urlscan.io logo urlscan.io
SecurityTrails logo

www.spokesman.com Open in urlscan Pro
2600:9000:20a6:fa00:0:b5fb:e6c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://amazon-logins-account.duckdns.org/
Effective URL: https://www.spokesman.com/
Submission: On November 24 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 4 countries across 34 domains to perform 112 HTTP transactions. The main IP is 2600:9000:20a6:fa00:0:b5fb:e6c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.spokesman.com. The Cisco Umbrella rank of the primary domain is 64504.
TLS certificate: Issued by Amazon on July 20th 2022. Valid for: a year.
This is the only time www.spokesman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.199.145.112 15169 (GOOGLE)
1 1 2600:9000:21c... 16509 (AMAZON-02)
1 2600:9000:20a... 16509 (AMAZON-02)
5 2600:9000:21c... 16509 (AMAZON-02)
8 2600:9000:20a... 16509 (AMAZON-02)
1 99.84.238.217 16509 (AMAZON-02)
9 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
5 2600:9000:20a... 16509 (AMAZON-02)
10 2404:6800:400... 15169 (GOOGLE)
1 2 107.178.250.234 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
4 3.210.65.178 14618 (AMAZON-AES)
1 65.9.42.107 16509 (AMAZON-02)
9 2606:2800:247... 15133 (EDGECAST)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2a04:4e42:a00... 54113 (FASTLY)
2 2606:2800:147... 15133 (EDGECAST)
12 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
5 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 172.67.75.166 13335 (CLOUDFLAR...)
2 52.217.70.4 16509 (AMAZON-02)
4 2404:6800:400... 15169 (GOOGLE)
1 13.225.165.82 16509 (AMAZON-02)
1 2600:9000:206... 16509 (AMAZON-02)
1 35.227.203.93 15169 (GOOGLE)
1 2a03:2880:f10... 32934 (FACEBOOK)
1 34.96.74.203 396982 (GOOGLE-CL...)
2 13.70.73.107 8075 (MICROSOFT...)
1 2600:1f16:bc:... 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 54.185.210.97 16509 (AMAZON-02)
2 13.85.16.224 8075 (MICROSOFT...)
112 39
1    35.199.145.112 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 112.145.199.35.bc.googleusercontent.com
amazon-logins-account.duckdns.org
1    2600:9000:21c4:7400:13:3ce1:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
spokesman.com
1    2600:9000:20a6:fa00:0:b5fb:e6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.spokesman.com
5    2600:9000:21c4:3e00:2:4597:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
thumb.spokesman.com
8    2600:9000:20a6:e000:1e:dc88:cb00:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.spokesman.com
1    99.84.238.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-238-217.sfo5.r.cloudfront.net
cdn-gateflipp.flippback.com
9    2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2404:6800:4004:80c::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2600:9000:20a6:d800:18:730a:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.spokesman.com
10    2404:6800:4004:822::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
2    2404:6800:4008:c01::9a (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2404:6800:4004:824::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4004:81e::2003 (Australia)

ASN15169 (GOOGLE, US)
www.google.co.jp
4    3.210.65.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-65-178.compute-1.amazonaws.com
www.i.matheranalytics.com
1    65.9.42.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-107.nrt12.r.cloudfront.net
p.flipp.com
9    2606:2800:247:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
loader-cdn.azureedge.net
cdn.wgchrrammzv.com
cdn.mircheigeshoa.com
cdn.godiciardstia.com
cdn.pranmcpkx.com
cdn.czx5eyk0exbhwp43ya.biz
1    2404:6800:4004:820::2002 (Australia)

ASN15169 (GOOGLE, US)
adservice.google.co.jp
1    2404:6800:4004:801::2002 (Australia)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2404:6800:4004:824::2001 (Australia)

ASN15169 (GOOGLE, US)
71299baf5b06666fed3f90bb30cb802a.safeframe.googlesyndication.com
1    2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    2606:2800:147:120f:30c:1ba0:fc6:265a (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
12    2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2404:6800:4004:827::2002 (Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2404:6800:4004:821::2001 (Australia)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2404:6800:4004:80c::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2404:6800:4004:825::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    172.67.75.166 (United States)

