.js

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96243483fe1107223c07f837885d057ec2b7515e349bd51523ab2ef6666bf43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b57d1a0e22-MXP
last-modified: Thu, 15 Sep 2022 13:14:47 GMT
cross-origin-resource-policy: cross-origin
x-vcache: MISS
server: cloudflare
etag: W/"63232547-24cb"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 19 Sep 2023 20:22:14 GMT

GET
H2 200 tnt.ads.load.6a3c47703ee96f20ef132e36033ca1bc.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/ads_blox/resources/scripts/ 888 B
617 B 39ms
37ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2c2161d216b3f6f05411fb2ae1c43a501c51f1763c450326757baad4af344ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b64e100e22-MXP
last-modified: Fri, 01 Apr 2022 13:29:43 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6246fe47-378"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sun, 23 Apr 2023 12:04:00 GMT

GET
H2 200 admanager.js Show response
norfolkdailynews.com/shared-content/art/tncms-ad-manager/ 39 KB
13 KB 110ms
108ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://norfolkdailynews.com/shared-content/art/tncms-ad-manager/admanager.js
Requested by: Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: a95eebd3e069c109f82214724fac3cbd9e0a09071fb20ccf270c2bbb2e57a93c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:24:43 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 20:38:01 GMT
age: 196
etag: W/"631f98a9-9d77"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 12873
service-worker-allowed: /

GET
H2 200 impressions.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/ads/ 90 B
243 B 205ms
129ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/ads/impressions.js?_dc=1663848321

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0de2cc5e4a5deba3b8e8924053c083114db9c318831eeafd61724401048e8600

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 74eb09b57d210e22-MXP
last-modified: Thu, 22 Sep 2022 12:05:21 GMT
cross-origin-resource-policy: cross-origin
x-vcache: MISS
server: cloudflare
etag: W/"632c4f81-5a"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 22 Sep 2023 12:10:47 GMT

GET
H2 200 traffic.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/ads/ 2 KB
900 B 205ms
129ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/ads/traffic.js?_dc=1663824918

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33cefb0b9480968415590ae8f0db3a68f681146e28898cf1fef704e6ffea3f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
cf-ray: 74eb09b57d200e22-MXP
last-modified: Thu, 22 Sep 2022 05:35:18 GMT
cross-origin-resource-policy: cross-origin
x-vcache: MISS
server: cloudflare
etag: W/"632bf416-607"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 22 Sep 2023 05:40:21 GMT

GET
H2 200 settings.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/ads/ 11 KB
2 KB 117ms
42ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/ads/settings.js?_dc=1644877844

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe0a94c0b02c8facd87a18d8f39e4d14726b2c88646a178d132ec6471ede959c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b57d1f0e22-MXP
last-modified: Mon, 14 Feb 2022 22:30:44 GMT
x-vcache: MISS
server: cloudflare
etag: W/"620ad814-2bac"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 14 Feb 2023 22:35:48 GMT

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
269 B 104ms
29ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b57d1e0e22-MXP
last-modified: Fri, 01 Apr 2022 13:30:31 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6246fe77-c8"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sun, 23 Apr 2023 12:04:00 GMT

GET
H2 200 fontawesome.dd9f72114a809f3dc0619831f68070f4.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 263 KB
95 KB 41ms
39ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.dd9f72114a809f3dc0619831f68070f4.js

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

678d4ac4a14d788e91c631db4c545df5acc5197735f47a9a66d4008a445caede

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b64e110e22-MXP
last-modified: Fri, 09 Sep 2022 13:51:30 GMT
cross-origin-resource-policy: cross-origin
x-vcache: MISS
server: cloudflare
etag: W/"631b44e2-41d78"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 13 Sep 2023 19:01:38 GMT

GET
H2 200 tracker.js Show response
norfolkdailynews.com/shared-content/art/stats/common/ 9 KB
3 KB 110ms
109ms Script
application/x-javascript 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://norfolkdailynews.com/shared-content/art/stats/common/tracker.js
Requested by: Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:27:15 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 15:26:09 GMT
age: 44
etag: W/"61b0ce91-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 NDN-top-logo-mobile-2018-2.png
www.norfolkdailynews.com/app/editorial/news_photos/2018_mast/ 34 KB
34 KB 570ms
105ms Image
image/png 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.norfolkdailynews.com/app/editorial/news_photos/2018_mast/NDN-top-logo-mobile-2018-2.png
Requested by: Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: be07929f54da08a75ba65198f5f24725682dbc034b2cf0c4aca088eced725166

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:24:20 GMT
last-modified: Thu, 22 Oct 2020 14:56:23 GMT
age: 220
etag: "5f919d97-883e"
x-vcache: HIT
content-type: image/png
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 34878

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 153 KB
49 KB 123ms
19ms Script
application/x-javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d279229ceabcab6e90a74454de8c0d08b1732b9ac67c91ff4ec3fd013914128

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 20:45:05 GMT
server: AmazonS3
x-amz-request-id: AH6BHMR867K8KXGP
etag: "b4e00a2298db92176f30c7dfa9750aae"
x-hw: 1663849680.cds209.ml1.hn,1663849680.cds214.ml1.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 49674
x-amz-id-2: 5xuZmKLByr858h685FexLUKfZ4ySvNAPiB8xRyJR0QCHwpszJgSll83K8RS9/x6uvDyjuX6yK18=

GET
H2 200 tnt.metering.c1fd4b9015c14b57a58acdbc3ee4daca.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/metering/resources/scripts/ 5 KB
2 KB 31ms
31ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/metering/resources/scripts/tnt.metering.c1fd4b9015c14b57a58acdbc3ee4daca.js

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbf3bfb5c974a3a22c04b2614f61efab99657d7142e12bc7c791c357229a650c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b64e020e22-MXP
last-modified: Tue, 10 May 2022 15:15:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a818a-1281"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 25 May 2023 07:20:34 GMT

GET
H2 200 asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 941 B
487 B 28ms
26ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b64e050e22-MXP
last-modified: Thu, 15 Sep 2022 13:14:36 GMT
cross-origin-resource-policy: cross-origin
x-vcache: MISS
server: cloudflare
etag: W/"6323253c-3ad"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 19 Sep 2023 18:07:43 GMT

GET
H2 200 tnt.ads.core.eb2d788dd02bb4634ca3eb2ee783cd11.js Show response
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 11 KB
4 KB 37ms
35ms Script
application/x-javascript 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.eb2d788dd02bb4634ca3eb2ee783cd11.js

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

743c538563abf169a1e298a80e06cf976bb508c76d1a38969c5dceaef3348d7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 47434
cf-ray: 74eb09b64e070e22-MXP
last-modified: Mon, 23 May 2022 19:55:02 GMT
x-vcache: MISS
server: cloudflare
etag: W/"628be696-2dd1"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 May 2023 19:01:46 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 201 KB
68 KB 176ms
68ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8648f26e0c4b5e2f7a49c4faf913d500624aba77dd60c896e6f2bd176fab168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68835
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Sep 2022 12:28:00 GMT

GET
H2 200 / Show response
norfolkdailynews.com/tncms/subscription/check_ip/ 19 B
449 B 125ms
124ms XHR
application/json 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://norfolkdailynews.com/tncms/subscription/check_ip/

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/shared-content/art/tncms/subscription.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.183.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

eb19bdbb8b9d5e43ed2b6c6ca6090d31767a6c7ec0b47ddf49317c450f826624

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
X-Requested-With: XMLHttpRequest
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-length: 39
x-xss-protection: 1; mode=block
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
x-vcache: MISS
x-frame-options: SAMEORIGIN
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
content-type: application/json; charset=UTF-8
x-tncms: 1.63.1; app21; 0.01s; 0.9M
cache-control: private, max-age=3600
accept-ranges: bytes
x-robots-tag: noarchive

GET
H2 200 b-92ee7c4-398b9c4d.js Show response
tagan.adlightning.com/townnews/ 83 KB
31 KB 42ms
41ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-92ee7c4-398b9c4d.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3d11c6cec5ec98a202f937a38f8f9a548dfeac9a37d1eb4332a15cb526162c4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:00:59 GMT
content-encoding: gzip
age: 2334422
x-cache: Hit from cloudfront
content-length: 31673
x-amz-meta-git_commit: 92ee7c4
last-modified: Wed, 16 Mar 2022 21:37:15 GMT
server: AmazonS3
etag: "d6d86f9e34ce68eb3251dc5fcf0f2369"
x-amz-version-id: OuNvfKcigOPnizMEOUA0rl3uSqUhPTSQ
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: WU9TMnH6V_JV62Y-GRbc-ThTuiU8fh_TW-tFnPdT7PXCF4PCtXrA0Q==

GET
H2 200 bl-993408f-be8b4bd8.js Show response
tagan.adlightning.com/townnews/ 43 KB
19 KB 44ms
44ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/bl-993408f-be8b4bd8.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9123684aadc2f7d019b36f6bc8ff22c5f20a7e6723f2ae748ca25dd11ce37c69

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:38:59 GMT
content-encoding: gzip
age: 157742
x-cache: Hit from cloudfront
content-length: 18640
x-amz-meta-git_commit: 993408f
last-modified: Tue, 20 Sep 2022 16:37:40 GMT
server: AmazonS3
etag: "2302aab3be031cfd0c1e14c4f399f597"
x-amz-version-id: 8Ddulj2pO1s00FeAOqNfK4YaFR4c0Zdr
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: Bu8Jyt7dpE1GDbKa7r1Y097wf_2ynnJhloJ1kj7V_HnjtY95W0KSUw==

GET
H2 200 / Show response
norfolkdailynews.com/_services/v1/client_ip_info/ 80 B
175 B 105ms
105ms XHR
application/json 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://norfolkdailynews.com/_services/v1/client_ip_info/
Requested by: Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/shared-content/art/tncms-ad-manager/admanager.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 0abf0eb467b383b8da78e1227a2fbc9687d404849eddcecb48f7b7ad5679b332

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
cache-control: private, max-age=3600
content-length: 80
content-type: application/json

GET
H2 200 tracker.gif
norfolkdailynews.com/shared-content/art/stats/common/ 0
145 B 106ms
105ms Image
image/gif 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://norfolkdailynews.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=166384968035916001200113233778416&tnms_dt=Investigation%20beyond%20media%20needed%20into%20alleged%20voter%20fraud%20%7C%20Commentary%20%7C%20norfolkdailynews.com&tnms_upage=1&tnms_do=norfolkdailynews.com&tnms_uri=/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&tnms_ref=https%3A//www.google.com/&rt=1663849680362
Requested by: Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
age: 0
etag: "48f79fed-0"
x-vcache: MISS
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
H2 200 survey Show response
survey.g.doubleclick.net/ 38 KB
10 KB 326ms
170ms Script
text/javascript 2a00:1450:400d:805::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.g.doubleclick.net/survey?site=_rwyy5wut2hljicuvrztnlebriu&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680362

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2011 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

b853221ad9f453ef36b3b69c8ffc4a3b82cccfdb11fef7e19d4db2603bebc153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://norfolkdailynews.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, no-cache, must-revalidate, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
vary: *
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prompt_embed_static__it.js Show response
survey.g.doubleclick.net/insights/consumersurveys/static/446600373337806383/ 416 KB
417 KB 40ms
40ms Script
application/javascript 2a00:1450:400d:805::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.g.doubleclick.net/insights/consumersurveys/static/446600373337806383/prompt_embed_static__it.js
Requested by: Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_rwyy5wut2hljicuvrztnlebriu&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:805::2011 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: df31253cb5226982d7bb741aee5bb93a51b49e9350bb37371eb288b2895af1f8

Request headers

Referer: https://norfolkdailynews.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 21 Sep 2022 20:12:55 GMT
last-modified: Tue, 20 Sep 2022 22:49:32 GMT
server: Google Frontend
age: 58505
content-type: application/javascript
x-cloud-trace-context: ea155bbf283364bf3d9b8bddb8c9868e
cache-control: public, max-age=2592000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 426193

GET
H2 200 integrator.sync.js Show response
adservice.google.it/adsid/ 111 B
796 B 192ms
37ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.sync.js?domain=norfolkdailynews.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da46bc766028c67f94e34c39ecf0c36513fd5ffffe1e126ce09908ebcd671eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2022091501.js Show response
securepubads.g.doubleclick.net/gpt/ 376 KB
127 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2838ada1a2e98ea67fbff5622ae6dbc293c5cae3f50be29febaa03b9a4bd8627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 10:59:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5338
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130101
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 08:34:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 22 Sep 2023 10:59:02 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 106 B
117 B 86ms
35ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=norfolkdailynews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcac83462f49deedab22da15859d7703ff227dbf9d316230e30efb3f22c7e378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92
x-xss-protection: 0
expires: Thu, 22 Sep 2022 12:28:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
37ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 27
date: Thu, 22 Sep 2022 12:27:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Thu, 22 Sep 2022 14:27:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 114 KB
42 KB 69ms
68ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd150163224357008c3abd24cd281326ba895954081190ed2fe0dd5468a555bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42950
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 22 Sep 2022 12:28:00 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
536 B 203ms
64ms XHR
application/json 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a633abf6ef85a1bf221e75979146c4c7f7a6164732a6a981180a84cf44ced8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://norfolkdailynews.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Sep 2022 12:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://norfolkdailynews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3 200 prompt Show response
survey.g.doubleclick.net/gk/ 0
41 B 180ms
180ms Script
text/javascript 2a00:1450:400d:805::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.g.doubleclick.net/gk/prompt?site=_rwyy5wut2hljicuvrztnlebriu&t=1&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680715&ref=https%3A%2F%2Fwww.google.com%2F&token=

Requested by

Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_rwyy5wut2hljicuvrztnlebriu&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680362

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2011 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://norfolkdailynews.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-why: UserPrivacyInfo does not meet requirements to be served (LAT and/or OPT_OUT modifier).
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 22 Sep 2022 12:28:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.it/v1/ 3 B
465 B 202ms
60ms XHR
application/json 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.it/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://norfolkdailynews.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Sep 2022 12:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://norfolkdailynews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 85ms
26ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto|Martel:400,900|Martel+Sans|Raleway:400,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://norfolkdailynews.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sun, 18 Sep 2022 19:04:27 GMT
x-content-type-options: nosniff
age: 321814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Sep 2023 19:04:27 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 PN_xRfK9oXHga0XdZsg_.woff2
fonts.gstatic.com/s/martel/v10/ 18 KB
19 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/martel/v10/PN_xRfK9oXHga0XdZsg_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto|Martel:400,900|Martel+Sans|Raleway:400,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://norfolkdailynews.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 09:13:21 GMT
x-content-type-options: nosniff
age: 11680
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18860
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:03:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 09:13:21 GMT

GET
H2 200 632874509bc5a.preview.jpg
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/assets/v3/editorial/d/ca/dca28102-3821-11ed-92b8-635781098e2f/ 7 KB
7 KB 140ms
139ms Image
image/jpeg 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/assets/v3/editorial/d/ca/dca28102-3821-11ed-92b8-635781098e2f/632874509bc5a.preview.jpg?resize=200%2C200

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99b6f8f1b5517c2b1f11b1364b42978dab6e69653581ddb0f36f90ca5c5c6d99

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:01 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: origSize=7240, status=webp_bigger
last-modified: Mon, 19 Sep 2022 13:53:20 GMT
cross-origin-resource-policy: cross-origin
x-vcache: MISS
server: cloudflare
etag: "6963cf3380d524fc868f2b9a083ec92e"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 19 Sep 2023 13:59:02 GMT
cache-control: public, max-age=31536000
cf-ray: 74eb09bbaba80e22-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 632b1652e229c.preview.jpg
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/assets/v3/editorial/0/13/01373fb0-39b4-11ed-83ea-cb9c453de961/ 6 KB
6 KB 139ms
138ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/assets/v3/editorial/0/13/01373fb0-39b4-11ed-83ea-cb9c453de961/632b1652e229c.preview.jpg?resize=200%2C200

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92fb0a0bde0ae350ac71dc6c5f63045dfb0f1b042a902bcfd18995672371d6c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:01 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=6397
last-modified: Wed, 21 Sep 2022 13:49:07 GMT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="632b1652e229c.webp"
content-length: 5974
x-vcache: MISS
server: cloudflare
etag: "21639bb331e40e8e80ef21979d8f7513"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 21 Sep 2023 13:54:38 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74eb09bbabab0e22-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 6329c3832813a.preview.jpg
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/assets/v3/editorial/f/66/f66eebb6-38e9-11ed-ac05-b76175e0e99b/ 7 KB
7 KB 130ms
129ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/assets/v3/editorial/f/66/f66eebb6-38e9-11ed-ac05-b76175e0e99b/6329c3832813a.preview.jpg?resize=200%2C159

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

988893d5f5976a4243df780ccfaa9c9d2a5b56a650d216930ee2438bbdc804ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:01 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=7027
last-modified: Tue, 20 Sep 2022 13:43:31 GMT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6329c3832813a.webp"
content-length: 6776
x-vcache: HIT
server: cloudflare
etag: "398aa40d7812977dab7d843f33498f2f"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 20 Sep 2023 13:54:45 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74eb09bbabac0e22-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 6329c315748a1.preview.jpg
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/assets/v3/editorial/c/ce/cce2df82-38e9-11ed-9a37-1f25e9a67ba1/ 6 KB
6 KB 132ms
131ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/assets/v3/editorial/c/ce/cce2df82-38e9-11ed-9a37-1f25e9a67ba1/6329c315748a1.preview.jpg?resize=200%2C200

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

931dfd744aa571b930276927e2a0ab96712bbb955734408ec4e2f64b6d0dbe06

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:01 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=6299
last-modified: Tue, 20 Sep 2022 13:41:41 GMT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6329c315748a1.webp"
content-length: 5870
x-vcache: HIT
server: cloudflare
etag: "c32c9aef35b5794ba77a422decfb1de4"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Wed, 20 Sep 2023 13:54:45 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74eb09bbabad0e22-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 6328750073df8.preview.jpg
bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/assets/v3/editorial/b/4a/b4a4fda0-3822-11ed-8af8-d79580758724/ 7 KB
7 KB 127ms
127ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/norfolkdailynews.com/content/tncms/assets/v3/editorial/b/4a/b4a4fda0-3822-11ed-8af8-d79580758724/6328750073df8.preview.jpg?resize=200%2C159

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

988893d5f5976a4243df780ccfaa9c9d2a5b56a650d216930ee2438bbdc804ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:01 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=7027
last-modified: Mon, 19 Sep 2022 13:56:16 GMT
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="6328750073df8.webp"
content-length: 6776
x-vcache: MISS
server: cloudflare
etag: "108f63af1ab9da42ebf4075d51f02f6a"
x-robots-tag: noarchive
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 19 Sep 2023 14:05:04 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 74eb09bbabaf0e22-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 199 KB
61 KB 113ms
30ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:01 GMT
content-encoding: gzip
last-modified: Fri, 08 Jul 2022 20:07:19 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=33337
accept-ranges: bytes
content-type: application/javascript
content-length: 62062
expires: Thu, 22 Sep 2022 21:43:38 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 113ms
32ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:01 GMT
content-encoding: gzip
etag: "eN3sxSgaav0x5wHLxGB1gQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 29 Sep 2022 12:28:01 GMT

GET
H3 200 integrator.js Show response
adservice.google.it/adsid/ 107 B
122 B 94ms
36ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.it/adsid/integrator.js?domain=norfolkdailynews.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 98ms
34ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=norfolkdailynews.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 87 KB
20 KB 471ms
470ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3465974904704476&correlator=4487434854241256&output=ldjh&gdfp_req=1&vrg=2022091501&ptt=17&impl=fifs&iu_parts=132916964%3A2880078%2Cnorfolkdailynews.com%2Ccommentary&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C300x250%7C2x1%2C2x1%2C1x1&ifi=1&adks=28648535%2C2757095813%2C1627834370&sfv=1-0-38&fsapi=false&prev_scp=pos%3Dfixed_automatic_ad%2Cfixed_automatic_ad1%7Cpos%3Dimpact-top%7Cpos%3Dimpact-sticky-anchor&eri=1&cust_params=browser%3DChrome%26asset_id%3D423ee7d6-3c88-11eb-9d02-3bf52cbc0ced%26k%3Drepublicans%252Cdemocrats%252Cpresidential%2520election%252Cpolitics%252Cfraud%252Cjoe%2520biden%252Cvoter%26page%3Dasset%252Carticle%252Capp-editorial&sc=1&cookie_enabled=1&abxe=1&dt=1663849681292&lmt=1656597073&dlt=1663849680146&idt=669&adxs=241%2C799%2C800&adys=815%2C0%2C41&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&ref=https%3A%2F%2Fwww.google.com%2F&frm=20&vis=1&psz=750x1%7C1600x1%7C1600x1&msz=750x0%7C1600x1%7C1600x1&fws=4%2C4%2C4&ohw=1600%2C1600%2C1600&ga_vid=1250819458.1663849681&ga_sid=1663849681&ga_hid=53517906&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f9f773f0f7891b3e847af238b9cdd3731ced05a036a7024fc8989e5206875a5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20551
x-xss-protection: 0
google-lineitem-id: 6091012973,-2,5942913292
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138401304212,-2,138383727567
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://norfolkdailynews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2b8dcae387ed4b8a0537d02afde4d3d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 86DA 6 KB
4 KB 128ms
35ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2b8dcae387ed4b8a0537d02afde4d3d7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://norfolkdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 12:28:01 GMT
expires: Fri, 22 Sep 2023 12:28:01 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
443 B 125ms
40ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-54716522-7&cid=1250819458.1663849681&jid=1712071756&gjid=465616139&_gid=2029059471.1663849681&_u=aChAgUABAAQCAE~&z=1621390906

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://norfolkdailynews.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 22 Sep 2022 12:28:01 GMT
content-type: text/plain
access-control-allow-origin: https://norfolkdailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 134ms
58ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=53517906&t=pageview&_s=1&dl=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&dr=https%3A%2F%2Fwww.google.com%2F&dp=%2Fcommentary%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&ul=en-us&de=UTF-8&dt=Investigation%20beyond%20media%20needed%20into%20alleged%20voter%20fraud%20%7C%20Commentary%20%7C%20norfolkdailynews.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAAUABAAQCAG~&jid=1727191331&gjid=283187140&cid=1250819458.1663849681&tid=UA-60699507-1&_gid=2029059471.1663849681&_r=1&gtm=2wg9j0PDQV3N&z=1471466440

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://norfolkdailynews.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://norfolkdailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 110ms
37ms Image
image/gif 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&aip=1&a=53517906&t=pageview&_s=1&dl=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&dr=https%3A%2F%2Fwww.google.com%2F&dp=%2Fcommentary%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&ul=en-us&de=UTF-8&dt=Investigation%20beyond%20media%20needed%20into%20alleged%20voter%20fraud%20%7C%20Commentary%20%7C%20norfolkdailynews.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgUABAAQC~&jid=1712071756&gjid=465616139&cid=1250819458.1663849681&tid=UA-54716522-7&_gid=2029059471.1663849681&gtm=2wg9j0PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cd15=3.155.0&cd16=true&cd17=Page%20View&cd20=423ee7d6-3c88-11eb-9d02-3bf52cbc0ced&cm1=267&z=1457079461

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 01:17:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40208
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 110ms
38ms Image
image/gif 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&a=53517906&t=event&ni=0&_s=1&dl=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&dr=https%3A%2F%2Fwww.google.com%2F&dp=%2Fcommentary%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&ul=en-us&de=UTF-8&dt=Investigation%20beyond%20media%20needed%20into%20alleged%20voter%20fraud%20%7C%20Commentary%20%7C%20norfolkdailynews.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscription&ea=free%20view&el=first%20view&ev=1&_u=aCjAAUABAAQCAG~&jid=&gjid=&cid=1250819458.1663849681&tid=UA-60699507-1&_gid=2029059471.1663849681&gtm=2wg9j0PDQV3N&z=868118016

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 01:17:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40208
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 110ms
38ms Image
image/gif 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j97&aip=1&a=53517906&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&dr=https%3A%2F%2Fwww.google.com%2F&dp=%2Fcommentary%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&ul=en-us&de=UTF-8&dt=Investigation%20beyond%20media%20needed%20into%20alleged%20voter%20fraud%20%7C%20Commentary%20%7C%20norfolkdailynews.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscription&ea=free%20view&el=first%20view&ev=1&_u=aCjAgUABAAQCAG~&jid=&gjid=&cid=1250819458.1663849681&tid=UA-54716522-7&_gid=2029059471.1663849681&gtm=2wg9j0PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cd15=3.155.0&cd16=true&cd17=Page%20View&cd20=423ee7d6-3c88-11eb-9d02-3bf52cbc0ced&cm1=267&cm2=1&z=861826634

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 01:17:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 40208
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-LuXsc8QH2WB32.js Show response
rules.quantcount.com/ 209 B
691 B 149ms
56ms Script
application/javascript 2600:9000:206e:600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-LuXsc8QH2WB32.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7f27b0c098c60a652449eef1e6c311f36652d9deff4e990b9a084f1ef47010c

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:17:31 GMT
via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
age: 631
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Wed, 24 Aug 2022 12:04:12 GMT
server: AmazonS3
etag: "84b6165daca2733c9b74eae13daf3133"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: WMZpp0HzcDcuVXBricTqOV6zom0enhH_swVVjrx6k8FXSFfwBTkTUQ==

GET
H2 400 /
trends.revcontent.com/api/demand/ 0
0 177ms
59ms Fetch
text/html 34.249.231.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=270332

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.231.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-231-255.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://norfolkdailynews.com
date: Thu, 22 Sep 2022 12:28:01 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 175ms
58ms Fetch 34.249.231.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.231.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-231-255.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: https://norfolkdailynews.com
date: Thu, 22 Sep 2022 12:28:01 GMT
access-control-allow-credentials: true
server: openresty
x-envoy-upstream-service-time: 0
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 112ms
38ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-60699507-1&cid=1250819458.1663849681&jid=1727191331&gjid=283187140&_gid=2029059471.1663849681&_u=aCjAAUABAAQCAG~&z=848629385

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://norfolkdailynews.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 22 Sep 2022 12:28:01 GMT
content-type: text/plain
access-control-allow-origin: https://norfolkdailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
550 B 100ms
26ms Image
image/gif 2600:9000:223d:ea00:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=1391360110;fpan=1;fpa=P0-599267041-1663849681515;pbc=0e4d497b-ed57-4066-8939-0924914f50af;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=https%3A%2F%2Fwww.google.com%2F;cm=;gdpr=0;d=norfolkdailynews.com;dst=0;et=1663849681515;tzo=0;url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html;ogl=type.article%2Curl.https%3A%2F%2Fnorfolkdailynews%252Ecom%2Fcommentary%2Finvestigation-beyond-media-needed-into-a%2Cimage.https%3A%2F%2Fbloximages%252Enewyork1%252Evip%252Etownnews%252Ecom%2Fnorfolkdailynews%252Ecom%2Fcontent%2Ftncms%2F%2Cimage%3Awidth.600%2Cimage%3Aheight.315%2Ctitle.Investigation%20beyond%20media%20needed%20into%20alleged%20voter%20fraud%2Cdescription.Ahead%20of%20the%20general%20election%252C%20there%20was%20a%20lot%20of%20skepticism%20that%20it%20would%20be%20co%2Csite_name.The%20Norfolk%20Daily%20News%20%2Csection.Commentary

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:ea00:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 01:48:50 GMT
via: 1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 38352
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
x-frame-options: SAMEORIGIN
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
content-type: image/gif
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
x-amz-cf-id: 7040K5DwwVciCeUa_ReOVxLvfakgKvgaLOeSHM2_la62dIWXPFQRwg==

GET
H2 200 pixel;r=1919750406;source=gtm;rf=0;a=p-LuXsc8QH2WB32;url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d...
pixel.quantserve.com/ 35 B
371 B 41ms
32ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1919750406;source=gtm;rf=0;a=p-LuXsc8QH2WB32;url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html;ref=https%3A%2F%2Fwww.google.com%2F;uht=2;fpan=0;fpa=P0-599267041-1663849681515;pbc=0e4d497b-ed57-4066-8939-0924914f50af;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;d=norfolkdailynews.com;dst=0;et=1663849681518;tzo=0;ogl=type.article%2Curl.https%3A%2F%2Fnorfolkdailynews%252Ecom%2Fcommentary%2Finvestigation-beyond-media-needed-into-a%2Cimage.https%3A%2F%2Fbloximages%252Enewyork1%252Evip%252Etownnews%252Ecom%2Fnorfolkdailynews%252Ecom%2Fcontent%2Ftncms%2F%2Cimage%3Awidth.600%2Cimage%3Aheight.315%2Ctitle.Investigation%20beyond%20media%20needed%20into%20alleged%20voter%20fraud%2Cdescription.Ahead%20of%20the%20general%20election%252C%20there%20was%20a%20lot%20of%20skepticism%20that%20it%20would%20be%20co%2Csite_name.The%20Norfolk%20Daily%20News%20%2Csection.Commentary;ses=70daa29e-2629-4db7-874e-3ea1bad733c0

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:01 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 151ms
74ms Image
image/gif 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-60699507-1&cid=1250819458.1663849681&jid=1727191331&_u=aCjAAUABAAQCAG~&z=455667315

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.it/ads/ 42 B
501 B 118ms
60ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.it/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-60699507-1&cid=1250819458.1663849681&jid=1727191331&_u=aCjAAUABAAQCAG~&z=455667315

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 56 B
298 B 118ms
39ms Script
text/javascript 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=446&r=2&j=dspCriteoRTUSCallback

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e62ff111daf17418d9a23c8cf57947f202701d3d0fb370d29579f60bc9b29dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:01 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 704008
strict-transport-security: max-age=31536000; preload;
expires: 60

GET
H2 500 / Show response
trends.revcontent.com/api/delivery/ 0
442 B 61ms
61ms Fetch
text/html 34.249.231.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=270332&width=1600&rev_allow_cookies=1&site_url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&icr_url=&referer=https%3A%2F%2Fwww.google.com%2F&va=0&time=1663849681597&up=pc&bn=chrome&bv=105&widget_width=750&style_id=0&idhub[pubcid]=0e4d497b-ed57-4066-8939-0924914f50af

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.231.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-231-255.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:01 GMT
server: Apache/2.4.25 (Debian)
strict-transport-security: max-age=931536000; includeSubDomains
p3p: CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin: *
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 0

POST
H/1.1 204
No Content api-errors
yeet.revcontent.com/yeet/events/ 0
0 64ms
64ms Fetch 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Referer: https://norfolkdailynews.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
Date: Thu, 22 Sep 2022 12:28:01 GMT
x-envoy-upstream-service-time: 1
Server: openresty
Connection: keep-alive
vary: Origin

OPTIONS
H/1.1 200
OK api-errors
yeet.revcontent.com/yeet/events/ Frame 0
0 264ms
65ms Preflight 54.194.226.232
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://yeet.revcontent.com/yeet/events/api-errors
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-226-232.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://norfolkdailynews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 22 Sep 2022 12:28:01 GMT
Server: openresty
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time: 2

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=9247/rand=195611923/pv=y/int=%23OpR%2371859%23Norfolk%20Daily%20News%20%20%3A%20norfolkdailynews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%... Frame 1059
Redirect Chain

https://bcp.crwdcntrl.net/5/c=9247/rand=195611923/pv=y/int=%23OpR%2371859%23Norfolk%20Daily%20News%20%20%3A%20norfolkdailynews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%...
https://bcp.crwdcntrl.net/5/ct=y/c=9247/rand=195611923/pv=y/int=%23OpR%2371859%23Norfolk%20Daily%20News%20%20%3A%20norfolkdailynews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Sectio...

163 B
403 B

70ms
70ms

Document
text/html

52.212.128.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=9247/rand=195611923/pv=y/int=%23OpR%2371859%23Norfolk%20Daily%20News%20%20%3A%20norfolkdailynews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20commentary/med=%23OpR%2372333%23Keyword%20%3A%20republicans%2C%20democrats%2C%20presidential%20election%2C%20politics%2C%20fraud%2C%20joe%20biden%2C%20voter/rb=%7B%22meta_tag%22%3A%22republicans%2C%20democrats%2C%20presidential%20election%2C%20politics%2C%20fraud%2C%20joe%20biden%2C%20voter%22%2C%22ref_url%22%3A%22www.google.com%22%7D/rt=ifr
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.128.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-128-245.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Referer: https://norfolkdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 163
content-type: text/html;charset=utf-8
date: Thu, 22 Sep 2022 12:28:01 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-consent: absent
x-server: 10.45.4.122

Redirect headers

cache-control: no-cache
content-length: 0
date: Thu, 22 Sep 2022 12:28:01 GMT
expires: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=9247/rand=195611923/pv=y/int=%23OpR%2371859%23Norfolk%20Daily%20News%20%20%3A%20norfolkdailynews%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20commentary/med=%23OpR%2372333%23Keyword%20%3A%20republicans%2C%20democrats%2C%20presidential%20election%2C%20politics%2C%20fraud%2C%20joe%20biden%2C%20voter/rb=%7B%22meta_tag%22%3A%22republicans%2C%20democrats%2C%20presidential%20election%2C%20politics%2C%20fraud%2C%20joe%20biden%2C%20voter%22%2C%22ref_url%22%3A%22www.google.com%22%7D/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.24.187

GET
H2 404 1.js
norfolkdailynews.com/content/tncms/ads/in-story-top-desktop/ 0
0 105ms
105ms Script
text/html 192.104.183.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://norfolkdailynews.com/content/tncms/ads/in-story-top-desktop/1.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.183.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:24:56 GMT
content-encoding: gzip
x-vcache: HIT
age: 185
etag: W/"52f946a4-2a8"
vary: Accept-Encoding
content-type: text/html
cache-control: public, max-age=600
content-length: 350

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 178ms
84ms XHR
application/json 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c9f9999128836dbd3c8cfeb3ff1f11cd5707d83e18d68110bdb7d22eeb056f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11182
x-xss-protection: 0

GET
H2 200 b-92ee7c4-398b9c4d.js Show response
tagan.adlightning.com/townnews/ Frame F149 83 KB
31 KB 27ms
26ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-92ee7c4-398b9c4d.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3d11c6cec5ec98a202f937a38f8f9a548dfeac9a37d1eb4332a15cb526162c4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:00:59 GMT
content-encoding: gzip
age: 2334423
x-cache: Hit from cloudfront
content-length: 31673
x-amz-meta-git_commit: 92ee7c4
last-modified: Wed, 16 Mar 2022 21:37:15 GMT
server: AmazonS3
etag: "d6d86f9e34ce68eb3251dc5fcf0f2369"
x-amz-version-id: OuNvfKcigOPnizMEOUA0rl3uSqUhPTSQ
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: rqx-Mph2kFwUINLNE2KC1m45LnhgR2Agb02ACh-fh_Mz5kGTq8MvPA==

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/townnews/ Frame F149 43 KB
19 KB 30ms
29ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/blacklist_script.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9123684aadc2f7d019b36f6bc8ff22c5f20a7e6723f2ae748ca25dd11ce37c69

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: 8KkKF1sE2TfQ7cgYy8_QeiqDVkWjieF_
content-encoding: gzip
etag: "2302aab3be031cfd0c1e14c4f399f597"
age: 910
x-cache: Hit from cloudfront
content-length: 18640
x-amz-meta-git_commit: 993408f
last-modified: Tue, 20 Sep 2022 16:37:40 GMT
server: AmazonS3
date: Thu, 22 Sep 2022 12:16:40 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: NtxL0dDBUf4JfGhhHtnjau1r3xCIKxxy9UqfJhvGmaD_ADAnsA_3QQ==

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/townnews/ Frame F149 83 KB
31 KB 49ms
48ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/blocking_script.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3d11c6cec5ec98a202f937a38f8f9a548dfeac9a37d1eb4332a15cb526162c4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: j16JyGeVWpHKP1Uucjd7I26qL0QPR7vp
content-encoding: gzip
etag: "d6d86f9e34ce68eb3251dc5fcf0f2369"
age: 22758
x-cache: Hit from cloudfront
content-length: 31673
x-amz-meta-git_commit: 92ee7c4
last-modified: Wed, 16 Mar 2022 21:37:15 GMT
server: AmazonS3
date: Thu, 22 Sep 2022 06:08:44 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: JJK2SW6HTkCRR1wem7gRmoD8qbLsc9K05lr0wDYCP4crzKwrGDtJKA==

GET
H2 200 6491437985809390539
tpc.googlesyndication.com/simgad/ Frame F149 497 KB
498 KB 90ms
30ms Image
image/gif 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6491437985809390539

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce2444f01d4749e6d474fde54fe5221beff381c4cf0b7e38fcd132a62c51c7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 02:37:01 GMT
x-content-type-options: nosniff
age: 208260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 509386
x-xss-protection: 0
last-modified: Thu, 26 May 2022 14:32:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 20 Sep 2023 02:37:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame F149 23 KB
10 KB 85ms
25ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:26:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9574
x-xss-protection: 0
server: cafe
etag: 3447265524526809024
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:26:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/ Frame F149 3 KB
1 KB 89ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220919/r20110914/client/window_focus_fy2021.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:27:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F149 0
0 59ms
58ms Image
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5P-a8XoZ37gP_yuWwK9VO1kybmLuW6Rpg9lm5OgtYr5UrPbHJT7mArXl3L85YcW-obh6iSDk-Vr7V6G5Ay6x4F7i7hg
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F149 140 KB
44 KB 231ms
136ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 12:28:02 GMT

GET
H2 200 b-92ee7c4-398b9c4d.js Show response
tagan.adlightning.com/townnews/ Frame 0CD7 83 KB
31 KB 26ms
26ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/b-92ee7c4-398b9c4d.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3d11c6cec5ec98a202f937a38f8f9a548dfeac9a37d1eb4332a15cb526162c4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 12:00:59 GMT
content-encoding: gzip
age: 2334423
x-cache: Hit from cloudfront
content-length: 31673
x-amz-meta-git_commit: 92ee7c4
last-modified: Wed, 16 Mar 2022 21:37:15 GMT
server: AmazonS3
etag: "d6d86f9e34ce68eb3251dc5fcf0f2369"
x-amz-version-id: OuNvfKcigOPnizMEOUA0rl3uSqUhPTSQ
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: UtzNNpqu4uLaEd6HREmmTK7JWKU0Iws3WPizkNpLE4XaFak-2Wd4UQ==

GET
H2 200 blacklist_script.js Show response
tagan.adlightning.com/townnews/ Frame 0CD7 43 KB
19 KB 28ms
27ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/blacklist_script.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9123684aadc2f7d019b36f6bc8ff22c5f20a7e6723f2ae748ca25dd11ce37c69

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: 8KkKF1sE2TfQ7cgYy8_QeiqDVkWjieF_
content-encoding: gzip
etag: "2302aab3be031cfd0c1e14c4f399f597"
age: 910
x-cache: Hit from cloudfront
content-length: 18640
x-amz-meta-git_commit: 993408f
last-modified: Tue, 20 Sep 2022 16:37:40 GMT
server: AmazonS3
date: Thu, 22 Sep 2022 12:16:40 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: O7BgeTNnml9SOa9Wz2AmrdgZYpLaZEwhGf2YX2BJ85AGvc9UqjnU1g==

GET
H2 200 blocking_script.js Show response
tagan.adlightning.com/townnews/ Frame 0CD7 83 KB
31 KB 30ms
29ms Script
application/javascript 18.66.147.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/townnews/blocking_script.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-69.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3d11c6cec5ec98a202f937a38f8f9a548dfeac9a37d1eb4332a15cb526162c4

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: j16JyGeVWpHKP1Uucjd7I26qL0QPR7vp
content-encoding: gzip
etag: "d6d86f9e34ce68eb3251dc5fcf0f2369"
age: 22758
x-cache: Hit from cloudfront
content-length: 31673
x-amz-meta-git_commit: 92ee7c4
last-modified: Wed, 16 Mar 2022 21:37:15 GMT
server: AmazonS3
date: Thu, 22 Sep 2022 06:08:44 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: 681jhbM1ZWgIdpsLinmLFOpb25VgkTTT3Zriq3qJVh4YXGEV-Er_9g==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0CD7 140 KB
44 KB 251ms
185ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 12:28:02 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 163ms
139ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 12:28:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F149 0
0 63ms
63ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstY0Ge80FoVQHGVuUs9Td5_2ZwQPR1knPXnVrRmfg-NA5rJB3tOq-YgRa2Ni7TTP5vlsg2l1Fos0Jh2N84XJN3IQAO0Q1thliA8e2RzpjpW-bLMWdB_VubHH7vk67yOvWF9wBm1k5xuF369wvI4hENTAFG_SuUlbWZuE_ue61re1s8ktSTB2NvujrWH3kZdiX8wLCmEeMOyHyjK2gvHxA2Sc7yoWpNancrD2vMgaSSwjLc0X-P0EB3quyVtvtyrK7pV_Wa-bTsWEdYzwADrdoMuJaythEU91IQQpbK1om7UwsRZWaYEsOXm-GtTaxtFq3XPdGXaDm4hUxrzSeoF9JIOrg9TVVUJaulJ-rNnKQ&sai=AMfl-YSca4VEoOpSwSGf10CqU6njaVgxziX4NXzU_sNawYDtd2YVnWp0_sK5G2b_M6MQ50jzdsG4N55E5yybY6flxrZ2RJ8ibr_VA-eWHbZwACPpI4BDnufF7AipHxcWCNNUoGE&sig=Cg0ArKJSzHUOqNIwoww9EAE&uach_m=[UACH]&adurl=

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:28:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 22 Sep 2022 12:28:02 GMT

GET
DATA 200
OK truncated
/ Frame F149 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3d44325a33048dc4eeb02fa438dd0143c3a423b5c09c64b0842df99f6960e05

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0CD7 0
0 62ms
61ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuufDe17BnbK3mBBc_57pJ9hLQsTGovHYXZt9IkQE7bII4lQIysPVsW3UP0YNX118wfPA5HJe24Ugca9pYFHYlot2sjHdLjIA1S9hCMxnxXH1B1OYRNQO7HmmY4Xrmfn9XD7XRGBWu8ykM3pOCxKpqx9EMpx0Fb82hx6AuPV4KrkeNnM83YdqEr2AcnPSdpGZvPYkfT5GgRDQn_G_O9fYtNsiejoZgR8KyD9Z3KO9ePVup736lKBlVwKKNhlIfvY1Qf4-at5LuuAeuaTVDiLaBQ7K2zYpBD4P4AoAUPcopM8TS_bzhBLU-ifyrwVpd_zU9VxhTCa7tKYTxFXYqvnicPJye4Je_xlyEbsaiTg&sai=AMfl-YQfeTfndNfrjaqpyG_xNh4bNzrnE6HpU0u49wz335r4HPN-PSVqo_5yhMB6_udN0QASE_wAhxsewrANpWU4OXsLa8M5LK3hMRS0LUJBqkgiC1-YBQEr_fBNJ-M8BHYbo9Q&sig=Cg0ArKJSzBigefWhCMu1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: norfolkdailynews.com
URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:28:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 infolinks_main.js Show response
resources.infolinks.com/js/ 3 KB
2 KB 77ms
32ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/infolinks_main.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa01414da24aaed8a8cc35c7c2835b7b4b795681c8169ad9af0b3cb4c0a48de0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74eb09c4df00ba85-MXP
date: Thu, 22 Sep 2022 12:28:02 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 06:52:56 GMT
server: cloudflare
age: 5689
etag: W/"df8-5e93e82e1c646"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
content-encoding: gzip
expires: Thu, 22 Sep 2022 11:53:13 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F149 0
0 62ms
61ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5kDmW95KKD3dZj25phNws4kSp9lwqfGcy9jvYBi85R1gj-3jJHY5ZZg-gHtsbn52WZgnkJs9Fp69xJQrSUrLPEoFG5IvaRrMuv7sIjf_8uiRINegFVMH9Y0ssHNroccWeci7sxBzJtpZC736n_9nTYl3NgKsV-j5bWTttYqCnahWLNZDwdDEtGdtl-J4RfpQr7doy1-S6GDuxlLwCpCq3q-E0vxQarEIR1P-YEyzRR7vdD9jqN0YoraebMsvP8je7x6Uop6kHKgxu-xvTlzrCH5IMnc4jZSLFsSN7MDA89HYgDlzhRNY0DmMw_sXicXYpGE-ovKU9rQOM7Wafleh7cCk0NbC8o3mI9KRpnRCZ&sai=AMfl-YTYuo5gEoey8hO8V_dHzLI-CFGMoE_YE5SPOiwlQFutScObi9sO5ASv3_UpSRMZnRb9AqwyoK6RBrjfmnjk7QCbSPtpVAHo4Ncz5sPVtqLX9Egm1Lp_jHczWGu74pDj1N8&sig=Cg0ArKJSzOC91SIGWk-LEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:28:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 22 Sep 2022 12:28:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B326 13 KB
5 KB 79ms
25ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://norfolkdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

accept-ranges: bytes
age: 2372
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 11:48:30 GMT
expires: Fri, 22 Sep 2023 11:48:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B525 783 B
534 B 1522ms
1521ms Document
text/html 2a00:1450:400d:80d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

de1f4b3197b2349abf23a4a1e455941eda2a80b6c10f4dee688eaab58b8201c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-onpdFRsZDcSXoqh50BuMxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://norfolkdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-onpdFRsZDcSXoqh50BuMxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 12:28:03 GMT
expires: Thu, 22 Sep 2022 12:28:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 0CD7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e91213e45f98ca5b5f95b510e468673f208de97b060720288295d2df5f80776

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0CD7 0
0 62ms
62ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1UDdYi1Fa_BTgcYSWG5WlgxYzXP1MSvJq9kmUFmEtvNQzYREpi7I0bB6vmqAchfOVnFRyorQ3cItWn8Zy_Y4CLH76hxQg5H0jdgsmGjJjC6cHCiLdaxVv9Ih8VOdbPuWK081h3LcP00akEcw1UKCRDJnWwS-XgW3eFmAOD_02O_fjqvPJ91gxthRY4VfLwPVyTP9II8nbfYlF2Yoqpuw_eLQ1-F-OpE1JIw0kSkgehb6FuNCL3RWODu-izKppryxECH4F_4okbtwOZY0-XM2V7cX-c30lHfcPkSpVyWFpLvFmcpsnveONSKTkntby3K3zmMdfXiAQzztxm6LRvz-LU2M2JyJ9_9Gcwb4THBa8&sai=AMfl-YSIMVF5R9p6siaNP6yAFeScoWhY5XECrVuwTTz9L0CnJVoBNqLsJMXlmWRFg1Rb3thiBISMNzm1sExT7chMoZ0YggHn34PoxUvbyZlwIrvrWUwDEq-efGXR6bJoRBB0pO8&sig=Cg0ArKJSzJF-be8bVppdEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:28:02 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 22 Sep 2022 12:28:02 GMT

GET
H2 200 ice.js Show response
resources.infolinks.com/js/1819.019-3.025.ab.1823.015-3.025/ 180 KB
56 KB 42ms
42ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1819.019-3.025.ab.1823.015-3.025/ice.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9402f8cd0afeaf86eb96eb0dbeb363f620f898f19f4cc8fdf166f6b8d12ec627

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74eb09c60958ba85-MXP
date: Thu, 22 Sep 2022 12:28:02 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 06:45:13 GMT
server: cloudflare
age: 5548
etag: W/"2d0ea-5e93e674b1823"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sat, 22 Oct 2022 10:55:34 GMT

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame B326 36 KB
16 KB 113ms
37ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 19:19:21 GMT

GET
H2 200 manage Show response
router.infolinks.com/usync/ Frame 3A81 0
66 B 148ms
135ms Document
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=norfolkdailynews.com&purl=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1819.019-3.025.ab.1823.015-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://norfolkdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 74eb09c69a4eba85-MXP
content-length: 0
date: Thu, 22 Sep 2022 12:28:03 GMT
server: cloudflare
via: 1.1 google