ASN13335 (CLOUDFLARENET, US)
api-mg2.db-ip.com
2    52.217.70.4 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
4    2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    13.225.165.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-82.nrt12.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
1    2600:9000:2066:1a00:14:c3e7:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
aamcftag.aamsitecertifier.com
1    35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com
pymx5.com
1    2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.96.74.203 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.74.96.34.bc.googleusercontent.com
api.pymx5.com
2    13.70.73.107 (Sydney, Australia)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
1    2600:1f16:bc:1202:9644:6957:60fd:1e5f (Columbus, United States)

ASN16509 (AMAZON-02, US)
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
3    2606:4700:3032::6815:2beb (United States)

ASN13335 (CLOUDFLARENET, US)
api.aamapiv2.com
1    54.185.210.97 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-185-210-97.us-west-2.compute.amazonaws.com
aamcf.aamsitecertifier.com
2    13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-spokesman-proxy-connext.azurewebsites.net
Apex Domain
Subdomains		 Transfer
20 spokesman.com
spokesman.com — Cisco Umbrella Rank: 57370
www.spokesman.com — Cisco Umbrella Rank: 64504
thumb.spokesman.com — Cisco Umbrella Rank: 195163
static.spokesman.com — Cisco Umbrella Rank: 288624
media.spokesman.com — Cisco Umbrella Rank: 266700
31 MB
17 googlesyndication.com
71299baf5b06666fed3f90bb30cb802a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
355 KB
11 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 191
stats.g.doubleclick.net — Cisco Umbrella Rank: 94
192 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 40
40 KB
6 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 10394
www.i.matheranalytics.com — Cisco Umbrella Rank: 10058
44 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 371
109 KB
3 aamapiv2.com
api.aamapiv2.com — Cisco Umbrella Rank: 55865
8 KB
3 pranmcpkx.com
cdn.pranmcpkx.com — Cisco Umbrella Rank: 41397
2 MB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 83
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 67
178 KB
2 azurewebsites.net
prod-spokesman-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 377980
1 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 725
408 B
2 pymx5.com
pymx5.com — Cisco Umbrella Rank: 105048
api.pymx5.com — Cisco Umbrella Rank: 117170
10 KB
2 aamsitecertifier.com
aamcftag.aamsitecertifier.com — Cisco Umbrella Rank: 60563
aamcf.aamsitecertifier.com — Cisco Umbrella Rank: 39519
28 KB
2 amazonaws.com
paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 38421
2 KB
2 czx5eyk0exbhwp43ya.biz
cdn.czx5eyk0exbhwp43ya.biz — Cisco Umbrella Rank: 32043
5 KB
2 gstatic.com
fonts.gstatic.com
32 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 178
95 KB
2 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2035
44 KB
2 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 18430
adservice.google.co.jp — Cisco Umbrella Rank: 53980
1 KB
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 cloudfront.net
d31qbv1cthcecs.cloudfront.net
5 KB
1 db-ip.com
api-mg2.db-ip.com — Cisco Umbrella Rank: 25078
569 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 52
1 KB
1 godiciardstia.com
cdn.godiciardstia.com — Cisco Umbrella Rank: 61482
48 KB
1 mircheigeshoa.com
cdn.mircheigeshoa.com — Cisco Umbrella Rank: 61012
23 KB
1 wgchrrammzv.com
cdn.wgchrrammzv.com — Cisco Umbrella Rank: 39018
2 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1458
583 B
1 azureedge.net
loader-cdn.azureedge.net — Cisco Umbrella Rank: 26920
12 KB
1 flipp.com
p.flipp.com — Cisco Umbrella Rank: 14247
1 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 14795
17 KB
1 duckdns.org
amazon-logins-account.duckdns.org