GET
H2 200 lcmanage Show response
router.infolinks.com/usync/ 0
33 B 179ms
170ms Script
text/plain 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/usync/lcmanage?pid=3119781&wsid=0&pdom=norfolkdailynews.com&purl=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74eb09c69a52ba85-MXP
content-length: 0

GET
H2 200 gsd Show response
router.infolinks.com/ 321 B
516 B 147ms
139ms Script
text/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://router.infolinks.com/gsd?evt=afterGSD&pid=3119781&pdom=norfolkdailynews.com&purl=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&jsv=1819.019-3.025.ab.1823.015-3.025&ref=www.google.com%2F&_cb=16638496829550
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 242d300e360e5ba09151afd63123571b0a1d8f9d90ad5afbac55a499e57f4d6a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:03 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cache-control: max-age=0
cf-ray: 74eb09c69a50ba85-MXP
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B326 0
10 B 25ms
25ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1boYCg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 doq.htm Show response
rt3054.infolinks.com/action/ 1 KB
1 KB 246ms
189ms XHR
text/html 172.66.42.247
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3054.infolinks.com/action/doq.htm?pcode=utf-8&r=16638496831321
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1819.019-3.025.ab.1823.015-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0932f5444b6853abbbf73831541c9c4b5816be7e6ec4f3ab1284783a504061c2

Request headers

Referer: https://norfolkdailynews.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

cf-ray: 74eb09c7f9cdbabe-MXP
pragma: no-cache
date: Thu, 22 Sep 2022 12:28:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-language: it-IT
p3p: CP="NON DSP NID OUR COR"
access-control-allow-origin: https://norfolkdailynews.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: text/html;charset=UTF-8
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 in_search.js Show response
resources.infolinks.com/js/1819.019-3.025.ab.1823.015-3.025/ 222 KB
89 KB 36ms
35ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/1819.019-3.025.ab.1823.015-3.025/in_search.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae938820655d8afb2bcaac1a4c8e03cb464fd7cf04c3f4c9f9ce7917eae728c0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74eb09c93f7cba85-MXP
date: Thu, 22 Sep 2022 12:28:03 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Thu, 22 Sep 2022 06:45:13 GMT
server: cloudflare
age: 5548
etag: W/"3762b-5e93e674b1053"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sat, 22 Oct 2022 10:55:35 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 378 KB
127 KB 242ms
116ms Script
text/javascript 2a00:1450:400d:80a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128888
x-xss-protection: 0
expires: Thu, 22 Sep 2022 12:28:03 GMT

GET
H2 200 container-1.0.html Show response
resources.infolinks.com/static/ Frame 87F8 430 B
434 B 39ms
38ms Document
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/static/container-1.0.html
Requested by: Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1819.019-3.025.ab.1823.015-3.025/ice.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678

Request headers

Referer: https://norfolkdailynews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

age: 13827
cache-control: max-age=2592000
cf-cache-status: HIT
cf-ray: 74eb09c96fdcba85-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 22 Sep 2022 12:28:03 GMT
expires: Sat, 22 Oct 2022 08:37:36 GMT
last-modified: Wed, 17 Nov 2021 13:25:02 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 google

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 117ms
38ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnorfolkdailynews.com%2F&domain=norfolkdailynews.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://norfolkdailynews.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://norfolkdailynews.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 22 Sep 2022 12:28:03 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 395943
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnorfolkdailynews.com%2F&domain=norfolkdailynews.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=SVNnyXxQNmJQOVlTNUI5SWtvSlhoSzk2NTgxNHc2UlltZEgwU25Yc1lQbUdIcmRlL2kwd0Z5eWhleUxlNjV4VkVDdGN3ZmwrQTFNSHBLdzlNT2RQVGoxNHZCL2g1UXgyNFVLeE5BUWtzemZrQk1ZVWcrMDdGM20zWmk1WG...

391 B
672 B

102ms
34ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=SVNnyXxQNmJQOVlTNUI5SWtvSlhoSzk2NTgxNHc2UlltZEgwU25Yc1lQbUdIcmRlL2kwd0Z5eWhleUxlNjV4VkVDdGN3ZmwrQTFNSHBLdzlNT2RQVGoxNHZCL2g1UXgyNFVLeE5BUWtzemZrQk1ZVWcrMDdGM20zWmk1WG85OVBoTGNLZjdreVNuVkZhcTFjOWdENm5qNlJWVHpTOTA0MU1nTlZwMWREVzNVbnNYZWdqRnZyL3ZZMGlybXFRSURWSXNNOW1WQUc1ZzNBNExlYWU1VW04UVlYRXhPdjJKY0c5Rld5Vm0vOTRZMjNkcjd4T000SUxwZG1ENTZST0FuR1hVUjlufA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

feae43052762342c911f92ce87d0338545e2933333e565a73dbf0d3c091a1262

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:02 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1224546
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:02 GMT
server: Kestrel
location: https://mug.criteo.com/sid?cpp=SVNnyXxQNmJQOVlTNUI5SWtvSlhoSzk2NTgxNHc2UlltZEgwU25Yc1lQbUdIcmRlL2kwd0Z5eWhleUxlNjV4VkVDdGN3ZmwrQTFNSHBLdzlNT2RQVGoxNHZCL2g1UXgyNFVLeE5BUWtzemZrQk1ZVWcrMDdGM20zWmk1WG85OVBoTGNLZjdreVNuVkZhcTFjOWdENm5qNlJWVHpTOTA0MU1nTlZwMWREVzNVbnNYZWdqRnZyL3ZZMGlybXFRSURWSXNNOW1WQUc1ZzNBNExlYWU1VW04UVlYRXhPdjJKY0c5Rld5Vm0vOTRZMjNkcjd4T000SUxwZG1ENTZST0FuR1hVUjlufA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
access-control-allow-origin: https://norfolkdailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 300463
content-length: 0
expires: 0

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
341 B 118ms
104ms XHR
application/json 52.212.128.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.128.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-128-245.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 42a5415462a59c7b55e57cee2852347ee641e361f5d584ceb965aea7b10b7e86

Request headers

Referer: https://norfolkdailynews.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:03 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://norfolkdailynews.com
cache-control: no-cache
x-server: 10.45.13.120
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
394 B 182ms
54ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: ad9b260f3a9ecbedb31b7fa43541ad1f91076da518f38d2a2709393adce16607

Request headers

Referer: https://norfolkdailynews.com/
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 22 Sep 2022 12:28:03 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://norfolkdailynews.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 22 Oct 2022 12:28:03 GMT

GET
H2 200 getads.htm Show response
rt3054.infolinks.com/action/ 19 KB
10 KB 618ms
618ms Script
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rt3054.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22x_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22x%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22addressed%22%2C%22scs%22%3A%22ncUwU_4Fba%22%7D%5D&rid=b8b2a8db-b9cd-4936-b78a-39829c127c35&jsv=1819.019-3.025.ab.1823.015-3.025&sr=1600X1200&rts=1663849683446&cfv=-1&ref=www.google.com%2F&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=105.0.5195.125&dv=p&ce=t&purl=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&tzo=-0000&c=c&strg=true&rsd=i8_qxFafZyd-LHDK_uuTTNqTK9XcIMFtfzWT6qB0AFqQ3sq1CU4woBdmaR6LMt-cdinn_k1l4Ig05fDNzziLCgeshukb7g610HjLAmqosV1Dn6a2GRa9J95QSdat-BB0RNafU_2tfnG-N3vCC3aCk2Uivj9P4vAYaly4TsPePqo&rsk=52&rcs=LtbNod9KrYSACx-NgjcwNA&hbnr=false
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bef929115c309a5554ffec5327785cd8025bf19a04a86af286a5af4140229378

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-language: it-IT
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 74eb09c99871ba85-MXP
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 87F8
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_device_id=1ae8aaad-8751-4b7b-84e0-88f2b060d0df=&partner_id=3337
https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=1ae8aaad-8751-4b7b-84e0-88f2b060d0df=&partner_id=3337

95 B
113 B

59ms
38ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=1ae8aaad-8751-4b7b-84e0-88f2b060d0df=&partner_id=3337

Requested by

Host: resources.infolinks.com
URL: https://resources.infolinks.com/static/container-1.0.html

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://resources.infolinks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:03 GMT
via: 1.1 google
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=1ae8aaad-8751-4b7b-84e0-88f2b060d0df=&partner_id=3337
date: Thu, 22 Sep 2022 12:28:03 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 245ms
34ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 22 Sep 2022 12:28:03 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 518190
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
72ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091501&jk=3465974904704476&bg=!urmluf3NAAZqQh0mSkI7ACkAdvg8Wln2Gi8Py_y9twh22QY2Z1hI6C2NifJ9sXw9egyIxcxUtYZIswIAAABGUgAAAAJoAQcKAPSeKu1EJPp_0wEJoI7Q08ZEEMBwK8rYlTAET117jPZWKkSOQIdPsR0CG8Pj_Eeh90zPJhwpm_6Yhk91FaAcE5I7Mr8fAh5P3S-lIOwWeMFl3js0YutlbiWmGQoiexlmwFvrDa4zPjkcjfB5lmLoxeIDPrndqM86t0J9g5JrvtBA6GegcfgWr95raqoAKrWy8focNFegAL-3fYPtYHZMC9X2guugD4b1eYiJDiBeGzMRGC7I2BLrsmqrq9PH8ChYJmoLfEZcQFIl0ySdozzgApa-GL8TTkLB7_24_Jm_Y4M9-M7HNHMLvYwaV61zKt909mBpFKjPmQKkVFtkd_dImK0iHQtU_px5YTlM-sJ9sMFZ2ySdkL8zAK8ua7Md0GsFWaCjWzpJrJRENqrWRLisZiQCqxFVxX0YM46VesA91E9-kESQBoMglqX_EH-UErKzJVWPdAXeFdfIVSpvJzPVazBoB4M52qZPyhZsteaidYKUwJsQ7PDkbsbmNvp-RrOB5yvtEhyHXxCcOp6SYNo0KvK7relOLNBe_3mYcXSltYoBHR7LUr_J483cWM-ZkG-M1rr34xUL8seLIf7r3oVG_wOxwbW66vW01ITTj7xERqMNtLBo1iSZOFGJfXZCtcguLLWusMy5tUKtiY08F0L1k7OOiSCxMh6RDL9Km_DL-XyM6kvig-ksmL8Wh21i2THKDgUXNUacbnCD4sTkfYJg-b9Z06qrzFtHDujbxIVTXkD8rE4vgNHI5REjy-0Z_QeZsaSGdm1Cy9P3k6wWEvuX19GOeqlRp2zbgw_e9tmQVG986ovZ3oykNoaNuVkJo8N-vSVQSETCexMU2wkkiiDiiaYkdzW9vSpeQIAun1du05ug1nmNiDTmu8Pn32lhEduYMyc0y_wqCk3lRDdSE6sfc2nJfYSszIsuA8MC-ga5xEgVy428EumrU9l9kxtBTrcfnebjiNweWBzsMey1_TBl2aj0rThWUUobTLzbowZ0nN5kZlGAVqZ6SH0Fd8rGEQ-WyD_ZmpmTpL5MaqQxWG7g4zQrT9Mfm_0av2vOiMssxHuIjmiUUOxSFwG-47bI09vrZRRQxFiB8XXGtf56OIcJ1WKlH3plKLyY8GCHp1afy4qOUSYpanX3wi4lhs5H0FJM7kpFuGumVyTDzjkyruqV0UyYBattjuQH9x60ljB_JcOJylYeOxFHVmyBCVrgz7yGbTdWbqZGGf4jAouYTA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 vidice.js Show response
resources.infolinks.com/js/vidice/2.0/ 333 KB
86 KB 34ms
34ms Script
application/javascript 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.infolinks.com/js/vidice/2.0/vidice.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/townnews/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74eb09cb8c81ba85-MXP
date: Thu, 22 Sep 2022 12:28:03 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Tue, 25 Jan 2022 09:20:02 GMT
server: cloudflare
age: 11408
etag: W/"5344d-5d6649709d511"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
content-encoding: gzip
expires: Sat, 22 Oct 2022 09:17:55 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F149 42 B
64 B 147ms
71ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvskvj0Sp90qhaLn_ycCv7GdMzW2Dl5XHABJcJANoi4T5vINaOg3nSgL0T5A70b7_dGi-zb2FJ-PkqswNi4k0ROKED1V5skYfpSdK3rlikr-cMzGOdz&sig=Cg0ArKJSzGY-LWd1H4xeEAE&id=lidar2&mcvt=1008&p=769,455,1019,755&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220919&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=28648535&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663849681793&rpt=880&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0CD7 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRJrViY7d_pu-QXwhlYcyI66O_pbXw-ODv0LngL1Oovckvy_RY6sZKVSJz4FEVHwOpiuqNIHIzG2-W1z7MydFcdl3ZbCZfEmlpUeT3rbQXV2D767Qd&sig=Cg0ArKJSzDKEOi8l6bhvEAE&id=lidar2&mcvt=1000&p=1,800,2,801&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220919&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1627834370&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663849681924&rpt=921&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview.htm
rt3054.infolinks.com/action/ 0
140 B 151ms
151ms Image
text/html 172.66.41.9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rt3054.infolinks.com/action/adview.htm?rid=b8b2a8db-b9cd-4936-b78a-39829c127c35&bdc=1&midx=0&emd=ODgzfjc4OTVfMzgyMzUwMDgxfjM4MjM1MDA4MQ&rts=1663849684083&prod_t=x&jsv=1819.019-3.025.ab.1823.015-3.025&skin=sidebar&theme=nologo&sdata=addressed&scs=ncUwU_4Fba&rsd=i8_qxFafZyd-LHDK_uuTTNqTK9XcIMFtfzWT6qB0AFqQ3sq1CU4woBdmaR6LMt-cdinn_k1l4Ig05fDNzziLCgeshukb7g610HjLAmqosV1Dn6a2GRa9J95QSdat-BB0RNafU_2tfnG-N3vCC3aCk2Uivj9P4vAYaly4TsPePqo&rsk=52&rcs=LtbNod9KrYSACx-NgjcwNA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="NON DSP NID OUR COR"
content-type: text/html;charset=UTF-8
cache-control: no-cache,no-store
cf-ray: 74eb09cdd9b9ba85-MXP
content-length: 0
x-application-context: application:prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E35C 264 B
604 B 107ms
38ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7pb3dAhjgt4vOATAB&v=APEucNVs_lErfD02ujYwhahkB_7KNPkSsBAsOWG_EYuFUpZ7kmJ4Vf7tXZibltVxvlBxOHExA0Yr-RSIwKoRxmvrgUhEgAcH1xjRZI4px_WPEHz-A1KeIA0hoLNPwoMdJQ-roHYLhzP8BFswJz0v2ESwdkrU3oPT_3cKlr6_9bCl36gu_wsgBZrZZ7vFX5qGJbA3Hv8olS3e3b1xKJfTGiTog2_T2s3NLHUY8C_7B6UFrVtdfioijhU

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05deee3fdf1fcfaf986017678f334ea2733f5e233f80b1081f3f0867fb55179f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 147
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 22 Sep 2022 12:28:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F0B2 42 B
63 B 71ms
70ms Image
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQbzcII5wiftv_PTvBwZZVIgYJMMmZDS3wsh-QQgx-VE9Qf9YWHRcNUavsnw2xN3cfRNGiRhTVwvMe58BsbSYo_Rl5oZOst7px4uF2waxXrAc4X3k

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F0B2 58 KB
20 KB 145ms
78ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFkr8LLkjZICNUeTfjQ87We2wqxJdgWk-j0RDOhSGZtennQyNjGbi0uDJD1mlRMvDG02C9On3vXVzGjiaz1CwvAZ3V5Lar2OORxWmJvgYrvVV6LuUaeq_vAUlVOMqBqcEWw0oAFB749uieggkFiVUri5pblFPgOmAHNrfgBKyptbl4wEY&dbm_d=AKAmf-Dtay-tY06z9_sQbT4bp3CWVBVDTdhBcUN0xvTL8v-iu8uNRuFJIcammtq5nvfzeMIHW-J88z0Gx3nAuNYw-QS0GJxkRGq6yQjCfcONcfLq0f-Zl3czMCO82jAv-4_-YSzqvwiX2gqUp18CrqzAT_kCH5ndI5gGo0xePrgdT_KCZuoJMox5BsS88PZgyc9oGSBjtbwyuBT5N2W4mb4NWt1YpCdOkWhDOS8O-eTMyi8bfh55F9pFWdA_t6t3zCf18rboAsoaBQrpDvYuaUTvCGdP6-Xy65s-sv9vOpnU1oC1qYbJccn5SK574efJbp7rXxZLukibPKuSY5gZFIM8QSlzyf0SHEX1mm9W-Kz7KwMWdyW8jkMlJlPzb2nxJ_fu9iGOg7uYSXsPFKKT1kX7vNVEO-OinTnFoAuhPUF3gZ5-U2Fe3YcBSE2OGH4Z08g1_Fo9SMsjYzabhxRogMarXa-hc1M0FVIIFonJzp_BdAYoaBH3K5P4tpK6tOVFVmdiBTWRfkjvHbSTbjTnKAUumLkeMeKRuCmcEuh8xz5fdw0kWX_V37QldNpem5kwPXIk7s94aXgE23SkjJ2aBWu2dsFZfzpXG4ivewg6__TbyO-BSrjf6rBvK0ht656zaYKn30eWBadLeq6l2CN4rfAfPNd6z6ELstlKWI79Xc-bJQegW8WOyLoUr-lF9Sro13NgG7u65LDX7cDnpiRe9SPnxh0fZJ8rxNZyELKRo2FdNiBqwDNEmBBHhifLWjGVKIFYawA043CV4asaYhL1OP2zBpr0l0kwdt2fi_2KlwNzuETtxiyGn1eDEIIFtOC5MGeZKFT4itoquuUVhCq17fFqubKta13e30L_8eQzopAUoi4aURjz15_bxTFbe9BHwFOj3E5cpmscqo9JR4Jxk-PDIvQ3E2wtHoOyid_uhU_kzWklOA69tb-PnOlZbQJUxRRhwn74YeAoAH8-LBZVJNWRPCNsbDdj8I_G9YBEr9-pNq67bIQz9MaKneeESl8dkiasyA2pW30zF0oMh4ZNP3L_VAmKX6SqI8uo9PEJVc9QXnqqiLw8YdPFZP8UMSwt649mr4xaZkj7MD4f1ZEmbRFuTygplWyvnfn76jOMV5YFKDPp_fxaNqzEsBhdwavIz6MBaccZXX5i3NDH7_PnW--01G4b4KtCCtw-igThT6kKpOFKs9t3kqrpYH3_LrynnybFeBs6FrMNHhBuyMHC-N5hMD0n2yA-jeAoJ0H--OGKwenHnwFcsNkbJzDO3LNNJWehipMxptBhumU32ivnvfZ_wJmUNA_yCpg17ViwYS3QO_MsjVGpVbcnMVTRXi3DgfbR3OKZLpafhxdTb5-IWfrj0sKjh0eOcmIUX_2Vtnw2Pmcm88nL3OfdPTKk-NgYR2w2eBxexLVM-G3WyoxqDRIxjkCPGM8rXyHR03VhM6dqlbJxAwa5ch8fuLl1tkOEkZWSliKdsR6Yj0OG0xYB59ZIxqqnAj8MpgSkKm1wZmZonJ0uRLyW76nbAcB3ZZJ_Uv0DHEUFgevN-2e1lO3rsx_hL__cPSjhzHYfegG12vuk9g4X5qNlNBo4oetIDCeKlSgQ6BtgmeNBmTkC0A29Fno3Hjg7V6OauKe8iQao8eoSZaHARyCKW86gtwpguJ5YPUMLUgXGmvSm-DxA-FbT0tUoL3YdyBjvNK8DPYynwgQoO_GOaM9BsYM9962TGgUcPgBkikqD5K_606SxOYQEthr_FjjQaaqcZjAZ-tgtBmDzB6FW9GekxlOzRcpuCDz51J_dLbkslCtPqbE4gVEldyttd-UPUKDV1kVkIS27SThActV2KXGxo0mvSY-5-bmK75alkBRleYl8z2UbRN_aT-a1t7x5uszRCLLSBTrRpgO_oVlli_uNspTZijnYPR0-Ld0KjMtxA07jKtuTiwLbANSMqMol4QErhKSWv5wjg37o1Aue8PZARAuvPhPTyWg2TSKOvhWCky4E_jqDN6CeU8sYg0S6lrZCL9a2vqWw7uZQTJvl6AvDRdnIJNnNNybFN7neoyZ7etZ_t3VggV7gFFoVTli_u-pb7hgog1mt4w00K1pu3Uxq_TAs8JJzmZ_uRFU1kY58oPoNg3KxPga5u2mJpYxpS21XN8dOoSUvR7OE9DH6unQM3IL-cUecv4kCsszyC94YVuHzdIJXyb4dPyvktqb57DevLWC744JufJFdLuTiMbWd-Ha3WMQ4nKaqLHI6dBgbahYbOAAUAbbnvg3Sn-Ah44egNzExOtZ-dUSSaL0YDs6XG4e6hmw9GC7kdF6YpDmi9N1GPIiTvIbMWJnliwAs4vh0r7xUFxxkTPwY047Bdai6Zk5wpHi1OcgQdXcu1FfPdUy92YA6aeQvvevsU8WmkkRUQpqCsMOERzOSHhPFy6i-Ctku2cmPQKMV1KipKhm8ok3YQiqTAxVRuhLxvTxer9fHMV6tSxCRlBzH9Ja6ijKz7Yl3zmEpssSzX6Avxy4MbJMaDsOoW7j0X_VPnCFCkzClKUGK1Z5P-95XWhuDoNB1DCu1MnJXOvHbY6ffnIzwSIxfrYpgRIHVfFrvNKs-Fqcl7KL2ghsPTXG0X7fB76BnOQChMov-wcwkmTt0vGzxudLjbGSPakVRw-SJ0YxSxCQ8XF4PjlOMraBs7wgsYqQHMjRtP4Y2grGaG0MzF4NHtMPvNhYVeGNhu3nT59GbUJoKuo74_BwhpwIWGBsJYD4LUQPE8hrkkxUFckSFY6XVskq8uFLY7lFzHnUpsgIk-zE5PZXjMlUSM9Tc3lrP8CovmcJ04cpFDWAJZP4MkiklwlFXP667TUhcUBYp_D6jdHFIEptjsFI5mEeH28N_leaXhmSSBmL96nW9eiDrQT88maNps8ZGK2KOm2kEfRONopnnZ6DSMudKT8iVNpSfFy_pvc-ob9_fyOq3vYN4mkNPfiZV78KhXbl5zPZZwj0O6175TincWIwiP_MXbHROI3sSEceqPMCb8UDyC-kShPrpwZKldk4EYbfwOmF8SUNNxBtHNUk4wjRpHAoC4Ruf1120QUue3nsgwYfb4Uhv9EbhVLMa2k-RwFXJbIQBA7vC2xtxfCXthHm9dLLsGzkYU3b7GcfXNhKPG55GBCHImCEZF--I3g1Y4L2ZVLdQJa1vMpPM8oJ3yhVYQEPooC7QqimUrH1o26zE7bBV0-YXS7d-p5OJrQ0HQKrFSCKfpZkagcRdyQ&cid=CAASBORo-dU&rfl=1%2Chttps%253A%252F%252Fnorfolkdailynews.com%252Fcommentary%252Finvestigation-beyond-media-needed-into-alleged-voter-fraud%252Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html%240

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7d4d8fffee9abdf4687ff6457cff2a69201a16e8ec13b01fb94ee80014cbc1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK it
lax1-ib.adnxs-simple.com/ Frame F0B2 0
671 B 808ms
225ms Image
text/html 104.254.150.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lax1-ib.adnxs-simple.com/it?an_audit=0&referrer=norfolkdailynews.com&e=wqT_3QKbC2ibBQAAAwDWAAUBCNOpsZkGEPziv5nXh6FOGP8RAVgBKjYJyY6NQLyujz8RK4arAyDuij8ZAAUBCBZAIRESACkRJNAxAAAAgBSu9z8woMLZCzizGUDXPUhlUIHmqLYBWNjrcWAAaMa4iwF4qoAGgAEBigEDVVNEkgUG9A0FmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABALICATDYAqRD4ALq-SXqAhRub3Jmb2xrZGFpbHluZXdzLmNvbYADAYgDAJADAJgDFKADAaoD0QYKnAZodHRwczovL2FkeC5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvYWR2aWV3P2FpPUNwM2tYMDFRc1k3X3pKOXFpNUxjUHA0Nkh5QWJfNEoybGJQdktnWUxWRUdRUUFTRG1sOVlsWVAyQ2tZVG9FYUFCZ3BpM293SElBUW1wQXE4VGlZNHBoTEEtcUFNQnlBT2JCS29FNndGUDBGRUJFeUhhUDRyWjFqcTRpSkV2VGFPalg4Y2VWY2JjYzZqajNFT2cxUVV5NFh5b1Y1U0ltUHlfbW5mbDFDSl9haWNXcGVOM3llMEI1R2xNLVR5bkpPLVJiS0hyaUhCLTdBRDUxTGxSYWdCV19sREtMN25NR1FaVTFVWDdCSnhMTEVwcWVDNGR6QXVrbWpnangwczZEXzVjY0dqb1R1R2pKMTZMbC1aNVF5OWVWbnY2Y0Q1djdyUWtrOEE5VWstbWdqaEF6blZDZUhPX3JDbW1XYlFIVWxOWHJCU2ZaanlVYVRZVlhzWno2Z0J0MHZnVFB0cW1MRlhtb3NkNUViQlQxZTUyYmpmQjFLd0pyd09oVS16X0pZR2FfX1ZkU3RyY0NWZmNjRUVoTHM4Q0lpM0Vjd3RuS0V1eHdBVHBsZDZraEFUZ0JBT0lCWmJ5Z3ZGRGtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVpNZ0FmbTU4amNBcWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0pFTzU0R09DM2k4NEIwZ2dSQ0lEaGdCQVFBUmdmTWdLcUFqb0NnRUR5Q0E1aWFXUmtaWEl0TlRrek9ESTRONEFLQk1nTEFiQVR4ZC03RU1nVC1NNks0UVBRRXdEWUV3MklGQVBZRkFIUUZRR0FGd0d5RndnS0JnZ0FFZ0FZQUEmc2lnaD1PN3FTVVR2X1ZLMCZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTQk9Sby1kVSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhE0NDA1NTQ5NTgyNzI1NTY3NiIJMzgyMzUwMDgxKgcxNTQ3ODQyOgk0MzIyMDA2NzLAA6wCyAMA2AO55y_gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xOTIuMTQ1LjEyNy4yMTCoBKwUsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBIHmqLYBiAUBmAUAoAXCxdr-iZXu2BSqBSpiOGIyYThkYi1iOWNkLTQ5MzYtYjc4YS0zOTgyOWMxMjdjMzV-ODgzfjHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXAGfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aa4atoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE4MjIyMjAxMTEwugcPCAAQABgAIAAwADiTJUAAyAeqgAbSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=a71fb0d3aaed12407b877fd3bcaa78018ac4f482&pp=0.01315

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 12:28:04 GMT
X-Proxy-Origin: 192.145.127.218; 192.145.127.218; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
AN-X-Request-Uuid: f16d0c77-3c52-4833-bd07-9bfca0dcd9b7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs-simple.com/v/s/228/ Frame F0B2 85 KB
29 KB 175ms
15ms Script
application/x-javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs-simple.com/v/s/228/trk.js
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 17ea00f45c87696eea458d8499980bc6bfd9f4eab9f4d351cf0b71e1578a5adf

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 12:28:04 GMT
Content-Encoding: gzip
Age: 97647
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29297
X-Served-By: cache-lga21932-LGA, cache-mxp6923-MXP
Access-Control-Allow-Origin: *, *
Last-Modified: Wed, 21 Sep 2022 09:19:38 GMT
Server: AkamaiNetStorage
X-Timer: S1663849684.302365,VS0,VE0
ETag: "8675c94c6eb0b952165c5ba715b70918:1663751978.592998"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 21 Sep 2023 09:20:36 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 1, 15729

GET
H3

200

sync
ad.sxp.smartclip.net/ Frame E35C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartclip_dbm&google_cm&google_dbm
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEGeOOfB2vxpTuw3JaBuul00&google_cver=1
https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEGeOOfB2vxpTuw3JaBuul00&google_cver=1&ang_testid=1

42 B
60 B

83ms
30ms

Image
image/gif

35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEGeOOfB2vxpTuw3JaBuul00&google_cver=1&ang_testid=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7pb3dAhjgt4vOATAB&v=APEucNVs_lErfD02ujYwhahkB_7KNPkSsBAsOWG_EYuFUpZ7kmJ4Vf7tXZibltVxvlBxOHExA0Yr-RSIwKoRxmvrgUhEgAcH1xjRZI4px_WPEHz-A1KeIA0hoLNPwoMdJQ-roHYLhzP8BFswJz0v2ESwdkrU3oPT_3cKlr6_9bCl36gu_wsgBZrZZ7vFX5qGJbA3Hv8olS3e3b1xKJfTGiTog2_T2s3NLHUY8C_7B6UFrVtdfioijhU
Protocol: H3
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:04 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Thu, 22 Sep 2022 12:28:04 GMT
via: 1.1 google
server: openresty/1.19.9.1
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.sxp.smartclip.net/sync?type=host&dsp=10&dspuuid=CAESEGeOOfB2vxpTuw3JaBuul00&google_cver=1&ang_testid=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

204
No Content

m
ad.yieldlab.net/ Frame E35C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEExpmsvt5ANw9xnaSGeSQbc&google_cver=1

0
360 B

207ms
57ms

Image
text/plain

104.103.102.147
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEExpmsvt5ANw9xnaSGeSQbc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMK8XhC7pb3dAhjgt4vOATAB&v=APEucNVs_lErfD02ujYwhahkB_7KNPkSsBAsOWG_EYuFUpZ7kmJ4Vf7tXZibltVxvlBxOHExA0Yr-RSIwKoRxmvrgUhEgAcH1xjRZI4px_WPEHz-A1KeIA0hoLNPwoMdJQ-roHYLhzP8BFswJz0v2ESwdkrU3oPT_3cKlr6_9bCl36gu_wsgBZrZZ7vFX5qGJbA3Hv8olS3e3b1xKJfTGiTog2_T2s3NLHUY8C_7B6UFrVtdfioijhU

Protocol

HTTP/1.1

Server

104.103.102.147 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-103-102-147.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 12:28:04 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Wed, 21 Sep 2022 12:28:04 GMT

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:04 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEExpmsvt5ANw9xnaSGeSQbc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B525 0
0 69ms
68ms Image
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091501&jk=3465974904704476&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1083723/64080112/ Frame F0B2 47 KB
12 KB 184ms
63ms Script
application/javascript 52.208.167.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1083723/64080112/skeleton.js?ias_dspID=3&ias_campId=1008904056&ias_pubId=3251&ias_chanId=10&ias_placementId=18222201110&bidurl=norfolkdailynews.com&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jIip1QawwFoX1OLRwAUqHp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFkr8LLkjZICNUeTfjQ87We2wqxJdgWk-j0RDOhSGZtennQyNjGbi0uDJD1mlRMvDG02C9On3vXVzGjiaz1CwvAZ3V5Lar2OORxWmJvgYrvVV6LuUaeq_vAUlVOMqBqcEWw0oAFB749uieggkFiVUri5pblFPgOmAHNrfgBKyptbl4wEY&dbm_d=AKAmf-Dtay-tY06z9_sQbT4bp3CWVBVDTdhBcUN0xvTL8v-iu8uNRuFJIcammtq5nvfzeMIHW-J88z0Gx3nAuNYw-QS0GJxkRGq6yQjCfcONcfLq0f-Zl3czMCO82jAv-4_-YSzqvwiX2gqUp18CrqzAT_kCH5ndI5gGo0xePrgdT_KCZuoJMox5BsS88PZgyc9oGSBjtbwyuBT5N2W4mb4NWt1YpCdOkWhDOS8O-eTMyi8bfh55F9pFWdA_t6t3zCf18rboAsoaBQrpDvYuaUTvCGdP6-Xy65s-sv9vOpnU1oC1qYbJccn5SK574efJbp7rXxZLukibPKuSY5gZFIM8QSlzyf0SHEX1mm9W-Kz7KwMWdyW8jkMlJlPzb2nxJ_fu9iGOg7uYSXsPFKKT1kX7vNVEO-OinTnFoAuhPUF3gZ5-U2Fe3YcBSE2OGH4Z08g1_Fo9SMsjYzabhxRogMarXa-hc1M0FVIIFonJzp_BdAYoaBH3K5P4tpK6tOVFVmdiBTWRfkjvHbSTbjTnKAUumLkeMeKRuCmcEuh8xz5fdw0kWX_V37QldNpem5kwPXIk7s94aXgE23SkjJ2aBWu2dsFZfzpXG4ivewg6__TbyO-BSrjf6rBvK0ht656zaYKn30eWBadLeq6l2CN4rfAfPNd6z6ELstlKWI79Xc-bJQegW8WOyLoUr-lF9Sro13NgG7u65LDX7cDnpiRe9SPnxh0fZJ8rxNZyELKRo2FdNiBqwDNEmBBHhifLWjGVKIFYawA043CV4asaYhL1OP2zBpr0l0kwdt2fi_2KlwNzuETtxiyGn1eDEIIFtOC5MGeZKFT4itoquuUVhCq17fFqubKta13e30L_8eQzopAUoi4aURjz15_bxTFbe9BHwFOj3E5cpmscqo9JR4Jxk-PDIvQ3E2wtHoOyid_uhU_kzWklOA69tb-PnOlZbQJUxRRhwn74YeAoAH8-LBZVJNWRPCNsbDdj8I_G9YBEr9-pNq67bIQz9MaKneeESl8dkiasyA2pW30zF0oMh4ZNP3L_VAmKX6SqI8uo9PEJVc9QXnqqiLw8YdPFZP8UMSwt649mr4xaZkj7MD4f1ZEmbRFuTygplWyvnfn76jOMV5YFKDPp_fxaNqzEsBhdwavIz6MBaccZXX5i3NDH7_PnW--01G4b4KtCCtw-igThT6kKpOFKs9t3kqrpYH3_LrynnybFeBs6FrMNHhBuyMHC-N5hMD0n2yA-jeAoJ0H--OGKwenHnwFcsNkbJzDO3LNNJWehipMxptBhumU32ivnvfZ_wJmUNA_yCpg17ViwYS3QO_MsjVGpVbcnMVTRXi3DgfbR3OKZLpafhxdTb5-IWfrj0sKjh0eOcmIUX_2Vtnw2Pmcm88nL3OfdPTKk-NgYR2w2eBxexLVM-G3WyoxqDRIxjkCPGM8rXyHR03VhM6dqlbJxAwa5ch8fuLl1tkOEkZWSliKdsR6Yj0OG0xYB59ZIxqqnAj8MpgSkKm1wZmZonJ0uRLyW76nbAcB3ZZJ_Uv0DHEUFgevN-2e1lO3rsx_hL__cPSjhzHYfegG12vuk9g4X5qNlNBo4oetIDCeKlSgQ6BtgmeNBmTkC0A29Fno3Hjg7V6OauKe8iQao8eoSZaHARyCKW86gtwpguJ5YPUMLUgXGmvSm-DxA-FbT0tUoL3YdyBjvNK8DPYynwgQoO_GOaM9BsYM9962TGgUcPgBkikqD5K_606SxOYQEthr_FjjQaaqcZjAZ-tgtBmDzB6FW9GekxlOzRcpuCDz51J_dLbkslCtPqbE4gVEldyttd-UPUKDV1kVkIS27SThActV2KXGxo0mvSY-5-bmK75alkBRleYl8z2UbRN_aT-a1t7x5uszRCLLSBTrRpgO_oVlli_uNspTZijnYPR0-Ld0KjMtxA07jKtuTiwLbANSMqMol4QErhKSWv5wjg37o1Aue8PZARAuvPhPTyWg2TSKOvhWCky4E_jqDN6CeU8sYg0S6lrZCL9a2vqWw7uZQTJvl6AvDRdnIJNnNNybFN7neoyZ7etZ_t3VggV7gFFoVTli_u-pb7hgog1mt4w00K1pu3Uxq_TAs8JJzmZ_uRFU1kY58oPoNg3KxPga5u2mJpYxpS21XN8dOoSUvR7OE9DH6unQM3IL-cUecv4kCsszyC94YVuHzdIJXyb4dPyvktqb57DevLWC744JufJFdLuTiMbWd-Ha3WMQ4nKaqLHI6dBgbahYbOAAUAbbnvg3Sn-Ah44egNzExOtZ-dUSSaL0YDs6XG4e6hmw9GC7kdF6YpDmi9N1GPIiTvIbMWJnliwAs4vh0r7xUFxxkTPwY047Bdai6Zk5wpHi1OcgQdXcu1FfPdUy92YA6aeQvvevsU8WmkkRUQpqCsMOERzOSHhPFy6i-Ctku2cmPQKMV1KipKhm8ok3YQiqTAxVRuhLxvTxer9fHMV6tSxCRlBzH9Ja6ijKz7Yl3zmEpssSzX6Avxy4MbJMaDsOoW7j0X_VPnCFCkzClKUGK1Z5P-95XWhuDoNB1DCu1MnJXOvHbY6ffnIzwSIxfrYpgRIHVfFrvNKs-Fqcl7KL2ghsPTXG0X7fB76BnOQChMov-wcwkmTt0vGzxudLjbGSPakVRw-SJ0YxSxCQ8XF4PjlOMraBs7wgsYqQHMjRtP4Y2grGaG0MzF4NHtMPvNhYVeGNhu3nT59GbUJoKuo74_BwhpwIWGBsJYD4LUQPE8hrkkxUFckSFY6XVskq8uFLY7lFzHnUpsgIk-zE5PZXjMlUSM9Tc3lrP8CovmcJ04cpFDWAJZP4MkiklwlFXP667TUhcUBYp_D6jdHFIEptjsFI5mEeH28N_leaXhmSSBmL96nW9eiDrQT88maNps8ZGK2KOm2kEfRONopnnZ6DSMudKT8iVNpSfFy_pvc-ob9_fyOq3vYN4mkNPfiZV78KhXbl5zPZZwj0O6175TincWIwiP_MXbHROI3sSEceqPMCb8UDyC-kShPrpwZKldk4EYbfwOmF8SUNNxBtHNUk4wjRpHAoC4Ruf1120QUue3nsgwYfb4Uhv9EbhVLMa2k-RwFXJbIQBA7vC2xtxfCXthHm9dLLsGzkYU3b7GcfXNhKPG55GBCHImCEZF--I3g1Y4L2ZVLdQJa1vMpPM8oJ3yhVYQEPooC7QqimUrH1o26zE7bBV0-YXS7d-p5OJrQ0HQKrFSCKfpZkagcRdyQ&cid=CAASBORo-dU&rfl=1%2Chttps%253A%252F%252Fnorfolkdailynews.com%252Fcommentary%252Finvestigation-beyond-media-needed-into-alleged-voter-fraud%252Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html%240
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.167.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-167-155.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6ddf18c4a4eeb06489f2c6470ba9779af4cffeddea337519d6f2c569c9749532

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:04 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 player Show response
realtime.clinch.co/video/player_v1/ Frame 2AD0 11 KB
11 KB 463ms
223ms Document
text/html 54.197.229.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12376&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsu-B0dJWronLkROvoGXkZqBXFkY2zza3NcW8Tb-G9EehI1085GD7xmUiC6xY97HyRYYmooV345M_I_SdoFyKraN6D1F9DbZnZh9a9szogKCMByp0Mu0kGKOY5YTeZyECBOuNisFYV4UhcSE5aDz4uWwZlt4mgixDWo55slfEXfY5ElHiOixeCRH_DRkcfYsN5Ht1v5YJbR20a_DmZOlSZjtSa1J5owxAyAgHQ70IkX3o8ghY6joq_FSC19DYUbsLlC5uxY5bF6qLocfys9rofO1fSzJChkrWrofGCPMHRBLN9BiTgG9WDPbvpyf7Nz6_pAmIjW3OZLZV53AsBZPxktG-LuTCoOS5lJhO8PCN9cMzTRESV5JpacZntOfqwXOcbjJMBdCBTYJ-5MWdQ0qTbXtmnq1hqLgX-me87_Oi4nmIG0sBUFka3LcdPE-90fsdqYx7tTMRsA-RJOhcv_h9lH7OqfMsnpUiTP2pnuQpeSvvHUN8JEM_u-mAJtrOjvr_Hrt4kJF0XdsF7Juou73f-Rqvw0vpaKpqR3Vfdnw5FFcFPBG80WfJ0Mvn7FsEmSmIX_K10idrJRhGiRUHfESi5MQ2mp480Rp-_6rziX6gSkgKoHiby2BEP1aZluQAUH7l_Eq8HWgvX2PA4Qv8y63xX006FiaQLuQyMxBpDM4u4XweVo14rlLmtBJeW53xZlHjqHOI1CHCRMsKZGdQ4hGEJ8sgvru-55cpvIMM-UBzE8wAxw4dFuQJmWrtZwFFCYwGlWljPMvKURqhKNEC-wFHeTywX7yq-rLpV_OWNFatByz54GC2fmzBbbA1Ccob06176FxO4WTUFFYo_HRBLiGYIm-6TWMqVxfjI9iBBYCMC1XQcJEQPG8kHT401EU-n9tnTDZxt0t8CBBHQ-OdlikdK90z4hDKjyiFnQI7MJfC4vzF-35jgzepFOhDp5n88MYWZW3sXXjHVHu98RSY01I3YvWtKRnBqbLwIzh-g6nu1XKU5aq9IAeG5iBDrrLiwDH27EG5E7FiYEKMoixeNx__SecZb32Z397BjSXJT-BLVYDjWltxYap74cXfbSQisbXGDVKSVfUtfgP4ErvdpTS4NwOEL24UMCUJuWYI8UO5c3QRnsllqEQ2vJMk8_1MXp3bSuWCitZcK5QAkbZ_VXvQ68RsjVlw-1pkDM6xCAHnUrO_vLIg1lTvqI3W0-2xw_-Y2BuVXt7N7xf95TWY8Cwo9gDuLlCVX6dHB37Npec%26sai%3DAMfl-YQ3byEgP7PSUe47sdwOv3wmgUy762J0E1Zy7JgMVNTpKj-zk-3nAuh4JSLXE8-v8Sykl2SJHZ5DjhWdyFBySFTgoytCJ_RkF-mJxDNMStW5aMdHYEfsJZHI3MLEJ_J-Qic119ButBlMKG4%26sig%3DCg0ArKJSzC5aw8glT0BMEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Peugeot_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Drse28bixr%26kxadvertiserid%3D8241423%26kxcampaignid%3D28019146%26kxsiteid%3D7079041%26kxsitename%3DN755990.4162781DV360IT0%26kxplacementid%3D339647168%26kxadid%3D531542318%26kxcreativeid%3D174133431%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28019146%26si%3D7079041%26ci%3D174133431%26pi%3D339647168%26ad%3D531542318%26sv1%3D%5Bkeyword_id%5D%26advt%3D8241423%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%241008904056_18222201110_432200672%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.peugeot.it%2Facquista%2Fpromozioni%2Fsuv-3008-promozioni.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N755990.4162781DV360IT0/B28019146.339647168&dsp_c1=8241423&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=339647168&site_id=7079041&dsp_insertion_order_id=1008904056&dsp_ad_id=531542318&dsp_caid=18222201110&dsp_grid=&dsp_crid=174133431&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=632220414&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFkr8LLkjZICNUeTfjQ87We2wqxJdgWk-j0RDOhSGZtennQyNjGbi0uDJD1mlRMvDG02C9On3vXVzGjiaz1CwvAZ3V5Lar2OORxWmJvgYrvVV6LuUaeq_vAUlVOMqBqcEWw0oAFB749uieggkFiVUri5pblFPgOmAHNrfgBKyptbl4wEY&dbm_d=AKAmf-Dtay-tY06z9_sQbT4bp3CWVBVDTdhBcUN0xvTL8v-iu8uNRuFJIcammtq5nvfzeMIHW-J88z0Gx3nAuNYw-QS0GJxkRGq6yQjCfcONcfLq0f-Zl3czMCO82jAv-4_-YSzqvwiX2gqUp18CrqzAT_kCH5ndI5gGo0xePrgdT_KCZuoJMox5BsS88PZgyc9oGSBjtbwyuBT5N2W4mb4NWt1YpCdOkWhDOS8O-eTMyi8bfh55F9pFWdA_t6t3zCf18rboAsoaBQrpDvYuaUTvCGdP6-Xy65s-sv9vOpnU1oC1qYbJccn5SK574efJbp7rXxZLukibPKuSY5gZFIM8QSlzyf0SHEX1mm9W-Kz7KwMWdyW8jkMlJlPzb2nxJ_fu9iGOg7uYSXsPFKKT1kX7vNVEO-OinTnFoAuhPUF3gZ5-U2Fe3YcBSE2OGH4Z08g1_Fo9SMsjYzabhxRogMarXa-hc1M0FVIIFonJzp_BdAYoaBH3K5P4tpK6tOVFVmdiBTWRfkjvHbSTbjTnKAUumLkeMeKRuCmcEuh8xz5fdw0kWX_V37QldNpem5kwPXIk7s94aXgE23SkjJ2aBWu2dsFZfzpXG4ivewg6__TbyO-BSrjf6rBvK0ht656zaYKn30eWBadLeq6l2CN4rfAfPNd6z6ELstlKWI79Xc-bJQegW8WOyLoUr-lF9Sro13NgG7u65LDX7cDnpiRe9SPnxh0fZJ8rxNZyELKRo2FdNiBqwDNEmBBHhifLWjGVKIFYawA043CV4asaYhL1OP2zBpr0l0kwdt2fi_2KlwNzuETtxiyGn1eDEIIFtOC5MGeZKFT4itoquuUVhCq17fFqubKta13e30L_8eQzopAUoi4aURjz15_bxTFbe9BHwFOj3E5cpmscqo9JR4Jxk-PDIvQ3E2wtHoOyid_uhU_kzWklOA69tb-PnOlZbQJUxRRhwn74YeAoAH8-LBZVJNWRPCNsbDdj8I_G9YBEr9-pNq67bIQz9MaKneeESl8dkiasyA2pW30zF0oMh4ZNP3L_VAmKX6SqI8uo9PEJVc9QXnqqiLw8YdPFZP8UMSwt649mr4xaZkj7MD4f1ZEmbRFuTygplWyvnfn76jOMV5YFKDPp_fxaNqzEsBhdwavIz6MBaccZXX5i3NDH7_PnW--01G4b4KtCCtw-igThT6kKpOFKs9t3kqrpYH3_LrynnybFeBs6FrMNHhBuyMHC-N5hMD0n2yA-jeAoJ0H--OGKwenHnwFcsNkbJzDO3LNNJWehipMxptBhumU32ivnvfZ_wJmUNA_yCpg17ViwYS3QO_MsjVGpVbcnMVTRXi3DgfbR3OKZLpafhxdTb5-IWfrj0sKjh0eOcmIUX_2Vtnw2Pmcm88nL3OfdPTKk-NgYR2w2eBxexLVM-G3WyoxqDRIxjkCPGM8rXyHR03VhM6dqlbJxAwa5ch8fuLl1tkOEkZWSliKdsR6Yj0OG0xYB59ZIxqqnAj8MpgSkKm1wZmZonJ0uRLyW76nbAcB3ZZJ_Uv0DHEUFgevN-2e1lO3rsx_hL__cPSjhzHYfegG12vuk9g4X5qNlNBo4oetIDCeKlSgQ6BtgmeNBmTkC0A29Fno3Hjg7V6OauKe8iQao8eoSZaHARyCKW86gtwpguJ5YPUMLUgXGmvSm-DxA-FbT0tUoL3YdyBjvNK8DPYynwgQoO_GOaM9BsYM9962TGgUcPgBkikqD5K_606SxOYQEthr_FjjQaaqcZjAZ-tgtBmDzB6FW9GekxlOzRcpuCDz51J_dLbkslCtPqbE4gVEldyttd-UPUKDV1kVkIS27SThActV2KXGxo0mvSY-5-bmK75alkBRleYl8z2UbRN_aT-a1t7x5uszRCLLSBTrRpgO_oVlli_uNspTZijnYPR0-Ld0KjMtxA07jKtuTiwLbANSMqMol4QErhKSWv5wjg37o1Aue8PZARAuvPhPTyWg2TSKOvhWCky4E_jqDN6CeU8sYg0S6lrZCL9a2vqWw7uZQTJvl6AvDRdnIJNnNNybFN7neoyZ7etZ_t3VggV7gFFoVTli_u-pb7hgog1mt4w00K1pu3Uxq_TAs8JJzmZ_uRFU1kY58oPoNg3KxPga5u2mJpYxpS21XN8dOoSUvR7OE9DH6unQM3IL-cUecv4kCsszyC94YVuHzdIJXyb4dPyvktqb57DevLWC744JufJFdLuTiMbWd-Ha3WMQ4nKaqLHI6dBgbahYbOAAUAbbnvg3Sn-Ah44egNzExOtZ-dUSSaL0YDs6XG4e6hmw9GC7kdF6YpDmi9N1GPIiTvIbMWJnliwAs4vh0r7xUFxxkTPwY047Bdai6Zk5wpHi1OcgQdXcu1FfPdUy92YA6aeQvvevsU8WmkkRUQpqCsMOERzOSHhPFy6i-Ctku2cmPQKMV1KipKhm8ok3YQiqTAxVRuhLxvTxer9fHMV6tSxCRlBzH9Ja6ijKz7Yl3zmEpssSzX6Avxy4MbJMaDsOoW7j0X_VPnCFCkzClKUGK1Z5P-95XWhuDoNB1DCu1MnJXOvHbY6ffnIzwSIxfrYpgRIHVfFrvNKs-Fqcl7KL2ghsPTXG0X7fB76BnOQChMov-wcwkmTt0vGzxudLjbGSPakVRw-SJ0YxSxCQ8XF4PjlOMraBs7wgsYqQHMjRtP4Y2grGaG0MzF4NHtMPvNhYVeGNhu3nT59GbUJoKuo74_BwhpwIWGBsJYD4LUQPE8hrkkxUFckSFY6XVskq8uFLY7lFzHnUpsgIk-zE5PZXjMlUSM9Tc3lrP8CovmcJ04cpFDWAJZP4MkiklwlFXP667TUhcUBYp_D6jdHFIEptjsFI5mEeH28N_leaXhmSSBmL96nW9eiDrQT88maNps8ZGK2KOm2kEfRONopnnZ6DSMudKT8iVNpSfFy_pvc-ob9_fyOq3vYN4mkNPfiZV78KhXbl5zPZZwj0O6175TincWIwiP_MXbHROI3sSEceqPMCb8UDyC-kShPrpwZKldk4EYbfwOmF8SUNNxBtHNUk4wjRpHAoC4Ruf1120QUue3nsgwYfb4Uhv9EbhVLMa2k-RwFXJbIQBA7vC2xtxfCXthHm9dLLsGzkYU3b7GcfXNhKPG55GBCHImCEZF--I3g1Y4L2ZVLdQJa1vMpPM8oJ3yhVYQEPooC7QqimUrH1o26zE7bBV0-YXS7d-p5OJrQ0HQKrFSCKfpZkagcRdyQ&cid=CAASBORo-dU&rfl=1%2Chttps%253A%252F%252Fnorfolkdailynews.com%252Fcommentary%252Finvestigation-beyond-media-needed-into-alleged-voter-fraud%252Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html%240
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.197.229.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-229-35.compute-1.amazonaws.com
Software: clinch /
Resource Hash: 1973085468daea4cb486397d54babbe3819b57f37663201d2b89636ced42b91d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