410 B
0 alexametrics.com Failed
certify.alexametrics.com Failed
112 34
Domain Requested by
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.spokesman.com
tpc.googlesyndication.com
10 www.google-analytics.com www.googletagmanager.com
www.spokesman.com
az416426.vo.msecnd.net
9 securepubads.g.doubleclick.net www.spokesman.com
securepubads.g.doubleclick.net
www.googletagservices.com
8 static.spokesman.com www.spokesman.com
static.spokesman.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 media.spokesman.com www.spokesman.com
5 thumb.spokesman.com www.spokesman.com
4 pagead2.googlesyndication.com az416426.vo.msecnd.net
tpc.googlesyndication.com
4 www.i.matheranalytics.com www.spokesman.com
3 api.aamapiv2.com aamcftag.aamsitecertifier.com
www.spokesman.com
az416426.vo.msecnd.net
3 cdn.pranmcpkx.com loader-cdn.azureedge.net
cdn.pranmcpkx.com
3 www.googletagmanager.com www.spokesman.com
www.googletagmanager.com
cdn.godiciardstia.com
2 prod-spokesman-proxy-connext.azurewebsites.net cdn.pranmcpkx.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 paywall-ad-bucket.s3.amazonaws.com www.spokesman.com
cdn.pranmcpkx.com
2 cdn.czx5eyk0exbhwp43ya.biz cdn.pranmcpkx.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 az416426.vo.msecnd.net loader-cdn.azureedge.net
cdn.pranmcpkx.com
2 www.google.com www.spokesman.com
tpc.googlesyndication.com
2 stats.g.doubleclick.net www.google-analytics.com
az416426.vo.msecnd.net
2 js.matheranalytics.com 1 redirects www.spokesman.com
1 aamcf.aamsitecertifier.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1 api.pymx5.com pymx5.com
1 www.facebook.com
1 pymx5.com www.googletagmanager.com
1 aamcftag.aamsitecertifier.com www.spokesman.com
1 d31qbv1cthcecs.cloudfront.net www.spokesman.com
1 api-mg2.db-ip.com cdn.mircheigeshoa.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 cdn.godiciardstia.com loader-cdn.azureedge.net
1 cdn.mircheigeshoa.com loader-cdn.azureedge.net
1 cdn.wgchrrammzv.com loader-cdn.azureedge.net
1 polyfill.io loader-cdn.azureedge.net
1 71299baf5b06666fed3f90bb30cb802a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.co.jp securepubads.g.doubleclick.net
1 loader-cdn.azureedge.net static.spokesman.com
1 p.flipp.com cdn-gateflipp.flippback.com
1 www.google.co.jp www.spokesman.com
1 cdn-gateflipp.flippback.com www.spokesman.com
1 www.spokesman.com
1 spokesman.com 1 redirects
1 amazon-logins-account.duckdns.org 1 redirects
0 certify.alexametrics.com Failed
112 46
Subject Issuer Validity Valid
spokesman.com
Amazon		 2022-07-20 -
2023-08-18		 a year crt.sh
*.flippback.com
Amazon		 2022-07-01 -
2023-07-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.i.matheranalytics.com
Amazon		 2022-01-13 -
2023-02-11		 a year crt.sh
flipp.com
Amazon		 2022-08-31 -
2023-09-28		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-10-25 -
2023-10-25		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
sni2bf2bgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
sni2bf2fgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
sni2bf2egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
sni2bf2agl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-17 -
2023-05-17		 a year crt.sh
snibe7egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-31 -
2023-03-03		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.aamsitecertifier.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.pymx5.com
Go Daddy Secure Certificate Authority - G2		 2022-09-01 -
2023-09-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-02 -
2022-12-01		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 05		 2022-09-13 -
2023-09-08		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2022-09-12 -
2023-10-11		 a year crt.sh
*.aamapiv2.com
E1		 2022-10-22 -
2023-01-20		 3 months crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 01		 2022-03-14 -
2023-03-09		 a year crt.sh

This page contains 7 frames:

Primary Page: https://www.spokesman.com/
Frame ID: C20D52B89D706087B37367E27BA93BE1
Requests: 82 HTTP requests in this frame

Frame: https://71299baf5b06666fed3f90bb30cb802a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C1B786345CF27B7D419A3D682A90E23C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvB0b3VGbTWS570bTR7QEBP23G1Y1BkbxCvuIFDOqcGmprlAFDVumD4KG-eAfJrIpNPBBx77MS76z_1f4hi5LAbz0VHu9IDV_VAjvcNhtgGE9MKSk6i2360qlu5cLKu4EwY4D01lHcbUSRnztlX85U6QkumpKfoba3sr5AwwtFuFZxEaz12wc5jKYWA5fA1tRzdozx_uam18R47utjVe3BaOdoySA1EJy3ES33JImV03uLKtzuT_EQlIlIdP7kGchQt7txEEz2jpoemKUydbTlULsXKGKGRFIZ6oxLxcQmrPZT1F9PKxd3Qex1Rv-WicXbbHPyw5XsBTgRLtUfCWG7-DdWr8PvZfO60NO4igUqeMwE4r5BHw&sai=AMfl-YS91ozifw6B4ArCAVGazwG40KBKKsn9sd1LRwEeax0ot98A71IrFQxcCZer5p2SHfgjCMf8mibza06Jh81V1k648B-URBLUVezTs-lkRUwmuoiwR-O0LQer0wL5NwQy-j-tUsVAkwkP8WRHfeeH_Q&sig=Cg0ArKJSzK4Ckri7jFMMEAE&uach_m=[UACH]&adurl=
Frame ID: 6268C3C5F983671685B5CC26FE7C2524
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzIQpdNYIHyG2F6MskcQq3MYeIEqJdt-jXKyak6xWfNibNEIcewsYT0-Ck0qQ7qZ2nKMb5BkZbBs3SWJ2Df9tvV9jrjYUvXnukkG3zQy8O5bszuKVQBgqVrJE6AGRB82K0UxbGPHK-GR1MrJEfUie5LqCCqKKDQBgKwCRkCukjoqJF2UwKifr0N11nWhZOwmqodITHt10-sKxficXxQzwrVRwOM99i2VaUMLvQGUrVeQ2t4c76Lgi7mn-7j9T7M0jIZW-fX3vK5BjojtYeZIJKSyGqCTK80Z4vn9ziL3XzWJ4srtkAphHeQBfgaKA7_1c0XJEUTsrG22E_Zz6OL_Yt2Q&sai=AMfl-YQvMRgzXC1Pn2uCwTyAApA8TTVAaPDN5pyzPNDxTvsRm5vMhVutCAxd3DG98HbmVGo9ccQVq5C59CUHlpF7z5-fpaKxCHo_ay1LA27bcp1_MwWM_g2flcpxo1w6eC39Rs_uuKGkIEkwGiIh31BKdg&sig=Cg0ArKJSzB2J8dLQV_kJEAE&uach_m=[UACH]&adurl=
Frame ID: A67CA2CD8F07FAA4B78DD5C6C8A93614
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 4450C0B97E801AAF3A2D3E04D8D66CCC
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 238E87DA7BC8E2DB9DDC218C1E3E957D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 39D9F97BF47B343D042ABC3F73E198B7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Spokesman-Review | Local News, Business, Entertainment, Sports & Weather for Eastern WashingtonArrow-rightCameraThe Spokesman-Review NewspaperThe Spokesman-Review NewspaperThe Spokesman-Review

Page URL History Show full URLs

  1. https://amazon-logins-account.duckdns.org/ HTTP 307
    https://spokesman.com/ HTTP 301
    https://www.spokesman.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