cache-control: no-store
content-type: text/html; charset=utf-8
date: Thu, 22 Sep 2022 12:28:04 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: clinch

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/ Frame F0B2 30 KB
11 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DFkr8LLkjZICNUeTfjQ87We2wqxJdgWk-j0RDOhSGZtennQyNjGbi0uDJD1mlRMvDG02C9On3vXVzGjiaz1CwvAZ3V5Lar2OORxWmJvgYrvVV6LuUaeq_vAUlVOMqBqcEWw0oAFB749uieggkFiVUri5pblFPgOmAHNrfgBKyptbl4wEY&dbm_d=AKAmf-Dtay-tY06z9_sQbT4bp3CWVBVDTdhBcUN0xvTL8v-iu8uNRuFJIcammtq5nvfzeMIHW-J88z0Gx3nAuNYw-QS0GJxkRGq6yQjCfcONcfLq0f-Zl3czMCO82jAv-4_-YSzqvwiX2gqUp18CrqzAT_kCH5ndI5gGo0xePrgdT_KCZuoJMox5BsS88PZgyc9oGSBjtbwyuBT5N2W4mb4NWt1YpCdOkWhDOS8O-eTMyi8bfh55F9pFWdA_t6t3zCf18rboAsoaBQrpDvYuaUTvCGdP6-Xy65s-sv9vOpnU1oC1qYbJccn5SK574efJbp7rXxZLukibPKuSY5gZFIM8QSlzyf0SHEX1mm9W-Kz7KwMWdyW8jkMlJlPzb2nxJ_fu9iGOg7uYSXsPFKKT1kX7vNVEO-OinTnFoAuhPUF3gZ5-U2Fe3YcBSE2OGH4Z08g1_Fo9SMsjYzabhxRogMarXa-hc1M0FVIIFonJzp_BdAYoaBH3K5P4tpK6tOVFVmdiBTWRfkjvHbSTbjTnKAUumLkeMeKRuCmcEuh8xz5fdw0kWX_V37QldNpem5kwPXIk7s94aXgE23SkjJ2aBWu2dsFZfzpXG4ivewg6__TbyO-BSrjf6rBvK0ht656zaYKn30eWBadLeq6l2CN4rfAfPNd6z6ELstlKWI79Xc-bJQegW8WOyLoUr-lF9Sro13NgG7u65LDX7cDnpiRe9SPnxh0fZJ8rxNZyELKRo2FdNiBqwDNEmBBHhifLWjGVKIFYawA043CV4asaYhL1OP2zBpr0l0kwdt2fi_2KlwNzuETtxiyGn1eDEIIFtOC5MGeZKFT4itoquuUVhCq17fFqubKta13e30L_8eQzopAUoi4aURjz15_bxTFbe9BHwFOj3E5cpmscqo9JR4Jxk-PDIvQ3E2wtHoOyid_uhU_kzWklOA69tb-PnOlZbQJUxRRhwn74YeAoAH8-LBZVJNWRPCNsbDdj8I_G9YBEr9-pNq67bIQz9MaKneeESl8dkiasyA2pW30zF0oMh4ZNP3L_VAmKX6SqI8uo9PEJVc9QXnqqiLw8YdPFZP8UMSwt649mr4xaZkj7MD4f1ZEmbRFuTygplWyvnfn76jOMV5YFKDPp_fxaNqzEsBhdwavIz6MBaccZXX5i3NDH7_PnW--01G4b4KtCCtw-igThT6kKpOFKs9t3kqrpYH3_LrynnybFeBs6FrMNHhBuyMHC-N5hMD0n2yA-jeAoJ0H--OGKwenHnwFcsNkbJzDO3LNNJWehipMxptBhumU32ivnvfZ_wJmUNA_yCpg17ViwYS3QO_MsjVGpVbcnMVTRXi3DgfbR3OKZLpafhxdTb5-IWfrj0sKjh0eOcmIUX_2Vtnw2Pmcm88nL3OfdPTKk-NgYR2w2eBxexLVM-G3WyoxqDRIxjkCPGM8rXyHR03VhM6dqlbJxAwa5ch8fuLl1tkOEkZWSliKdsR6Yj0OG0xYB59ZIxqqnAj8MpgSkKm1wZmZonJ0uRLyW76nbAcB3ZZJ_Uv0DHEUFgevN-2e1lO3rsx_hL__cPSjhzHYfegG12vuk9g4X5qNlNBo4oetIDCeKlSgQ6BtgmeNBmTkC0A29Fno3Hjg7V6OauKe8iQao8eoSZaHARyCKW86gtwpguJ5YPUMLUgXGmvSm-DxA-FbT0tUoL3YdyBjvNK8DPYynwgQoO_GOaM9BsYM9962TGgUcPgBkikqD5K_606SxOYQEthr_FjjQaaqcZjAZ-tgtBmDzB6FW9GekxlOzRcpuCDz51J_dLbkslCtPqbE4gVEldyttd-UPUKDV1kVkIS27SThActV2KXGxo0mvSY-5-bmK75alkBRleYl8z2UbRN_aT-a1t7x5uszRCLLSBTrRpgO_oVlli_uNspTZijnYPR0-Ld0KjMtxA07jKtuTiwLbANSMqMol4QErhKSWv5wjg37o1Aue8PZARAuvPhPTyWg2TSKOvhWCky4E_jqDN6CeU8sYg0S6lrZCL9a2vqWw7uZQTJvl6AvDRdnIJNnNNybFN7neoyZ7etZ_t3VggV7gFFoVTli_u-pb7hgog1mt4w00K1pu3Uxq_TAs8JJzmZ_uRFU1kY58oPoNg3KxPga5u2mJpYxpS21XN8dOoSUvR7OE9DH6unQM3IL-cUecv4kCsszyC94YVuHzdIJXyb4dPyvktqb57DevLWC744JufJFdLuTiMbWd-Ha3WMQ4nKaqLHI6dBgbahYbOAAUAbbnvg3Sn-Ah44egNzExOtZ-dUSSaL0YDs6XG4e6hmw9GC7kdF6YpDmi9N1GPIiTvIbMWJnliwAs4vh0r7xUFxxkTPwY047Bdai6Zk5wpHi1OcgQdXcu1FfPdUy92YA6aeQvvevsU8WmkkRUQpqCsMOERzOSHhPFy6i-Ctku2cmPQKMV1KipKhm8ok3YQiqTAxVRuhLxvTxer9fHMV6tSxCRlBzH9Ja6ijKz7Yl3zmEpssSzX6Avxy4MbJMaDsOoW7j0X_VPnCFCkzClKUGK1Z5P-95XWhuDoNB1DCu1MnJXOvHbY6ffnIzwSIxfrYpgRIHVfFrvNKs-Fqcl7KL2ghsPTXG0X7fB76BnOQChMov-wcwkmTt0vGzxudLjbGSPakVRw-SJ0YxSxCQ8XF4PjlOMraBs7wgsYqQHMjRtP4Y2grGaG0MzF4NHtMPvNhYVeGNhu3nT59GbUJoKuo74_BwhpwIWGBsJYD4LUQPE8hrkkxUFckSFY6XVskq8uFLY7lFzHnUpsgIk-zE5PZXjMlUSM9Tc3lrP8CovmcJ04cpFDWAJZP4MkiklwlFXP667TUhcUBYp_D6jdHFIEptjsFI5mEeH28N_leaXhmSSBmL96nW9eiDrQT88maNps8ZGK2KOm2kEfRONopnnZ6DSMudKT8iVNpSfFy_pvc-ob9_fyOq3vYN4mkNPfiZV78KhXbl5zPZZwj0O6175TincWIwiP_MXbHROI3sSEceqPMCb8UDyC-kShPrpwZKldk4EYbfwOmF8SUNNxBtHNUk4wjRpHAoC4Ruf1120QUue3nsgwYfb4Uhv9EbhVLMa2k-RwFXJbIQBA7vC2xtxfCXthHm9dLLsGzkYU3b7GcfXNhKPG55GBCHImCEZF--I3g1Y4L2ZVLdQJa1vMpPM8oJ3yhVYQEPooC7QqimUrH1o26zE7bBV0-YXS7d-p5OJrQ0HQKrFSCKfpZkagcRdyQ&cid=CAASBORo-dU&rfl=1%2Chttps%253A%252F%252Fnorfolkdailynews.com%252Fcommentary%252Finvestigation-beyond-media-needed-into-alleged-voter-fraud%252Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a97a1a8b88f4fa4b1eff7a0b360e7b17459268ec07a8fd8001808f191b3b002

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11738
x-xss-protection: 0
server: cafe
etag: 507854449507764401
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:11:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0B2 140 KB
44 KB 170ms
93ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 22 Sep 2022 12:28:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/ Frame F0B2 8 KB
3 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220919/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Oct 2022 12:22:49 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F0B2 0
575 B 145ms
68ms Ping
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstK3P3EwhHn9SwzXjcLKFqH3cPOTSdZNekUqCnhTBnggYUSmko2pQfx8S4b-dChySoeZjfMGOpY0DT6V1_hnbHWJDHDsbGX6315LNhKiC3lrBTDCBkFElPJe1lb6llJLctooIjpS3fUFwZMxLt61jUo7yBtouYIp1nLy2WzQR2k&sai=AMfl-YR4UBcPmX9Kgr0TogjDwc3PvZi20Mq8OzogWhbrxgGzSjghpc8l1K81L_-KUUWtIFASs-N7xPplsXHSrZJcSLe-q_V9AG1INmI&sig=Cg0ArKJSzKUnp_t9-7G7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=2&dett=2&cstd=0&cisv=r20220919.93433&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Sep 2022 12:28:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

impression_pixel
t.myvisualiq.net/ul_cb/ Frame F0B2
Redirect Chain

https://t.myvisualiq.net/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=28019146&si=7079041&ci=174133431&pi=339647168&ad=531542318&advt=8241423&chnl=-7&vndr=115&sz=10125&u=$$1008904056_18...
https://t.myvisualiq.net/ul_cb/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=28019146&si=7079041&ci=174133431&pi=339647168&ad=531542318&advt=8241423&chnl=-7&vndr=115&sz=10125&u=$$1008904...

43 B
573 B

44ms
44ms

Image
image/gif

52.59.13.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/ul_cb/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=28019146&si=7079041&ci=174133431&pi=339647168&ad=531542318&advt=8241423&chnl=-7&vndr=115&sz=10125&u=$$1008904056_18222201110_432200672$$&viq_did=&pt=i
Requested by: Host: blank
URL: about:blank
Protocol: HTTP/1.1
Server: 52.59.13.32 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-13-32.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Thu, 22 Sep 2022 12:28:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://t.myvisualiq.net/ul_cb/impression_pixel?r=[CACHEBUSTER]&et=i&ago=212&ao=693&aca=28019146&si=7079041&ci=174133431&pi=339647168&ad=531542318&advt=8241423&chnl=-7&vndr=115&sz=10125&u=$$1008904056_18222201110_432200672$$&viq_did=&pt=i
Date: Thu, 22 Sep 2022 12:28:04 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 204 ad_impression.gif
beacon.krxd.net/ Frame F0B2 0
338 B 174ms
54ms Image
text/plain 52.18.211.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/ad_impression.gif?confid=rse28bixr&advertiserid=8241423&campaignid=28019146&siteid=7079041&sitename=N755990.4162781DV360IT0&placementid=339647168&adid=531542318&creativeid=174133431
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.211.80 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-211-80.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1663849684
x-served-by: beacon-n002-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK rd_log Show response
lax1-ib.adnxs-simple.com/ Frame F0B2 0
671 B 404ms
190ms Script
text/html 104.254.150.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://lax1-ib.adnxs-simple.com/rd_log?an_audit=0&referrer=norfolkdailynews.com&e=wqT_3QLJBGhJAgAAAwDWAAUBCNOpsZkGEPziv5nXh6FOGP8RAVgBKjYJyY6NQLyujz8RK4arAyDuij8ZAAUBCBZAIRESACkRJNAxAAAAgBSu9z8woMLZCzizGUDXPUhlUIHmqLYBWNjrcWAAaMa4iwF4qoAGgAEBigEDVVNEkgUG8LaYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAsgIBMNgCpEPgAur5JeoCFG5vcmZvbGtkYWlseW5ld3MuY29tgAMBiAMAkAMAmAMUoAMBqgMAwAOsAsgDANgDuecv4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQPMTkyLjE0NS4xMjcuMjEwqASsFLIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANoEAggB4AQA8AQF2vBDiAUBmAUAoAXCxdr-iZXu2BSqBSpiOGIyYThkYi1iOWNkLTQ5MzYtYjc4YS0zOTgyOWMxMjdjMzV-ODgzfjHABQDJBQAlUxTwP9IFCQkFC3gAAADYBQHgBQHwBcAZ-gUECAAQAJAGAJgGALgGAMEGASAwAADwP9AGuGraBhYKEAkRGQGYEAAYAOAGAfIGAggAgAcBiAcAoAcBqgcLMTgyMjIyMDExMTC6Bw8IBShAIAAwADiTJUAAyAeqgAbSBw0VgwFGCNoHBgF9aBgA4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=fa8d1395c637c46a9a08410b72e031a853012df1&bdref=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html,about%3Ablank&

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 12:28:04 GMT
X-Proxy-Origin: 192.145.127.218; 192.145.127.218; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
AN-X-Request-Uuid: 15389212-fa2b-4212-99c2-299da83b520a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 main.19.8.352.js Show response
static.adsafeprotected.com/ Frame F0B2 194 KB
60 KB 95ms
29ms Script
application/javascript 2600:9000:2491:e800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.352.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1083723/64080112/skeleton.js?ias_dspID=3&ias_campId=1008904056&ias_pubId=3251&ias_chanId=10&ias_placementId=18222201110&bidurl=norfolkdailynews.com&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jIip1QawwFoX1OLRwAUqHp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 16:51:38 GMT
content-encoding: gzip
age: 502587
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 16 Sep 2022 14:19:29 GMT
server: AmazonS3
etag: W/"067a9552174cd536b5cfa4275edeb714"
vary: Accept-Encoding
x-amz-version-id: FMIaS.d5OYtGezR2pElSzU33tDJuO5Hk
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P7
content-type: application/javascript
x-amz-cf-id: tBMu8OD7TwGKeKC4JZ0EXH8vLdzegF84D0LURs5eVv8fR3mimPW9Rg==

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame F0B2
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1083723/64080112/skeleton.js?ias_dspID=3&ias_campId=1008904056&ias_pubId=3251&ias_chanId=10&ias_placementId=18222201110&bidurl=norfolkdailynews.com&ias_dealId=...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

26ms
25ms

Script
application/javascript

2600:9000:2491:e800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: blank
URL: about:blank
Protocol: H2
Server: 2600:9000:2491:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
age: 18916201
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P7
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: _FH7F17reEfsnHzq5nw41vZPXKi1XG87_iZE6TMse4AXyNW4lQTjvQ==

Redirect headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:04 GMT
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 234D 91 KB
23 KB 28ms
28ms Script
application/javascript 2600:9000:2491:e800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: blank
URL: about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:e800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
content-encoding: gzip
age: 75108
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via: 1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P7
content-type: application/javascript
x-amz-cf-id: jyg-Y8dRUif34sGwug-nIeBdTpKkQE5F_2pUNT0SUB4qUt_JZT871g==