112
Requests

98 %
HTTPS

68 %
IPv6

34
Domains

46
Subdomains

39
IPs

4
Countries

34955 kB
Transfer

39070 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://amazon-logins-account.duckdns.org/ HTTP 307
    https://spokesman.com/ HTTP 301
    https://www.spokesman.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://js.matheranalytics.com/s/ma20153/575681700/ml.js?cb3=1610 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.spokesman.com/
Redirect Chain
  • https://amazon-logins-account.duckdns.org/
  • https://spokesman.com/
  • https://www.spokesman.com/
243 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:fa00:0:b5fb:e6c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
8366b56050cd10f4112259e2b616bf4d2e2fcef89bc3c6b4d5e9fc8e1b37e7f5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
39
cache-control
max-age=300
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Thu, 24 Nov 2022 16:01:18 GMT
referrer-policy
same-origin
server
nginx/1.22.1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding,Cookie
via
1.1 ce238b40dbac59c6528c9d275e9d96f6.cloudfront.net (CloudFront)
x-amz-cf-id
R2vqdoTjD2WPwMrh1AxTKQyH-9i-PKzs79X6WmIZ6oU8rNhnYMz1eA==
x-amz-cf-pop
SFO5-C3
x-amzn-trace-id
Root=1-637f954e-3c8714a434baec9b508d26e3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-robots-tag
noarchive

Redirect headers

age
2157
content-length
0
date
Thu, 24 Nov 2022 15:26:00 GMT
location
https://www.spokesman.com/
server
AmazonS3
via
1.1 f6e2aa8788731292478df0dab2377dd8.cloudfront.net (CloudFront)
x-amz-cf-id
PTtSk1OpFK4-Ub4mYNM6a1M0klp8TR-qZHW-LXqvQVQp03iVLQ5gow==
x-amz-cf-pop
SFO5-C1
x-cache
Hit from cloudfront
sr-loader.png
thumb.spokesman.com/uO6q6eDqVn9RLDznlEJuDvMVKgE=/600x0/media.spokesman.com/graphics/2018/07/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/uO6q6eDqVn9RLDznlEJuDvMVKgE=/600x0/media.spokesman.com/graphics/2018/07/sr-loader.png
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c4:3e00:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Thumbor/6.7.5 /
Resource Hash
ab2e65cd767ab27b65e3bd2f97ffa0163af196c8a0eceb292f5d57527c9adce8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 10:49:25 GMT
via
1.1 7b5e90ec4988c1c340392b828c6f9f4a.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
SFO5-C1
age
6844352
etag
"7b6592542ec6d8d4377eb143251c2f5b7d76aad9"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
11662
x-amz-cf-id
Ah-5sudYGqFvHEb5_06RvEIh4i9EHlyto71S1FfMPwh7E3-sRvMbCQ==
expires
Fri, 01 Sep 2023 10:49:25 GMT
style.min.d9865cc8780e.css
static.spokesman.com/sv3/css/ 		320 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/sv3/css/style.min.d9865cc8780e.css
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:e000:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc2c387a887f40dbb73e526b6213be9cedd527ec7b88d51b497070d97e231c6f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 22:56:03 GMT
content-encoding
gzip
via
1.1 8fd16721c32269f6a38b6515e2acebe8.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 22:55:37 GMT
server
AmazonS3
x-amz-cf-pop
SFO5-C3
age
2394355
etag
W/"d9865cc8780efd2ce06c12fb7ea277b9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
x-amz-cf-id
Bxg6qPh3MeLeUEQ5Nk1PGmFc_l_nClRlrg3NfOqRfUe7K8bILRZYcA==
jquery.min.12b69d0ae6c6.js
static.spokesman.com/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/js/jquery.min.12b69d0ae6c6.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:e000:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 10:34:06 GMT
content-encoding
gzip
via
1.1 8fd16721c32269f6a38b6515e2acebe8.cloudfront.net (CloudFront)
last-modified
Sat, 12 Nov 2022 00:45:59 GMT
server
AmazonS3
x-amz-cf-pop
SFO5-C3
age
1056472
etag
W/"12b69d0ae6c6f0c42942ae6da2896e84"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
QCMU9Ht4aXkgDG7DJoTiD_2ntx6tA399kWAqp8i1XlO7vMdXjL7B7A==
critical.min.7f719ef7842f.js
static.spokesman.com/sv3/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/sv3/js/critical.min.7f719ef7842f.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:e000:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ba65148259568967389d182b434f97e0da7b6cd83abf926a602433a340ca9d0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 03 Nov 2022 12:40:50 GMT
content-encoding
gzip
via
1.1 8fd16721c32269f6a38b6515e2acebe8.cloudfront.net (CloudFront)
last-modified
Wed, 02 Nov 2022 22:54:38 GMT
server
AmazonS3
x-amz-cf-pop
SFO5-C3
age
1826468
etag
W/"7f719ef7842f474e36e669c95955f7b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
HqrWRTyaaDMULLOqu56cEkHaTcJUF1VlddDf0sLsYColwhIicBCwDA==
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		51 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1194406
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.238.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-238-217.sfo5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5453593559ea77d4419f439614ade4421cfe8d6164d2cf14f9a489570f68c7f1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:52:08 GMT
content-encoding
br
via
1.1 f33529eebdae9f360e1e83d3ee6348f6.cloudfront.net (CloudFront)
last-modified
Tue, 22 Nov 2022 15:37:59 GMT
server
AmazonS3
x-amz-cf-pop
SFO5-C3
age
592
etag
W/"d48cb5dff91ed41816ad2b5d578a21cf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
x-amz-cf-id
TinGD2ecoMM0fBLYDSoZc5v_H1wgsLhGnDc82EFmaHsZa9ue6hdoEg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2e01f10ad6da5bea2017c9fd99319c3e104625804474e3f135e8da3e9fb0faf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1401 / 893 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 24 Nov 2022 16:01:57 GMT
base_ads.b6d5845dec51.js
static.spokesman.com/ads/spokesman/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/ads/spokesman/base_ads.b6d5845dec51.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:e000:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e93c85341a48fbccd80f6d316b0d45b3b951169f4390adfb5cf81609f4160d45