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 615ms
193ms Image
image/gif 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1083723&asId=dce20775-f162-1856-d3fa-6c447bb874fd&tv=%7Bc:oWH5v5,pingTime:-2,time:173,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:409,beZ:410,mfA:539,cmA:541,inA:541,inZ:545,prA:546,prZ:550,si:555,poA:556,poZ:570,cmZ:570,mfZ:570,loA:574,loZ:577,ltA:581,ltZ:581,mdA:410,mdZ:533%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:145%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:173,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:145,wc:0.0.1600.1200,ac:436.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B38~0%5D,as:%5B38~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:0,fm:tiajIeq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1083723-64080112%7C191%7C192,idMap:19*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:147,slid:%5BIL_SR_RESULT_CONTENT,IL_SR_AD_AREA,IL_INSEARCH%5D,sinceFw:25,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:05 GMT
x-server-name: dt06.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H/1.1 200
OK vevent
lax1-ib.adnxs-simple.com/ Frame F0B2 0
698 B 195ms
195ms Ping
text/html 104.254.150.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://lax1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=norfolkdailynews.com&e=wqT_3QKbC2ibBQAAAwDWAAUBCNOpsZkGEPziv5nXh6FOGP8RAVgBKjYJyY6NQLyujz8RK4arAyDuij8ZAAUBCBZAIRESACkRJNAxAAAAgBSu9z8woMLZCzizGUDXPUhlUIHmqLYBWNjrcWAAaMa4iwF4qoAGgAEBigEDVVNEkgUG9A0FmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABALICATDYAqRD4ALq-SXqAhRub3Jmb2xrZGFpbHluZXdzLmNvbYADAYgDAJADAJgDFKADAaoD0QYKnAZodHRwczovL2FkeC5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvYWR2aWV3P2FpPUNwM2tYMDFRc1k3X3pKOXFpNUxjUHA0Nkh5QWJfNEoybGJQdktnWUxWRUdRUUFTRG1sOVlsWVAyQ2tZVG9FYUFCZ3BpM293SElBUW1wQXE4VGlZNHBoTEEtcUFNQnlBT2JCS29FNndGUDBGRUJFeUhhUDRyWjFqcTRpSkV2VGFPalg4Y2VWY2JjYzZqajNFT2cxUVV5NFh5b1Y1U0ltUHlfbW5mbDFDSl9haWNXcGVOM3llMEI1R2xNLVR5bkpPLVJiS0hyaUhCLTdBRDUxTGxSYWdCV19sREtMN25NR1FaVTFVWDdCSnhMTEVwcWVDNGR6QXVrbWpnangwczZEXzVjY0dqb1R1R2pKMTZMbC1aNVF5OWVWbnY2Y0Q1djdyUWtrOEE5VWstbWdqaEF6blZDZUhPX3JDbW1XYlFIVWxOWHJCU2ZaanlVYVRZVlhzWno2Z0J0MHZnVFB0cW1MRlhtb3NkNUViQlQxZTUyYmpmQjFLd0pyd09oVS16X0pZR2FfX1ZkU3RyY0NWZmNjRUVoTHM4Q0lpM0Vjd3RuS0V1eHdBVHBsZDZraEFUZ0JBT0lCWmJ5Z3ZGRGtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVpNZ0FmbTU4amNBcWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0pFTzU0R09DM2k4NEIwZ2dSQ0lEaGdCQVFBUmdmTWdLcUFqb0NnRUR5Q0E1aWFXUmtaWEl0TlRrek9ESTRONEFLQk1nTEFiQVR4ZC03RU1nVC1NNks0UVBRRXdEWUV3MklGQVBZRkFIUUZRR0FGd0d5RndnS0JnZ0FFZ0FZQUEmc2lnaD1PN3FTVVR2X1ZLMCZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTQk9Sby1kVSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhE0NDA1NTQ5NTgyNzI1NTY3NiIJMzgyMzUwMDgxKgcxNTQ3ODQyOgk0MzIyMDA2NzLAA6wCyAMA2AO55y_gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xOTIuMTQ1LjEyNy4yMTCoBKwUsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBIHmqLYBiAUBmAUAoAXCxdr-iZXu2BSqBSpiOGIyYThkYi1iOWNkLTQ5MzYtYjc4YS0zOTgyOWMxMjdjMzV-ODgzfjHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXAGfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aa4atoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE4MjIyMjAxMTEwugcPCAAQABgAIAAwADiTJUAAyAeqgAbSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=a71fb0d3aaed12407b877fd3bcaa78018ac4f482&type=nv&nvt=5&jm=1003&px=436&py=1110&bw=728&bh=90&sid=4455121181478365861&vd=ct~0|rr~0&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=24535328&sw=1600&sh=1200&pw=1600&ph=4090&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/228/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 12:28:04 GMT
X-Proxy-Origin: 192.145.127.218; 192.145.127.218; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
AN-X-Request-Uuid: 3f265dc3-9743-4f85-a943-c52b974398c2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://norfolkdailynews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK runtime_9_23.min.js Show response
cdn.clinch.co/a_js/dispad/ Frame 2AD0 125 KB
36 KB 274ms
32ms Script
application/javascript 2a02:26f0:3500:18::1724:a289
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.clinch.co/a_js/dispad/runtime_9_23.min.js
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12376&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsu-B0dJWronLkROvoGXkZqBXFkY2zza3NcW8Tb-G9EehI1085GD7xmUiC6xY97HyRYYmooV345M_I_SdoFyKraN6D1F9DbZnZh9a9szogKCMByp0Mu0kGKOY5YTeZyECBOuNisFYV4UhcSE5aDz4uWwZlt4mgixDWo55slfEXfY5ElHiOixeCRH_DRkcfYsN5Ht1v5YJbR20a_DmZOlSZjtSa1J5owxAyAgHQ70IkX3o8ghY6joq_FSC19DYUbsLlC5uxY5bF6qLocfys9rofO1fSzJChkrWrofGCPMHRBLN9BiTgG9WDPbvpyf7Nz6_pAmIjW3OZLZV53AsBZPxktG-LuTCoOS5lJhO8PCN9cMzTRESV5JpacZntOfqwXOcbjJMBdCBTYJ-5MWdQ0qTbXtmnq1hqLgX-me87_Oi4nmIG0sBUFka3LcdPE-90fsdqYx7tTMRsA-RJOhcv_h9lH7OqfMsnpUiTP2pnuQpeSvvHUN8JEM_u-mAJtrOjvr_Hrt4kJF0XdsF7Juou73f-Rqvw0vpaKpqR3Vfdnw5FFcFPBG80WfJ0Mvn7FsEmSmIX_K10idrJRhGiRUHfESi5MQ2mp480Rp-_6rziX6gSkgKoHiby2BEP1aZluQAUH7l_Eq8HWgvX2PA4Qv8y63xX006FiaQLuQyMxBpDM4u4XweVo14rlLmtBJeW53xZlHjqHOI1CHCRMsKZGdQ4hGEJ8sgvru-55cpvIMM-UBzE8wAxw4dFuQJmWrtZwFFCYwGlWljPMvKURqhKNEC-wFHeTywX7yq-rLpV_OWNFatByz54GC2fmzBbbA1Ccob06176FxO4WTUFFYo_HRBLiGYIm-6TWMqVxfjI9iBBYCMC1XQcJEQPG8kHT401EU-n9tnTDZxt0t8CBBHQ-OdlikdK90z4hDKjyiFnQI7MJfC4vzF-35jgzepFOhDp5n88MYWZW3sXXjHVHu98RSY01I3YvWtKRnBqbLwIzh-g6nu1XKU5aq9IAeG5iBDrrLiwDH27EG5E7FiYEKMoixeNx__SecZb32Z397BjSXJT-BLVYDjWltxYap74cXfbSQisbXGDVKSVfUtfgP4ErvdpTS4NwOEL24UMCUJuWYI8UO5c3QRnsllqEQ2vJMk8_1MXp3bSuWCitZcK5QAkbZ_VXvQ68RsjVlw-1pkDM6xCAHnUrO_vLIg1lTvqI3W0-2xw_-Y2BuVXt7N7xf95TWY8Cwo9gDuLlCVX6dHB37Npec%26sai%3DAMfl-YQ3byEgP7PSUe47sdwOv3wmgUy762J0E1Zy7JgMVNTpKj-zk-3nAuh4JSLXE8-v8Sykl2SJHZ5DjhWdyFBySFTgoytCJ_RkF-mJxDNMStW5aMdHYEfsJZHI3MLEJ_J-Qic119ButBlMKG4%26sig%3DCg0ArKJSzC5aw8glT0BMEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Peugeot_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Drse28bixr%26kxadvertiserid%3D8241423%26kxcampaignid%3D28019146%26kxsiteid%3D7079041%26kxsitename%3DN755990.4162781DV360IT0%26kxplacementid%3D339647168%26kxadid%3D531542318%26kxcreativeid%3D174133431%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28019146%26si%3D7079041%26ci%3D174133431%26pi%3D339647168%26ad%3D531542318%26sv1%3D%5Bkeyword_id%5D%26advt%3D8241423%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%241008904056_18222201110_432200672%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.peugeot.it%2Facquista%2Fpromozioni%2Fsuv-3008-promozioni.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N755990.4162781DV360IT0/B28019146.339647168&dsp_c1=8241423&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=339647168&site_id=7079041&dsp_insertion_order_id=1008904056&dsp_ad_id=531542318&dsp_caid=18222201110&dsp_grid=&dsp_crid=174133431&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=632220414&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a289 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31e9224386ee43fc0e1efa90cf82a54b3ffd7a96b09da78ec101d1d645cc4e0d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://realtime.clinch.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 12:28:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
x-amz-request-id: PJGDM9KA658BAFVY
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 36058
x-amz-id-2: He/k+C7veolN4WTAwYc82BvNvWdeOz7sTFlSiv0ff41MbI269kXc1OUZpDHpthgCpfgPadtEjUI=
Last-Modified: Thu, 22 Sep 2022 10:17:00 GMT
Server: AmazonS3
ETag: "26d56ace53d875e7424ade21bbbb1207"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31535654
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Fri, 22 Sep 2023 12:22:19 GMT

GET
H/1.1 200
OK 728ax90_v9_u1826205465_es.js Show response
cdn.clinch.co/a_styles/2961/js/ Frame 2AD0 38 KB
24 KB 277ms
33ms Script
application/javascript 2a02:26f0:3500:18::1724:a289
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.clinch.co/a_styles/2961/js/728ax90_v9_u1826205465_es.js
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12376&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsu-B0dJWronLkROvoGXkZqBXFkY2zza3NcW8Tb-G9EehI1085GD7xmUiC6xY97HyRYYmooV345M_I_SdoFyKraN6D1F9DbZnZh9a9szogKCMByp0Mu0kGKOY5YTeZyECBOuNisFYV4UhcSE5aDz4uWwZlt4mgixDWo55slfEXfY5ElHiOixeCRH_DRkcfYsN5Ht1v5YJbR20a_DmZOlSZjtSa1J5owxAyAgHQ70IkX3o8ghY6joq_FSC19DYUbsLlC5uxY5bF6qLocfys9rofO1fSzJChkrWrofGCPMHRBLN9BiTgG9WDPbvpyf7Nz6_pAmIjW3OZLZV53AsBZPxktG-LuTCoOS5lJhO8PCN9cMzTRESV5JpacZntOfqwXOcbjJMBdCBTYJ-5MWdQ0qTbXtmnq1hqLgX-me87_Oi4nmIG0sBUFka3LcdPE-90fsdqYx7tTMRsA-RJOhcv_h9lH7OqfMsnpUiTP2pnuQpeSvvHUN8JEM_u-mAJtrOjvr_Hrt4kJF0XdsF7Juou73f-Rqvw0vpaKpqR3Vfdnw5FFcFPBG80WfJ0Mvn7FsEmSmIX_K10idrJRhGiRUHfESi5MQ2mp480Rp-_6rziX6gSkgKoHiby2BEP1aZluQAUH7l_Eq8HWgvX2PA4Qv8y63xX006FiaQLuQyMxBpDM4u4XweVo14rlLmtBJeW53xZlHjqHOI1CHCRMsKZGdQ4hGEJ8sgvru-55cpvIMM-UBzE8wAxw4dFuQJmWrtZwFFCYwGlWljPMvKURqhKNEC-wFHeTywX7yq-rLpV_OWNFatByz54GC2fmzBbbA1Ccob06176FxO4WTUFFYo_HRBLiGYIm-6TWMqVxfjI9iBBYCMC1XQcJEQPG8kHT401EU-n9tnTDZxt0t8CBBHQ-OdlikdK90z4hDKjyiFnQI7MJfC4vzF-35jgzepFOhDp5n88MYWZW3sXXjHVHu98RSY01I3YvWtKRnBqbLwIzh-g6nu1XKU5aq9IAeG5iBDrrLiwDH27EG5E7FiYEKMoixeNx__SecZb32Z397BjSXJT-BLVYDjWltxYap74cXfbSQisbXGDVKSVfUtfgP4ErvdpTS4NwOEL24UMCUJuWYI8UO5c3QRnsllqEQ2vJMk8_1MXp3bSuWCitZcK5QAkbZ_VXvQ68RsjVlw-1pkDM6xCAHnUrO_vLIg1lTvqI3W0-2xw_-Y2BuVXt7N7xf95TWY8Cwo9gDuLlCVX6dHB37Npec%26sai%3DAMfl-YQ3byEgP7PSUe47sdwOv3wmgUy762J0E1Zy7JgMVNTpKj-zk-3nAuh4JSLXE8-v8Sykl2SJHZ5DjhWdyFBySFTgoytCJ_RkF-mJxDNMStW5aMdHYEfsJZHI3MLEJ_J-Qic119ButBlMKG4%26sig%3DCg0ArKJSzC5aw8glT0BMEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Peugeot_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Drse28bixr%26kxadvertiserid%3D8241423%26kxcampaignid%3D28019146%26kxsiteid%3D7079041%26kxsitename%3DN755990.4162781DV360IT0%26kxplacementid%3D339647168%26kxadid%3D531542318%26kxcreativeid%3D174133431%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28019146%26si%3D7079041%26ci%3D174133431%26pi%3D339647168%26ad%3D531542318%26sv1%3D%5Bkeyword_id%5D%26advt%3D8241423%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%241008904056_18222201110_432200672%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.peugeot.it%2Facquista%2Fpromozioni%2Fsuv-3008-promozioni.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N755990.4162781DV360IT0/B28019146.339647168&dsp_c1=8241423&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=339647168&site_id=7079041&dsp_insertion_order_id=1008904056&dsp_ad_id=531542318&dsp_caid=18222201110&dsp_grid=&dsp_crid=174133431&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=632220414&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a289 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5f178a1d5939940ddfb161505c68ff2d889fafe8bbf45bcd87a4822086d9dcf7

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://realtime.clinch.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 12:28:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
x-amz-request-id: ZQB16RZWWGB1V00K
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 23921
x-amz-id-2: zpqZYmCMNYqQhhSga8XN6HVmKmgZt02x4Sxmu7SyKOqp+IGFtXHJbh5KDHogdESysUGNsQIJ8Pk=
Last-Modified: Wed, 12 Jan 2022 10:08:07 GMT
Server: AmazonS3
ETag: "5c63b371fdec34d64916edca24030f5d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=24875880
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Fri, 07 Jul 2023 10:26:05 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 273ms
195ms Image
image/gif 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1083723&asId=dce20775-f162-1856-d3fa-6c447bb874fd&tv=%7Bc:oWH5AB,pingTime:-10,time:515,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1663849685049%7C%7C50457beb1eb168fda95a9e8c8b5b2f45%7C%7Ca6d005963b3621e7f0de2da18354c282%7C%7C55e94e8208f769b406e78ffb992b1348%7C%7C9c08b629e6b61d4f1eeae847009660ac%7C%7C57883cc90f69f0b8c454cd6abe08b58c%7C%7C96e4247f80d7d5cf52a0e8ffa2148a23%7C%7Cb13e065a8863243db8920e109fac17d0%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:05 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
DATA 200
OK truncated
/ Frame 2AD0 10 KB
10 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f2f7ec7e6c13947469149f5781fbb718cf0d59684268199fe4bd956bcc32fa5

Request headers

Referer
Origin: https://realtime.clinch.co
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 2AD0 10 KB
10 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb3c7d3adbedfa086733490833246af98da5609818aae073b900be856d7df1aa

Request headers

Referer
Origin: https://realtime.clinch.co
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H/1.1 200
OK /
img-cdn.clinch.co/img2/uda841/728/90/3/0a0a0a0/ Frame 2AD0 2 KB
2 KB 274ms
26ms Image
image/webp 2a02:26f0:3500:c::5c7b:6821
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-cdn.clinch.co/img2/uda841/728/90/3/0a0a0a0/?u=%2F%2Fcdn.clinch.co%2Fa_styles%2F2961%2F728a90%2Fassets%2Flogo-white-728x90_1641982069933_compressed.png
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12376&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsu-B0dJWronLkROvoGXkZqBXFkY2zza3NcW8Tb-G9EehI1085GD7xmUiC6xY97HyRYYmooV345M_I_SdoFyKraN6D1F9DbZnZh9a9szogKCMByp0Mu0kGKOY5YTeZyECBOuNisFYV4UhcSE5aDz4uWwZlt4mgixDWo55slfEXfY5ElHiOixeCRH_DRkcfYsN5Ht1v5YJbR20a_DmZOlSZjtSa1J5owxAyAgHQ70IkX3o8ghY6joq_FSC19DYUbsLlC5uxY5bF6qLocfys9rofO1fSzJChkrWrofGCPMHRBLN9BiTgG9WDPbvpyf7Nz6_pAmIjW3OZLZV53AsBZPxktG-LuTCoOS5lJhO8PCN9cMzTRESV5JpacZntOfqwXOcbjJMBdCBTYJ-5MWdQ0qTbXtmnq1hqLgX-me87_Oi4nmIG0sBUFka3LcdPE-90fsdqYx7tTMRsA-RJOhcv_h9lH7OqfMsnpUiTP2pnuQpeSvvHUN8JEM_u-mAJtrOjvr_Hrt4kJF0XdsF7Juou73f-Rqvw0vpaKpqR3Vfdnw5FFcFPBG80WfJ0Mvn7FsEmSmIX_K10idrJRhGiRUHfESi5MQ2mp480Rp-_6rziX6gSkgKoHiby2BEP1aZluQAUH7l_Eq8HWgvX2PA4Qv8y63xX006FiaQLuQyMxBpDM4u4XweVo14rlLmtBJeW53xZlHjqHOI1CHCRMsKZGdQ4hGEJ8sgvru-55cpvIMM-UBzE8wAxw4dFuQJmWrtZwFFCYwGlWljPMvKURqhKNEC-wFHeTywX7yq-rLpV_OWNFatByz54GC2fmzBbbA1Ccob06176FxO4WTUFFYo_HRBLiGYIm-6TWMqVxfjI9iBBYCMC1XQcJEQPG8kHT401EU-n9tnTDZxt0t8CBBHQ-OdlikdK90z4hDKjyiFnQI7MJfC4vzF-35jgzepFOhDp5n88MYWZW3sXXjHVHu98RSY01I3YvWtKRnBqbLwIzh-g6nu1XKU5aq9IAeG5iBDrrLiwDH27EG5E7FiYEKMoixeNx__SecZb32Z397BjSXJT-BLVYDjWltxYap74cXfbSQisbXGDVKSVfUtfgP4ErvdpTS4NwOEL24UMCUJuWYI8UO5c3QRnsllqEQ2vJMk8_1MXp3bSuWCitZcK5QAkbZ_VXvQ68RsjVlw-1pkDM6xCAHnUrO_vLIg1lTvqI3W0-2xw_-Y2BuVXt7N7xf95TWY8Cwo9gDuLlCVX6dHB37Npec%26sai%3DAMfl-YQ3byEgP7PSUe47sdwOv3wmgUy762J0E1Zy7JgMVNTpKj-zk-3nAuh4JSLXE8-v8Sykl2SJHZ5DjhWdyFBySFTgoytCJ_RkF-mJxDNMStW5aMdHYEfsJZHI3MLEJ_J-Qic119ButBlMKG4%26sig%3DCg0ArKJSzC5aw8glT0BMEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Peugeot_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Drse28bixr%26kxadvertiserid%3D8241423%26kxcampaignid%3D28019146%26kxsiteid%3D7079041%26kxsitename%3DN755990.4162781DV360IT0%26kxplacementid%3D339647168%26kxadid%3D531542318%26kxcreativeid%3D174133431%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28019146%26si%3D7079041%26ci%3D174133431%26pi%3D339647168%26ad%3D531542318%26sv1%3D%5Bkeyword_id%5D%26advt%3D8241423%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%241008904056_18222201110_432200672%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.peugeot.it%2Facquista%2Fpromozioni%2Fsuv-3008-promozioni.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N755990.4162781DV360IT0/B28019146.339647168&dsp_c1=8241423&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=339647168&site_id=7079041&dsp_insertion_order_id=1008904056&dsp_ad_id=531542318&dsp_caid=18222201110&dsp_grid=&dsp_crid=174133431&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=632220414&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6821 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: clinch /
Resource Hash: 62a3aa3ee7accd2882e5d7a6f948a14de9814ee6bb2cb68179a2685ea70a564d

Request headers

Referer: https://realtime.clinch.co/
Origin: https://realtime.clinch.co
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 12:28:05 GMT
Server: clinch
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=680833
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 1606

GET
H/1.1 200
OK /
img-cdn.clinch.co/img2/uda841/728/90/3/0a0a0a0/ Frame 2AD0 2 KB
3 KB 280ms
29ms Image
image/webp 2a02:26f0:3500:c::5c7b:6821
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-cdn.clinch.co/img2/uda841/728/90/3/0a0a0a0/?u=%2F%2Fcdn.clinch.co%2Fa_styles%2F2961%2F728a90%2Fassets%2Flogo-black-728x90_1641982069934_compressed.png
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12376&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsu-B0dJWronLkROvoGXkZqBXFkY2zza3NcW8Tb-G9EehI1085GD7xmUiC6xY97HyRYYmooV345M_I_SdoFyKraN6D1F9DbZnZh9a9szogKCMByp0Mu0kGKOY5YTeZyECBOuNisFYV4UhcSE5aDz4uWwZlt4mgixDWo55slfEXfY5ElHiOixeCRH_DRkcfYsN5Ht1v5YJbR20a_DmZOlSZjtSa1J5owxAyAgHQ70IkX3o8ghY6joq_FSC19DYUbsLlC5uxY5bF6qLocfys9rofO1fSzJChkrWrofGCPMHRBLN9BiTgG9WDPbvpyf7Nz6_pAmIjW3OZLZV53AsBZPxktG-LuTCoOS5lJhO8PCN9cMzTRESV5JpacZntOfqwXOcbjJMBdCBTYJ-5MWdQ0qTbXtmnq1hqLgX-me87_Oi4nmIG0sBUFka3LcdPE-90fsdqYx7tTMRsA-RJOhcv_h9lH7OqfMsnpUiTP2pnuQpeSvvHUN8JEM_u-mAJtrOjvr_Hrt4kJF0XdsF7Juou73f-Rqvw0vpaKpqR3Vfdnw5FFcFPBG80WfJ0Mvn7FsEmSmIX_K10idrJRhGiRUHfESi5MQ2mp480Rp-_6rziX6gSkgKoHiby2BEP1aZluQAUH7l_Eq8HWgvX2PA4Qv8y63xX006FiaQLuQyMxBpDM4u4XweVo14rlLmtBJeW53xZlHjqHOI1CHCRMsKZGdQ4hGEJ8sgvru-55cpvIMM-UBzE8wAxw4dFuQJmWrtZwFFCYwGlWljPMvKURqhKNEC-wFHeTywX7yq-rLpV_OWNFatByz54GC2fmzBbbA1Ccob06176FxO4WTUFFYo_HRBLiGYIm-6TWMqVxfjI9iBBYCMC1XQcJEQPG8kHT401EU-n9tnTDZxt0t8CBBHQ-OdlikdK90z4hDKjyiFnQI7MJfC4vzF-35jgzepFOhDp5n88MYWZW3sXXjHVHu98RSY01I3YvWtKRnBqbLwIzh-g6nu1XKU5aq9IAeG5iBDrrLiwDH27EG5E7FiYEKMoixeNx__SecZb32Z397BjSXJT-BLVYDjWltxYap74cXfbSQisbXGDVKSVfUtfgP4ErvdpTS4NwOEL24UMCUJuWYI8UO5c3QRnsllqEQ2vJMk8_1MXp3bSuWCitZcK5QAkbZ_VXvQ68RsjVlw-1pkDM6xCAHnUrO_vLIg1lTvqI3W0-2xw_-Y2BuVXt7N7xf95TWY8Cwo9gDuLlCVX6dHB37Npec%26sai%3DAMfl-YQ3byEgP7PSUe47sdwOv3wmgUy762J0E1Zy7JgMVNTpKj-zk-3nAuh4JSLXE8-v8Sykl2SJHZ5DjhWdyFBySFTgoytCJ_RkF-mJxDNMStW5aMdHYEfsJZHI3MLEJ_J-Qic119ButBlMKG4%26sig%3DCg0ArKJSzC5aw8glT0BMEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Peugeot_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Drse28bixr%26kxadvertiserid%3D8241423%26kxcampaignid%3D28019146%26kxsiteid%3D7079041%26kxsitename%3DN755990.4162781DV360IT0%26kxplacementid%3D339647168%26kxadid%3D531542318%26kxcreativeid%3D174133431%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28019146%26si%3D7079041%26ci%3D174133431%26pi%3D339647168%26ad%3D531542318%26sv1%3D%5Bkeyword_id%5D%26advt%3D8241423%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%241008904056_18222201110_432200672%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.peugeot.it%2Facquista%2Fpromozioni%2Fsuv-3008-promozioni.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N755990.4162781DV360IT0/B28019146.339647168&dsp_c1=8241423&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=339647168&site_id=7079041&dsp_insertion_order_id=1008904056&dsp_ad_id=531542318&dsp_caid=18222201110&dsp_grid=&dsp_crid=174133431&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=632220414&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6821 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: clinch /
Resource Hash: 1de35b83b2882e180ea46e4fea6710eb16bffba5a0e21170de9f520b64af0818

Request headers

Referer: https://realtime.clinch.co/
Origin: https://realtime.clinch.co
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 12:28:05 GMT
Server: clinch
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=674533
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2354