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 05:12:23 GMT
content-encoding
gzip
via
1.1 8fd16721c32269f6a38b6515e2acebe8.cloudfront.net (CloudFront)
last-modified
Mon, 24 Oct 2022 22:57:42 GMT
server
AmazonS3
x-amz-cf-pop
SFO5-C3
age
2630975
etag
W/"b6d5845dec51d4391b512b6bb304766d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
T97jCYP9LdUsCzI5Ok3esQTFdG7W7j5OKZYwz-s8Q-ERhToeUOsA9Q==
0-partly-cloudy-day.3148ca6be1dd.png
static.spokesman.com/sv3/img/weather/header-icons/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.spokesman.com/sv3/img/weather/header-icons/0-partly-cloudy-day.3148ca6be1dd.png
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:e000:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
103336c754fde9c2c7fc565bc5385b94409c0d5480cd8564c25f18f6cced5a85

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 06:47:09 GMT
via
1.1 8fd16721c32269f6a38b6515e2acebe8.cloudfront.net (CloudFront)
last-modified
Thu, 27 Oct 2022 22:56:08 GMT
server
AmazonS3
x-amz-cf-pop
SFO5-C3
age
2279689
etag
"3148ca6be1dd30f49fe8c5a64b9f5781"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
12254
x-amz-cf-id
A3R4_KT0yBF3pxpgGMLZK6IEPA6R8itzZZZyq2pZ-SW508C-Sg7vhw==
gtm.js
www.googletagmanager.com/ 		135 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
37b490b8cdbfb4c119d62b2b4e662a6cfc7364a321d604f5010471044169289f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51113
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Nov 2022 16:01:57 GMT
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4890a3c7a6d70985e71fb7178c58b8c3ff183e6edbb3f07a41affe5b897d3ae

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
637c529d0f1fe.hires.jpg
media.spokesman.com/photos/2022/11/21/ 		12 MB
12 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/photos/2022/11/21/637c529d0f1fe.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:d800:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7c15c02826d988a79aa0bb5080f70c3db9943fab1661f7bb4f5eaa62d226b86