GET
H/1.1 200
OK 63786643862791.jpg
cdn.clinch.co/a_client_styles/26755/ Frame 2AD0 8 KB
8 KB 77ms
26ms Image
image/jpeg 2a02:26f0:3500:18::1724:a289
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clinch.co/a_client_styles/26755/63786643862791.jpg
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12376&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsu-B0dJWronLkROvoGXkZqBXFkY2zza3NcW8Tb-G9EehI1085GD7xmUiC6xY97HyRYYmooV345M_I_SdoFyKraN6D1F9DbZnZh9a9szogKCMByp0Mu0kGKOY5YTeZyECBOuNisFYV4UhcSE5aDz4uWwZlt4mgixDWo55slfEXfY5ElHiOixeCRH_DRkcfYsN5Ht1v5YJbR20a_DmZOlSZjtSa1J5owxAyAgHQ70IkX3o8ghY6joq_FSC19DYUbsLlC5uxY5bF6qLocfys9rofO1fSzJChkrWrofGCPMHRBLN9BiTgG9WDPbvpyf7Nz6_pAmIjW3OZLZV53AsBZPxktG-LuTCoOS5lJhO8PCN9cMzTRESV5JpacZntOfqwXOcbjJMBdCBTYJ-5MWdQ0qTbXtmnq1hqLgX-me87_Oi4nmIG0sBUFka3LcdPE-90fsdqYx7tTMRsA-RJOhcv_h9lH7OqfMsnpUiTP2pnuQpeSvvHUN8JEM_u-mAJtrOjvr_Hrt4kJF0XdsF7Juou73f-Rqvw0vpaKpqR3Vfdnw5FFcFPBG80WfJ0Mvn7FsEmSmIX_K10idrJRhGiRUHfESi5MQ2mp480Rp-_6rziX6gSkgKoHiby2BEP1aZluQAUH7l_Eq8HWgvX2PA4Qv8y63xX006FiaQLuQyMxBpDM4u4XweVo14rlLmtBJeW53xZlHjqHOI1CHCRMsKZGdQ4hGEJ8sgvru-55cpvIMM-UBzE8wAxw4dFuQJmWrtZwFFCYwGlWljPMvKURqhKNEC-wFHeTywX7yq-rLpV_OWNFatByz54GC2fmzBbbA1Ccob06176FxO4WTUFFYo_HRBLiGYIm-6TWMqVxfjI9iBBYCMC1XQcJEQPG8kHT401EU-n9tnTDZxt0t8CBBHQ-OdlikdK90z4hDKjyiFnQI7MJfC4vzF-35jgzepFOhDp5n88MYWZW3sXXjHVHu98RSY01I3YvWtKRnBqbLwIzh-g6nu1XKU5aq9IAeG5iBDrrLiwDH27EG5E7FiYEKMoixeNx__SecZb32Z397BjSXJT-BLVYDjWltxYap74cXfbSQisbXGDVKSVfUtfgP4ErvdpTS4NwOEL24UMCUJuWYI8UO5c3QRnsllqEQ2vJMk8_1MXp3bSuWCitZcK5QAkbZ_VXvQ68RsjVlw-1pkDM6xCAHnUrO_vLIg1lTvqI3W0-2xw_-Y2BuVXt7N7xf95TWY8Cwo9gDuLlCVX6dHB37Npec%26sai%3DAMfl-YQ3byEgP7PSUe47sdwOv3wmgUy762J0E1Zy7JgMVNTpKj-zk-3nAuh4JSLXE8-v8Sykl2SJHZ5DjhWdyFBySFTgoytCJ_RkF-mJxDNMStW5aMdHYEfsJZHI3MLEJ_J-Qic119ButBlMKG4%26sig%3DCg0ArKJSzC5aw8glT0BMEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Peugeot_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Drse28bixr%26kxadvertiserid%3D8241423%26kxcampaignid%3D28019146%26kxsiteid%3D7079041%26kxsitename%3DN755990.4162781DV360IT0%26kxplacementid%3D339647168%26kxadid%3D531542318%26kxcreativeid%3D174133431%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28019146%26si%3D7079041%26ci%3D174133431%26pi%3D339647168%26ad%3D531542318%26sv1%3D%5Bkeyword_id%5D%26advt%3D8241423%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%241008904056_18222201110_432200672%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.peugeot.it%2Facquista%2Fpromozioni%2Fsuv-3008-promozioni.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N755990.4162781DV360IT0/B28019146.339647168&dsp_c1=8241423&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=339647168&site_id=7079041&dsp_insertion_order_id=1008904056&dsp_ad_id=531542318&dsp_caid=18222201110&dsp_grid=&dsp_crid=174133431&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=632220414&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a289 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a107f57a1f45f6448e7339d702adafb6631a0e9e2ea3d5a9a0dbc8eb6e9bbb63

Request headers

Referer: https://realtime.clinch.co/
Origin: https://realtime.clinch.co
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 12:28:05 GMT
x-amz-request-id: 04GVSW21HNT081S1
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 7791
x-amz-id-2: 7iOVbrv41TrRRQDQaVMENB3ASeK1ihDH+k3Zv69CIJeNdG9vid462p3x3UqWXJeoMIBbikUHXaA=
Last-Modified: Wed, 27 Apr 2022 08:11:04 GMT
Server: AmazonS3
ETag: "da2b93c21babb08d3d3abe2cb30e53c0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=26834281
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Sun, 30 Jul 2023 02:26:06 GMT

GET
H/1.1 200
OK 63786643857841.jpg
cdn.clinch.co/a_client_styles/26755/ Frame 2AD0 14 KB
15 KB 84ms
29ms Image
image/jpeg 2a02:26f0:3500:18::1724:a289
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clinch.co/a_client_styles/26755/63786643857841.jpg
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12376&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsu-B0dJWronLkROvoGXkZqBXFkY2zza3NcW8Tb-G9EehI1085GD7xmUiC6xY97HyRYYmooV345M_I_SdoFyKraN6D1F9DbZnZh9a9szogKCMByp0Mu0kGKOY5YTeZyECBOuNisFYV4UhcSE5aDz4uWwZlt4mgixDWo55slfEXfY5ElHiOixeCRH_DRkcfYsN5Ht1v5YJbR20a_DmZOlSZjtSa1J5owxAyAgHQ70IkX3o8ghY6joq_FSC19DYUbsLlC5uxY5bF6qLocfys9rofO1fSzJChkrWrofGCPMHRBLN9BiTgG9WDPbvpyf7Nz6_pAmIjW3OZLZV53AsBZPxktG-LuTCoOS5lJhO8PCN9cMzTRESV5JpacZntOfqwXOcbjJMBdCBTYJ-5MWdQ0qTbXtmnq1hqLgX-me87_Oi4nmIG0sBUFka3LcdPE-90fsdqYx7tTMRsA-RJOhcv_h9lH7OqfMsnpUiTP2pnuQpeSvvHUN8JEM_u-mAJtrOjvr_Hrt4kJF0XdsF7Juou73f-Rqvw0vpaKpqR3Vfdnw5FFcFPBG80WfJ0Mvn7FsEmSmIX_K10idrJRhGiRUHfESi5MQ2mp480Rp-_6rziX6gSkgKoHiby2BEP1aZluQAUH7l_Eq8HWgvX2PA4Qv8y63xX006FiaQLuQyMxBpDM4u4XweVo14rlLmtBJeW53xZlHjqHOI1CHCRMsKZGdQ4hGEJ8sgvru-55cpvIMM-UBzE8wAxw4dFuQJmWrtZwFFCYwGlWljPMvKURqhKNEC-wFHeTywX7yq-rLpV_OWNFatByz54GC2fmzBbbA1Ccob06176FxO4WTUFFYo_HRBLiGYIm-6TWMqVxfjI9iBBYCMC1XQcJEQPG8kHT401EU-n9tnTDZxt0t8CBBHQ-OdlikdK90z4hDKjyiFnQI7MJfC4vzF-35jgzepFOhDp5n88MYWZW3sXXjHVHu98RSY01I3YvWtKRnBqbLwIzh-g6nu1XKU5aq9IAeG5iBDrrLiwDH27EG5E7FiYEKMoixeNx__SecZb32Z397BjSXJT-BLVYDjWltxYap74cXfbSQisbXGDVKSVfUtfgP4ErvdpTS4NwOEL24UMCUJuWYI8UO5c3QRnsllqEQ2vJMk8_1MXp3bSuWCitZcK5QAkbZ_VXvQ68RsjVlw-1pkDM6xCAHnUrO_vLIg1lTvqI3W0-2xw_-Y2BuVXt7N7xf95TWY8Cwo9gDuLlCVX6dHB37Npec%26sai%3DAMfl-YQ3byEgP7PSUe47sdwOv3wmgUy762J0E1Zy7JgMVNTpKj-zk-3nAuh4JSLXE8-v8Sykl2SJHZ5DjhWdyFBySFTgoytCJ_RkF-mJxDNMStW5aMdHYEfsJZHI3MLEJ_J-Qic119ButBlMKG4%26sig%3DCg0ArKJSzC5aw8glT0BMEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Peugeot_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Drse28bixr%26kxadvertiserid%3D8241423%26kxcampaignid%3D28019146%26kxsiteid%3D7079041%26kxsitename%3DN755990.4162781DV360IT0%26kxplacementid%3D339647168%26kxadid%3D531542318%26kxcreativeid%3D174133431%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28019146%26si%3D7079041%26ci%3D174133431%26pi%3D339647168%26ad%3D531542318%26sv1%3D%5Bkeyword_id%5D%26advt%3D8241423%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%241008904056_18222201110_432200672%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.peugeot.it%2Facquista%2Fpromozioni%2Fsuv-3008-promozioni.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N755990.4162781DV360IT0/B28019146.339647168&dsp_c1=8241423&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=339647168&site_id=7079041&dsp_insertion_order_id=1008904056&dsp_ad_id=531542318&dsp_caid=18222201110&dsp_grid=&dsp_crid=174133431&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=632220414&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a289 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b6759e00f05f7909419726231366ececdd73c5b870e61d033f407b268dbf748

Request headers

Referer: https://realtime.clinch.co/
Origin: https://realtime.clinch.co
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 12:28:05 GMT
x-amz-request-id: BD9WFCV2Z8JCNKX0
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 14277
x-amz-id-2: pe+1Wu1V+Oye4dQDjHncMvSyMqfH+t8PzfNBmU9uv50vZYCJ2kIvsjEtPU+P6w1BXjPXQIt0D1A=
Last-Modified: Wed, 27 Apr 2022 08:10:59 GMT
Server: AmazonS3
ETag: "cab619e886c191ef21308b2205ece15d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=30176285
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Wed, 06 Sep 2023 18:46:10 GMT

GET
H/1.1 200
OK 63786643852373.jpg
cdn.clinch.co/a_client_styles/26755/ Frame 2AD0 8 KB
8 KB 83ms
28ms Image
image/jpeg 2a02:26f0:3500:18::1724:a289
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.clinch.co/a_client_styles/26755/63786643852373.jpg
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12376&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsu-B0dJWronLkROvoGXkZqBXFkY2zza3NcW8Tb-G9EehI1085GD7xmUiC6xY97HyRYYmooV345M_I_SdoFyKraN6D1F9DbZnZh9a9szogKCMByp0Mu0kGKOY5YTeZyECBOuNisFYV4UhcSE5aDz4uWwZlt4mgixDWo55slfEXfY5ElHiOixeCRH_DRkcfYsN5Ht1v5YJbR20a_DmZOlSZjtSa1J5owxAyAgHQ70IkX3o8ghY6joq_FSC19DYUbsLlC5uxY5bF6qLocfys9rofO1fSzJChkrWrofGCPMHRBLN9BiTgG9WDPbvpyf7Nz6_pAmIjW3OZLZV53AsBZPxktG-LuTCoOS5lJhO8PCN9cMzTRESV5JpacZntOfqwXOcbjJMBdCBTYJ-5MWdQ0qTbXtmnq1hqLgX-me87_Oi4nmIG0sBUFka3LcdPE-90fsdqYx7tTMRsA-RJOhcv_h9lH7OqfMsnpUiTP2pnuQpeSvvHUN8JEM_u-mAJtrOjvr_Hrt4kJF0XdsF7Juou73f-Rqvw0vpaKpqR3Vfdnw5FFcFPBG80WfJ0Mvn7FsEmSmIX_K10idrJRhGiRUHfESi5MQ2mp480Rp-_6rziX6gSkgKoHiby2BEP1aZluQAUH7l_Eq8HWgvX2PA4Qv8y63xX006FiaQLuQyMxBpDM4u4XweVo14rlLmtBJeW53xZlHjqHOI1CHCRMsKZGdQ4hGEJ8sgvru-55cpvIMM-UBzE8wAxw4dFuQJmWrtZwFFCYwGlWljPMvKURqhKNEC-wFHeTywX7yq-rLpV_OWNFatByz54GC2fmzBbbA1Ccob06176FxO4WTUFFYo_HRBLiGYIm-6TWMqVxfjI9iBBYCMC1XQcJEQPG8kHT401EU-n9tnTDZxt0t8CBBHQ-OdlikdK90z4hDKjyiFnQI7MJfC4vzF-35jgzepFOhDp5n88MYWZW3sXXjHVHu98RSY01I3YvWtKRnBqbLwIzh-g6nu1XKU5aq9IAeG5iBDrrLiwDH27EG5E7FiYEKMoixeNx__SecZb32Z397BjSXJT-BLVYDjWltxYap74cXfbSQisbXGDVKSVfUtfgP4ErvdpTS4NwOEL24UMCUJuWYI8UO5c3QRnsllqEQ2vJMk8_1MXp3bSuWCitZcK5QAkbZ_VXvQ68RsjVlw-1pkDM6xCAHnUrO_vLIg1lTvqI3W0-2xw_-Y2BuVXt7N7xf95TWY8Cwo9gDuLlCVX6dHB37Npec%26sai%3DAMfl-YQ3byEgP7PSUe47sdwOv3wmgUy762J0E1Zy7JgMVNTpKj-zk-3nAuh4JSLXE8-v8Sykl2SJHZ5DjhWdyFBySFTgoytCJ_RkF-mJxDNMStW5aMdHYEfsJZHI3MLEJ_J-Qic119ButBlMKG4%26sig%3DCg0ArKJSzC5aw8glT0BMEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Peugeot_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Drse28bixr%26kxadvertiserid%3D8241423%26kxcampaignid%3D28019146%26kxsiteid%3D7079041%26kxsitename%3DN755990.4162781DV360IT0%26kxplacementid%3D339647168%26kxadid%3D531542318%26kxcreativeid%3D174133431%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28019146%26si%3D7079041%26ci%3D174133431%26pi%3D339647168%26ad%3D531542318%26sv1%3D%5Bkeyword_id%5D%26advt%3D8241423%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%241008904056_18222201110_432200672%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.peugeot.it%2Facquista%2Fpromozioni%2Fsuv-3008-promozioni.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N755990.4162781DV360IT0/B28019146.339647168&dsp_c1=8241423&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=339647168&site_id=7079041&dsp_insertion_order_id=1008904056&dsp_ad_id=531542318&dsp_caid=18222201110&dsp_grid=&dsp_crid=174133431&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=632220414&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:18::1724:a289 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a107f57a1f45f6448e7339d702adafb6631a0e9e2ea3d5a9a0dbc8eb6e9bbb63

Request headers

Referer: https://realtime.clinch.co/
Origin: https://realtime.clinch.co
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Thu, 22 Sep 2022 12:28:05 GMT
x-amz-request-id: 04GZQJE5HDYPG250
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 7791
x-amz-id-2: V8kMoLEJazDBCTroowpbBCmn4I3Q0YnWXkGyAx5haDEDdx3Bu0VcvRneSXSAohsNCtWenNTc4Tg=
Last-Modified: Wed, 27 Apr 2022 08:10:56 GMT
Server: AmazonS3
ETag: "da2b93c21babb08d3d3abe2cb30e53c0"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=26834251
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Sun, 30 Jul 2023 02:25:36 GMT

GET
H2 200 imp
trk.clinch.co/ Frame 2AD0 43 B
219 B 358ms
113ms Image
image/gif 44.205.50.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.clinch.co/imp?cid=uda841&caid=12376&caversid=8877&frmt=728a90&csid=22724&dsp=cm360_p1&plcid=Peugeot_IT_Programmatic_DV360&plc=203419&iid=7bc0ea79-3450-42d0-b309-b8b62e3cc888&env=web&fcpath=lJICG5IPAZIQAZIpwA&prd=Ecommerce&ids=Peugeot_Italy_3008_Suspect%26Anonymous_Promo&isrc=topItems&issrc=3008_-_Suspect_&_Anonymous&feed=2427&tilid=5102&lpsrc=DSP&locsrc=Ip2LocDb&locsrcs=3533550333&dspiid=rnd-632220414&dsp_caid=18222201110&dsp_ad_id=531542318&dsp_pub_id=DV360&domain=7079041&dsp_plc_id=339647168&dsp_insertion_order_id=1008904056&dsp_crid=174133431&dsp_c0=[keyword_id]&dsp_c2=bleclick.net/ddm/adj/N755990.4162781DV360IT0/B28019146.339647168&dsp_c1=8241423&dsp_dma=0&ct=IT&city=7980&st=NA&stName=Napoli&zip=20153&isp=m247%20europe%20srl&contype=2&tc=1,0000000000,00,,&a=1663849685093
Requested by: Host: realtime.clinch.co
URL: https://realtime.clinch.co/video/player_v1/player?cid=uda841&caid=12376&format=_728ax90a&clkUrl=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsu-B0dJWronLkROvoGXkZqBXFkY2zza3NcW8Tb-G9EehI1085GD7xmUiC6xY97HyRYYmooV345M_I_SdoFyKraN6D1F9DbZnZh9a9szogKCMByp0Mu0kGKOY5YTeZyECBOuNisFYV4UhcSE5aDz4uWwZlt4mgixDWo55slfEXfY5ElHiOixeCRH_DRkcfYsN5Ht1v5YJbR20a_DmZOlSZjtSa1J5owxAyAgHQ70IkX3o8ghY6joq_FSC19DYUbsLlC5uxY5bF6qLocfys9rofO1fSzJChkrWrofGCPMHRBLN9BiTgG9WDPbvpyf7Nz6_pAmIjW3OZLZV53AsBZPxktG-LuTCoOS5lJhO8PCN9cMzTRESV5JpacZntOfqwXOcbjJMBdCBTYJ-5MWdQ0qTbXtmnq1hqLgX-me87_Oi4nmIG0sBUFka3LcdPE-90fsdqYx7tTMRsA-RJOhcv_h9lH7OqfMsnpUiTP2pnuQpeSvvHUN8JEM_u-mAJtrOjvr_Hrt4kJF0XdsF7Juou73f-Rqvw0vpaKpqR3Vfdnw5FFcFPBG80WfJ0Mvn7FsEmSmIX_K10idrJRhGiRUHfESi5MQ2mp480Rp-_6rziX6gSkgKoHiby2BEP1aZluQAUH7l_Eq8HWgvX2PA4Qv8y63xX006FiaQLuQyMxBpDM4u4XweVo14rlLmtBJeW53xZlHjqHOI1CHCRMsKZGdQ4hGEJ8sgvru-55cpvIMM-UBzE8wAxw4dFuQJmWrtZwFFCYwGlWljPMvKURqhKNEC-wFHeTywX7yq-rLpV_OWNFatByz54GC2fmzBbbA1Ccob06176FxO4WTUFFYo_HRBLiGYIm-6TWMqVxfjI9iBBYCMC1XQcJEQPG8kHT401EU-n9tnTDZxt0t8CBBHQ-OdlikdK90z4hDKjyiFnQI7MJfC4vzF-35jgzepFOhDp5n88MYWZW3sXXjHVHu98RSY01I3YvWtKRnBqbLwIzh-g6nu1XKU5aq9IAeG5iBDrrLiwDH27EG5E7FiYEKMoixeNx__SecZb32Z397BjSXJT-BLVYDjWltxYap74cXfbSQisbXGDVKSVfUtfgP4ErvdpTS4NwOEL24UMCUJuWYI8UO5c3QRnsllqEQ2vJMk8_1MXp3bSuWCitZcK5QAkbZ_VXvQ68RsjVlw-1pkDM6xCAHnUrO_vLIg1lTvqI3W0-2xw_-Y2BuVXt7N7xf95TWY8Cwo9gDuLlCVX6dHB37Npec%26sai%3DAMfl-YQ3byEgP7PSUe47sdwOv3wmgUy762J0E1Zy7JgMVNTpKj-zk-3nAuh4JSLXE8-v8Sykl2SJHZ5DjhWdyFBySFTgoytCJ_RkF-mJxDNMStW5aMdHYEfsJZHI3MLEJ_J-Qic119ButBlMKG4%26sig%3DCg0ArKJSzC5aw8glT0BMEAE%26cry%3D1%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&clkenclvl=&dsp=cm360_p1&plcId=Peugeot_IT_Programmatic_DV360&dsp_lp=https%3A%2F%2Fapiservices.krxd.net%2Fclick_tracker%2Ftrack%3Fkxconfid%3Drse28bixr%26kxadvertiserid%3D8241423%26kxcampaignid%3D28019146%26kxsiteid%3D7079041%26kxsitename%3DN755990.4162781DV360IT0%26kxplacementid%3D339647168%26kxadid%3D531542318%26kxcreativeid%3D174133431%26clk%3Dhttps%3A%2F%2Ft.myvisualiq.net%2Fclick_pixel%3Fet%3Dc%26ago%3D212%26ao%3D693%26aca%3D28019146%26si%3D7079041%26ci%3D174133431%26pi%3D339647168%26ad%3D531542318%26sv1%3D%5Bkeyword_id%5D%26advt%3D8241423%26chnl%3D-7%26vndr%3D115%26sz%3D10124%26u%3D%24%241008904056_18222201110_432200672%24%24%26viq_did%3D%26red%3Dhttps%3A%2F%2Fwww.peugeot.it%2Facquista%2Fpromozioni%2Fsuv-3008-promozioni.html%3Fdclid%3D%25edclid!&dsp_c3=&dsp_c2=bleclick.net/ddm/adj/N755990.4162781DV360IT0/B28019146.339647168&dsp_c1=8241423&dsp_c0=[keyword_id]&dsp_pub_id=DV360&dsp_plc_id=339647168&site_id=7079041&dsp_insertion_order_id=1008904056&dsp_ad_id=531542318&dsp_caid=18222201110&dsp_grid=&dsp_crid=174133431&dsp_strgid=&ct=IT&st=&city=7980&dma=0&zp=20153&bw=4&rnd=632220414&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.50.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-50-24.compute-1.amazonaws.com
Software: clinch /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://realtime.clinch.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:05 GMT
cache-control: no-store
content-type: image/gif
server: clinch
x-robots-tag: none
content-length: 43
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F0B2 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjrn-KVwf0iMS3sSnqe2BDUv6G43ivaYB6xkRAFngXg_TiWvy0QDcP9FRPm7uA-F9zmk3gsrwuYgWkxOzNQAVKpG_apUGU_eY&sig=Cg0ArKJSzMtGLhN9_W5tEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220919&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663849684125&rpt=403&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 193ms
193ms Image
image/gif 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1083723&asId=dce20775-f162-1856-d3fa-6c447bb874fd&tv=%7Bc:oWH5Lq,time:1186,type:e,im:%7Bpci:%7Btdr:1004%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1186,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:145,wc:0.0.1600.1200,ac:436.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1051~0%5D,as:%5B1051~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:rjss,dtt:280,fm:tiajIeq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1083723-64080112%7C191%7C192,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:147,sis:247%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:05 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H/1.1 200
OK vevent
lax1-ib.adnxs-simple.com/ Frame F0B2 0
698 B 186ms
186ms Ping
text/html 104.254.150.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://lax1-ib.adnxs-simple.com/vevent?an_audit=0&referrer=norfolkdailynews.com&e=wqT_3QKbC2ibBQAAAwDWAAUBCNOpsZkGEPziv5nXh6FOGP8RAVgBKjYJyY6NQLyujz8RK4arAyDuij8ZAAUBCBZAIRESACkRJNAxAAAAgBSu9z8woMLZCzizGUDXPUhlUIHmqLYBWNjrcWAAaMa4iwF4qoAGgAEBigEDVVNEkgUG9A0FmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABALICATDYAqRD4ALq-SXqAhRub3Jmb2xrZGFpbHluZXdzLmNvbYADAYgDAJADAJgDFKADAaoD0QYKnAZodHRwczovL2FkeC5nLmRvdWJsZWNsaWNrLm5ldC9wYWdlYWQvYWR2aWV3P2FpPUNwM2tYMDFRc1k3X3pKOXFpNUxjUHA0Nkh5QWJfNEoybGJQdktnWUxWRUdRUUFTRG1sOVlsWVAyQ2tZVG9FYUFCZ3BpM293SElBUW1wQXE4VGlZNHBoTEEtcUFNQnlBT2JCS29FNndGUDBGRUJFeUhhUDRyWjFqcTRpSkV2VGFPalg4Y2VWY2JjYzZqajNFT2cxUVV5NFh5b1Y1U0ltUHlfbW5mbDFDSl9haWNXcGVOM3llMEI1R2xNLVR5bkpPLVJiS0hyaUhCLTdBRDUxTGxSYWdCV19sREtMN25NR1FaVTFVWDdCSnhMTEVwcWVDNGR6QXVrbWpnangwczZEXzVjY0dqb1R1R2pKMTZMbC1aNVF5OWVWbnY2Y0Q1djdyUWtrOEE5VWstbWdqaEF6blZDZUhPX3JDbW1XYlFIVWxOWHJCU2ZaanlVYVRZVlhzWno2Z0J0MHZnVFB0cW1MRlhtb3NkNUViQlQxZTUyYmpmQjFLd0pyd09oVS16X0pZR2FfX1ZkU3RyY0NWZmNjRUVoTHM4Q0lpM0Vjd3RuS0V1eHdBVHBsZDZraEFUZ0JBT0lCWmJ5Z3ZGRGtnVUdDQjBRQkJnQmtnVUdDQjBRQVJnQmtnVUdDQjRRQVJnQmtBWUJvQVpNZ0FmbTU4amNBcWdIanM0YnFBZVQyQnVvQi02V3NRS29CXzZlc1FLb0I2U2pzUUtvQjlYSkc2Z0hwcjRiMkFjQThnY0pFTzU0R09DM2k4NEIwZ2dSQ0lEaGdCQVFBUmdmTWdLcUFqb0NnRUR5Q0E1aWFXUmtaWEl0TlRrek9ESTRONEFLQk1nTEFiQVR4ZC03RU1nVC1NNks0UVBRRXdEWUV3MklGQVBZRkFIUUZRR0FGd0d5RndnS0JnZ0FFZ0FZQUEmc2lnaD1PN3FTVVR2X1ZLMCZ1YWNoX209W1VBQ0hdJmNpZD1DQUFTQk9Sby1kVSZwcj0xMDoke0FVQ1RJT05fUFJJQ0V9GhE0NDA1NTQ5NTgyNzI1NTY3NiIJMzgyMzUwMDgxKgcxNTQ3ODQyOgk0MzIyMDA2NzLAA6wCyAMA2AO55y_gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA8xOTIuMTQ1LjEyNy4yMTCoBKwUsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBIHmqLYBiAUBmAUAoAXCxdr-iZXu2BSqBSpiOGIyYThkYi1iOWNkLTQ5MzYtYjc4YS0zOTgyOWMxMjdjMzV-ODgzfjHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXAGfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Aa4atoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAaoHCzE4MjIyMjAxMTEwugcPCAAQABgAIAAwADiTJUAAyAeqgAbSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAQ..&s=a71fb0d3aaed12407b877fd3bcaa78018ac4f482&type=pv&jm=1003&px=436&py=1110&bw=728&bh=90&sf=1&sid=4455121181478365861&vd=ct~0|rr~5&sv=228&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=24535328&ft=2

Requested by

Host: cdn.adnxs-simple.com
URL: https://cdn.adnxs-simple.com/v/s/228/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.150.241 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: it-IT,it;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 22 Sep 2022 12:28:05 GMT
X-Proxy-Origin: 192.145.127.218; 192.145.127.218; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs-simple.com
AN-X-Request-Uuid: 0010876d-9b58-4da0-b756-afa330030cf3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://norfolkdailynews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 view_y
trk.clinch.co/ Frame 2AD0 43 B
218 B 118ms
118ms Image
image/gif 44.205.50.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.clinch.co/view_y?cid=uda841&caid=12376&caversid=8877&frmt=728a90&csid=22724&dsp=cm360_p1&plcid=Peugeot_IT_Programmatic_DV360&plc=203419&iid=7bc0ea79-3450-42d0-b309-b8b62e3cc888&env=web&fcpath=lJICG5IPAZIQAZIpwA&prd=Ecommerce&ids=Peugeot_Italy_3008_Suspect%26Anonymous_Promo&isrc=topItems&issrc=3008_-_Suspect_&_Anonymous&feed=2427&tilid=5102&lpsrc=DSP&locsrc=Ip2LocDb&locsrcs=3533550333&dspiid=rnd-632220414&dsp_caid=18222201110&dsp_ad_id=531542318&dsp_pub_id=DV360&domain=7079041&dsp_plc_id=339647168&dsp_insertion_order_id=1008904056&dsp_crid=174133431&dsp_c0=[keyword_id]&dsp_c2=bleclick.net/ddm/adj/N755990.4162781DV360IT0/B28019146.339647168&dsp_c1=8241423&dsp_dma=0&ct=IT&city=7980&st=NA&stName=Napoli&zip=20153&isp=m247%20europe%20srl&contype=2&tc=1,0000000000,00,,&a=1663849686098
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.50.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-50-24.compute-1.amazonaws.com
Software: clinch /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://realtime.clinch.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 12:28:06 GMT
cache-control: no-store
content-type: image/gif
server: clinch
x-robots-tag: none
content-length: 43
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 195ms
195ms Image
image/gif 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1083723&asId=dce20775-f162-1856-d3fa-6c447bb874fd&tv=%7Bc:oWH62S,pingTime:1,time:2268,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:145%7D,%7Bpiv:100,vs:i,r:,t:1267%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1267,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:145,wc:0.0.1600.1200,ac:436.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1132~0,0~100%5D,as:%5B1132~728.90%5D%7D%7D,%7Bsl:i,t:1267,wc:0.0.1600.1200,ac:436.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:194,fm:tiajIeq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1083723-64080112%7C191%7C192,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:147,sis:247%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:06 GMT
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 193ms
193ms Image
image/gif 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1083723&asId=dce20775-f162-1856-d3fa-6c447bb874fd&tv=%7Bc:oWH62T,pingTime:1,time:2269,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:145%7D,%7Bpiv:100,vs:i,r:,t:1267%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1267,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:145,wc:0.0.1600.1200,ac:436.1110.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1132~0,0~100%5D,as:%5B1132~728.90%5D%7D%7D,%7Bsl:i,t:1267,wc:0.0.1600.1200,ac:436.1110.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:true,e:,tt:rjss,dtt:194,fm:tiajIeq+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19*.1083723-64080112%7C191%7C192,idMap:19*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:147,sis:247%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7782:a37b:72d7:d9a0:3f1f Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://norfolkdailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Sep 2022 12:28:06 GMT
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=13781

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud	1969-12-31 23:59:59	Name: logglytrackingsession Value: d3a81921-5541-47b8-bd73-c3d1cf311c20
.google.com/	1970-01-20 15:40:36	Name: __Secure-ENID Value: 7.SE=ZwHiRWZ58qgMmUEz4eK_zaHuwpiIbB-8oBcYIwV5xEc1JgUkonz0J7QZUqjOp14tdJyhVMTh41_nLXDQTKIxIKCGr5uCl0BmfH0cvg9U3Shxz--bH1hPQG1jk-etBp7Avtr1n_qXJmc3hcc6Kv-TX3x410dOljx-pKLuTo1FdgQ
.google.com/	1970-01-20 15:46:49	Name: CONSENT Value: PENDING+832
.norfolkdailynews.com/	1970-01-20 06:10:53	Name: AMP_TOKEN Value: %24NOT_FOUND
.norfolkdailynews.com/	1970-01-20 15:46:49	Name: _ga Value: GA1.2.1250819458.1663849681
.norfolkdailynews.com/	1970-01-20 06:12:16	Name: _gid Value: GA1.2.2029059471.1663849681
.norfolkdailynews.com/	1970-01-20 06:10:49	Name: _dc_gtm_UA-54716522-7 Value: 1
.norfolkdailynews.com/	1970-01-20 06:10:49	Name: _gat_UA-60699507-1 Value: 1
norfolkdailynews.com/	1970-01-20 06:54:01	Name: _pbjs_userid_consent_data Value: 3524755945110770
.norfolkdailynews.com/	1970-01-20 10:30:01	Name: _pubcid Value: 0e4d497b-ed57-4066-8939-0924914f50af
norfolkdailynews.com/	1970-01-20 15:35:18	Name: qcSxc Value: 1663849681518
.quantserve.com/	1970-01-20 15:41:04	Name: mc Value: 632c54d1-849f6-d7c12-07190
.norfolkdailynews.com/	1970-01-20 15:35:18	Name: __qca Value: P0-599267041-1663849681515
.norfolkdailynews.com/	1970-01-20 15:32:25	Name: __gads Value: ID=bf3fa24362a4a594-229de6b62bce00bd:T=1663849681:S=ALNI_Mbui1yI_fjlNwdRxfnDGU4mS6iOdA
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.doubleclick.net/	1970-01-20 15:32:25	Name: IDE Value: AHWqTUlLLD8QxG9OUbXpD2pgTJ958SaapzVh3xAoWrCIFPC05v-dX-n13QTYGqidYXc
.infolinks.com/	1970-01-20 15:46:49	Name: cuid Value: 1ae8aaad-8751-4b7b-84e0-88f2b060d0df
norfolkdailynews.com/	1970-01-20 06:10:53	Name: _lr_retry_request Value: true
norfolkdailynews.com/	1970-01-20 06:54:01	Name: _lr_env_src_ats Value: false
.norfolkdailynews.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1663936083478
.tapad.com/	1970-01-20 07:37:13	Name: TapAd_TS Value: 1663849683529
.tapad.com/	1970-01-20 07:37:13	Name: TapAd_DID Value: 6cf25f6e-8f6b-47f6-a9bb-db2516348061
norfolkdailynews.com/	1970-01-20 07:37:13	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-22T12%3A28%3A03%22%7D
.tapad.com/	1970-01-20 07:37:13	Name: TapAd_3WAY_SYNCS Value:
.norfolkdailynews.com/	1970-01-20 15:32:25	Name: cto_bundle Value: 4Mr9ul9kTXRMbDdnTU9mNkM4MHdIJTJGaGFvR1FqZyUyRnZqdFlmTnlOTW1JR1RydnZHeCUyQmJrTHJaYjl0RVJrSEZ5dDlkb1pMRjBYQWJyYWpjQTFsdHVLdWJwTlpXZ2NtY1RZQk5vQUpIVkg0MjlRblFWV1ZQajNDVlolMkJ5aGZLNkowOXVkMUIz
.norfolkdailynews.com/	1970-01-20 15:32:25	Name: cto_bidid Value: PxOq419nWkxIZ3V2YmRRVmliUWl3QWJCMExsRkJmWHFtN2ZrNTVtc3QlMkZnJTJGJTJCS1E4ZjFGZ3RYekU3SHklMkZ0d2RXMVdYYjZWc3lRQWdLQkRWbWl6dGhGWVV2b2olMkZPd1FGMTAyYmx1MzhuUE5XaXAzeGslM0Q
.sxp.smartclip.net/	1970-01-20 06:54:01	Name: uuid Value: 6c057f26-d454-2c63-7b95-9db1343672fb
.krxd.net/	1970-01-20 10:30:01	Name: _kuid_ Value: PGB0dmqE
.myvisualiq.net/	1970-01-20 15:46:49	Name: tuuid Value: bec6d84c-0436-43bc-b3da-09cb75c15e03
.myvisualiq.net/	1970-01-20 15:46:49	Name: c Value: 1663849684
.myvisualiq.net/	1970-01-20 15:46:49	Name: tuuid_lu Value: 1663849684
.sxp.smartclip.net/	1970-01-20 06:54:01	Name: dspuuid Value: 10.CAESEGeOOfB2vxpTuw3JaBuul00
.sxp.smartclip.net/	1970-01-20 06:54:01	Name: psyn Value: 19257.10
.clinch.co/	1970-01-20 15:46:49	Name: clinch-sid Value: 40193f8c-2837-4998-9f40-fc964d8d9ff1

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html(Line 389) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/survey?site=_rwyy5wut2hljicuvrztnlebriu&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680362, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html(Line 389) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/survey?site=_rwyy5wut2hljicuvrztnlebriu&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680362, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://survey.g.doubleclick.net/survey?site=_rwyy5wut2hljicuvrztnlebriu&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680362(Line 79) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/insights/consumersurveys/static/446600373337806383/prompt_embed_static__it.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://survey.g.doubleclick.net/survey?site=_rwyy5wut2hljicuvrztnlebriu&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680362(Line 79) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/insights/consumersurveys/static/446600373337806383/prompt_embed_static__it.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://survey.g.doubleclick.net/survey?site=_rwyy5wut2hljicuvrztnlebriu&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680362(Line 72) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adservice.google.it/adsid/integrator.sync.js?domain=norfolkdailynews.com, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://survey.g.doubleclick.net/survey?site=_rwyy5wut2hljicuvrztnlebriu&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680362(Line 80) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/gk/prompt?site=_rwyy5wut2hljicuvrztnlebriu&t=1&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680715&ref=https%3A%2F%2Fwww.google.com%2F&token=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://survey.g.doubleclick.net/survey?site=_rwyy5wut2hljicuvrztnlebriu&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680362(Line 80) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/gk/prompt?site=_rwyy5wut2hljicuvrztnlebriu&t=1&url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&cid=everything&random=1663849680715&ref=https%3A%2F%2Fwww.google.com%2F&token=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://trends.revcontent.com/api/demand/?w=270332 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=270332&width=1600&rev_allow_cookies=1&site_url=https%3A%2F%2Fnorfolkdailynews.com%2Fcommentary%2Finvestigation-beyond-media-needed-into-alleged-voter-fraud%2Farticle_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html&icr_url=&referer=https%3A%2F%2Fwww.google.com%2F&va=0&time=1663849681597&up=pc&bn=chrome&bv=105&widget_width=750&style_id=0&idhub[pubcid]=0e4d497b-ed57-4066-8939-0924914f50af Message: Failed to load resource: the server responded with a status of 500 ()
network	error	URL: https://norfolkdailynews.com/content/tncms/ads/in-story-top-desktop/1.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://norfolkdailynews.com/commentary/investigation-beyond-media-needed-into-alleged-voter-fraud/article_423ee7d6-3c88-11eb-9d02-3bf52cbc0ced.html Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://norfolkdailynews.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13781 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2b8dcae387ed4b8a0537d02afde4d3d7.safeframe.googlesyndication.com
ad.sxp.smartclip.net
ad.yieldlab.net
ads.pubmatic.com
adservice.google.com
adservice.google.it
ampcid.google.com
ampcid.google.it
api.rlcdn.com
assets.revcontent.com
bcp.crwdcntrl.net
beacon.krxd.net
bloximages.newyork1.vip.townnews.com
cdn.adnxs-simple.com
cdn.clinch.co
cm.g.doubleclick.net
dlvr.it
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
id.crwdcntrl.net
imasdk.googleapis.com
img-cdn.clinch.co
lax1-ib.adnxs-simple.com
match.adsrvr.org
mug.criteo.com
norfolkdailynews.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.tapad.com
pxl.qccerttest.com
realtime.clinch.co
resources.infolinks.com
router.infolinks.com
rt3054.infolinks.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
survey.g.doubleclick.net
t.myvisualiq.net
tagan.adlightning.com
tags.crwdcntrl.net
tpc.googlesyndication.com
trends.revcontent.com
trk.clinch.co
www.google-analytics.com
www.google.com
www.google.it
www.googletagmanager.com
www.googletagservices.com
www.norfolkdailynews.com
yeet.revcontent.com
api.rlcdn.com
104.103.102.147
104.16.132.24
104.254.150.241
108.138.17.110
15.197.193.217
151.101.129.108
151.139.128.11
172.217.16.194
172.66.41.9
172.66.42.247
178.250.0.157
18.66.147.69
192.104.183.209
23.35.236.201
2600:1f13:800:7782:a37b:72d7:d9a0:3f1f
2600:9000:206e:600:6:44e3:f8c0:93a1
2600:9000:223d:ea00:11:615:7240:93a1
2600:9000:2491:e800:8:48e:53c0:93a1
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:806::2001
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9a
2a00:1450:400d:805::2011
2a00:1450:400d:806::2002
2a00:1450:400d:807::2002
2a00:1450:400d:807::2008
2a00:1450:400d:807::200e
2a00:1450:400d:80a::200a
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::2004
2a00:1450:400d:80d::200e
2a02:2638:1::13
2a02:26f0:3500:18::1724:a289
2a02:26f0:3500:c::5c7b:6821
34.249.231.255
35.186.194.101
35.227.248.159
44.205.50.24
44.236.18.87
52.18.211.80
52.208.167.155
52.212.128.245
52.59.13.32
54.194.226.232
54.197.229.35
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
05deee3fdf1fcfaf986017678f334ea2733f5e233f80b1081f3f0867fb55179f
0932f5444b6853abbbf73831541c9c4b5816be7e6ec4f3ab1284783a504061c2
0abf0eb467b383b8da78e1227a2fbc9687d404849eddcecb48f7b7ad5679b332
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0b6759e00f05f7909419726231366ececdd73c5b870e61d033f407b268dbf748
0c2d5358c7df05018004b5ff5434f854385d8fe8a64593901d9ae662564592d3
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
0de2cc5e4a5deba3b8e8924053c083114db9c318831eeafd61724401048e8600
10a7a0628a349694c1156941903e2b965e98f1056a4dfea35ec010d09259569b
17ea00f45c87696eea458d8499980bc6bfd9f4eab9f4d351cf0b71e1578a5adf
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
1973085468daea4cb486397d54babbe3819b57f37663201d2b89636ced42b91d
1a97a1a8b88f4fa4b1eff7a0b360e7b17459268ec07a8fd8001808f191b3b002
1de35b83b2882e180ea46e4fea6710eb16bffba5a0e21170de9f520b64af0818
1e91213e45f98ca5b5f95b510e468673f208de97b060720288295d2df5f80776
208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb
242d300e360e5ba09151afd63123571b0a1d8f9d90ad5afbac55a499e57f4d6a
2838ada1a2e98ea67fbff5622ae6dbc293c5cae3f50be29febaa03b9a4bd8627
2c9f9999128836dbd3c8cfeb3ff1f11cd5707d83e18d68110bdb7d22eeb056f8
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
31e9224386ee43fc0e1efa90cf82a54b3ffd7a96b09da78ec101d1d645cc4e0d
321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2
33cefb0b9480968415590ae8f0db3a68f681146e28898cf1fef704e6ffea3f4c
33d27a2237dd1e05c016cffdd6e7f19af210d5ab0f278a1090d0c342ee151a69
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678
42a5415462a59c7b55e57cee2852347ee641e361f5d584ceb965aea7b10b7e86
4530108a7846e31d33b46c776fcd52a54aa52c879577dee1cd75dbae68dc0585
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e
54317318cf662dbbb03ff87d8bafa484b37c773b8de906581d576b4d0de158be
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08
5c8a7da9895562fc23ab618833b9d92543486d62b92de9b5cc81aab8bc73f25c
5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2
5f178a1d5939940ddfb161505c68ff2d889fafe8bbf45bcd87a4822086d9dcf7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a3aa3ee7accd2882e5d7a6f948a14de9814ee6bb2cb68179a2685ea70a564d
63cb60156effdf21b79145c3c02ce5729cb208196c88527f216ad7565937f00e
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6
64bc2a98f4e8b9b41bd905d3762a6b5c36f14d8e16d0819b4eaca361cf392cb7
678d4ac4a14d788e91c631db4c545df5acc5197735f47a9a66d4008a445caede
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ddf18c4a4eeb06489f2c6470ba9779af4cffeddea337519d6f2c569c9749532
743c538563abf169a1e298a80e06cf976bb508c76d1a38969c5dceaef3348d7b
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
7f2f7ec7e6c13947469149f5781fbb718cf0d59684268199fe4bd956bcc32fa5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9123684aadc2f7d019b36f6bc8ff22c5f20a7e6723f2ae748ca25dd11ce37c69
92fb0a0bde0ae350ac71dc6c5f63045dfb0f1b042a902bcfd18995672371d6c2
931dfd744aa571b930276927e2a0ab96712bbb955734408ec4e2f64b6d0dbe06
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
9402f8cd0afeaf86eb96eb0dbeb363f620f898f19f4cc8fdf166f6b8d12ec627
95ce51d9f65d01377bd148ff3692896597d961f01c6b9654c3a90478126d5de4
988893d5f5976a4243df780ccfaa9c9d2a5b56a650d216930ee2438bbdc804ce
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99b6f8f1b5517c2b1f11b1364b42978dab6e69653581ddb0f36f90ca5c5c6d99
9d279229ceabcab6e90a74454de8c0d08b1732b9ac67c91ff4ec3fd013914128
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a107f57a1f45f6448e7339d702adafb6631a0e9e2ea3d5a9a0dbc8eb6e9bbb63
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a633abf6ef85a1bf221e75979146c4c7f7a6164732a6a981180a84cf44ced8bb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a95eebd3e069c109f82214724fac3cbd9e0a09071fb20ccf270c2bbb2e57a93c
ad9b260f3a9ecbedb31b7fa43541ad1f91076da518f38d2a2709393adce16607
ae49b4e46526473b9fe869adfd3387e7a132351bb3a3c50ed6340d13cdc559dc
ae938820655d8afb2bcaac1a4c8e03cb464fd7cf04c3f4c9f9ce7917eae728c0
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bdac211f43fbee9eeb4d50f8755206599f76296cd15316a97c9d2cb2050d2f
b4cd4f889e2c7dd71da12d2b0a29aa6346de2e5d8b3c882d7700d64c700f661d
b52af4f6849257bb609f2078d51dc45ad49c0f9b5ff217cf6f9c1c8afcb9a8df
b853221ad9f453ef36b3b69c8ffc4a3b82cccfdb11fef7e19d4db2603bebc153
b8648f26e0c4b5e2f7a49c4faf913d500624aba77dd60c896e6f2bd176fab168
b8aa5ad9206d8b11dbc8aecf530736bf6508027c18f1ac710b66a291c5c5888b
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bcac83462f49deedab22da15859d7703ff227dbf9d316230e30efb3f22c7e378
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be07929f54da08a75ba65198f5f24725682dbc034b2cf0c4aca088eced725166
bef929115c309a5554ffec5327785cd8025bf19a04a86af286a5af4140229378
bfd126ac0ab625bcf5593a41432b04177248382666e755aeeaf5458a822bee72
c96243483fe1107223c07f837885d057ec2b7515e349bd51523ab2ef6666bf43
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb3c7d3adbedfa086733490833246af98da5609818aae073b900be856d7df1aa
ce2444f01d4749e6d474fde54fe5221beff381c4cf0b7e38fcd132a62c51c7d8
cfec8d71ac555df33d10782b39cce35a902732152ef54d2e303630097fbe05e9
d2c2161d216b3f6f05411fb2ae1c43a501c51f1763c450326757baad4af344ca
d3fa0645c3e2ba8a6cae712190376e4a538d0c85d6636222d33a7b3ed3bc5c2a
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
da46bc766028c67f94e34c39ecf0c36513fd5ffffe1e126ce09908ebcd671eb6
dbf3bfb5c974a3a22c04b2614f61efab99657d7142e12bc7c791c357229a650c
dd150163224357008c3abd24cd281326ba895954081190ed2fe0dd5468a555bf
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de1f4b3197b2349abf23a4a1e455941eda2a80b6c10f4dee688eaab58b8201c4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df31253cb5226982d7bb741aee5bb93a51b49e9350bb37371eb288b2895af1f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d44325a33048dc4eeb02fa438dd0143c3a423b5c09c64b0842df99f6960e05
e62ff111daf17418d9a23c8cf57947f202701d3d0fb370d29579f60bc9b29dc8
e7376ac5d189aa6709ce824da6ab6a3c2c85bacb7cf8dafbf5c423de19c891e8
e7d4d8fffee9abdf4687ff6457cff2a69201a16e8ec13b01fb94ee80014cbc1f
eb19bdbb8b9d5e43ed2b6c6ca6090d31767a6c7ec0b47ddf49317c450f826624
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d11c6cec5ec98a202f937a38f8f9a548dfeac9a37d1eb4332a15cb526162c4
f5b318376c54a718bcb2422a99b9a38435b3021e0871d7a0c1c4ad6a9f017b3d
f7f27b0c098c60a652449eef1e6c311f36652d9deff4e990b9a084f1ef47010c
f9f773f0f7891b3e847af238b9cdd3731ced05a036a7024fc8989e5206875a5f
fa01414da24aaed8a8cc35c7c2835b7b4b795681c8169ad9af0b3cb4c0a48de0
fe0a94c0b02c8facd87a18d8f39e4d14726b2c88646a178d132ec6471ede959c
feae43052762342c911f92ce87d0338545e2933333e565a73dbf0d3c091a1262

norfolkdailynews.com Open in urlscan Pro 192.104.183.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

167 Requests

96 %HTTPS

52 %IPv6

31 Domains

58 Subdomains

52 IPs

7 Countries

2887 kBTransfer

6558 kBSize

34 Cookies

10 Outgoing links

Page URL History

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

norfolkdailynews.com Open in urlscan Pro
192.104.183.209 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

96 %
HTTPS

52 %
IPv6

31
Domains

58
Subdomains

52
IPs

7
Countries

2887 kB
Transfer

6558 kB
Size

34
Cookies

167 HTTP transactions
6 data transactions