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
D3Sud3AfhCfKttMwVDr14HtZcri7JaGd
date
Thu, 24 Nov 2022 15:48:53 GMT
via
1.1 467698b4f3792e6d6dff5f0d69c5a502.cloudfront.net (CloudFront)
last-modified
Tue, 22 Nov 2022 04:49:50 GMT
server
AmazonS3
x-amz-cf-pop
SFO5-C3
age
785
etag
"dce887071b96f47871dc6e16efaac0fe-2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
12542040
x-amz-cf-id
4pqlnejxSWlPqEF7uSYH1STKU41kwlNWyi5cBQ4BeLboDUlv6y_GHQ==
637c5749256d0.hires.jpg
media.spokesman.com/photos/2022/11/21/ 		8 MB
8 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/photos/2022/11/21/637c5749256d0.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:d800:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29181332e86f1ed1d820c9d8efa35aefcb86a47cbfbe3e9955458bfe906ecb2f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
Qzi.VCnCUeIw498AJYbx09306v5nGB.o
date
Thu, 24 Nov 2022 15:45:32 GMT
via
1.1 467698b4f3792e6d6dff5f0d69c5a502.cloudfront.net (CloudFront)
last-modified
Tue, 22 Nov 2022 05:35:10 GMT
server
AmazonS3
x-amz-cf-pop
SFO5-C3
age
987
etag
"0e4458602a9fc561314b622420b21ab4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
8007834
x-amz-cf-id
VoXYUyFFu5Hkapr0-0YpCgIvNROecVa6mujaTqf-_OuhJsGlbuyUqQ==
63758ef10ee96.hires.jpg
media.spokesman.com/photos/2022/11/16/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/photos/2022/11/16/63758ef10ee96.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:d800:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08ab522ec2fa572e6f604eba06e759f56d1fa72facd4fdedbdc68f57aab14a13

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
EwvnGW99l9iLU274kMFxbXR1yl0BcdHE
date
Thu, 24 Nov 2022 16:01:59 GMT
via
1.1 467698b4f3792e6d6dff5f0d69c5a502.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 04:11:39 GMT
server
AmazonS3
x-amz-cf-pop
SFO5-C3
etag
"929d7cd8f9b5ad276b7e893afa8dbbe9"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
5164705
x-amz-cf-id
8ERfvXXE7C5WcFcBcgK289X7tnVX0gvh2FtonAtoW2-yJfp2wXdYqw==
6375c6a8c1af6.hires.jpg
media.spokesman.com/photos/2022/11/16/ 		6 MB
6 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/photos/2022/11/16/6375c6a8c1af6.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:d800:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ce1926dae0f68eb90e197d30dbd5e458d67f6bedd82bbd82d003728e5004f07c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
w4eRZjIcINpbLgbWXZSAhMELV_ueTvSe
date
Thu, 24 Nov 2022 15:48:53 GMT
via
1.1 467698b4f3792e6d6dff5f0d69c5a502.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 05:53:10 GMT
server
AmazonS3
x-amz-cf-pop
SFO5-C3
age
785
etag
"da1beca204338c415e2457e653a396b0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
6042334
x-amz-cf-id
JJndNmVFuLazQ2Kk3JwSkyDd90c1VXdA-62KaY8FluHXcCxihy30ww==
paulsen1970stease.jpg
media.spokesman.com/then_now_images/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.spokesman.com/then_now_images/paulsen1970stease.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:d800:18:730a:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f01417fc967ffe66af41925f6945bfb9b50c9cd70d40d0dbf2597f1475ab8d47

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
BizhEMAzQMU7YX5KRcFf7yvcLMb545bb
date
Thu, 24 Nov 2022 15:48:54 GMT
via
1.1 467698b4f3792e6d6dff5f0d69c5a502.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 08:44:52 GMT
server
AmazonS3
x-amz-cf-pop
SFO5-C3
age
785
etag
"326ff98a51773f573d2294cf170d3575"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
208810
x-amz-cf-id
jY45bYlPvhcbDVlTnTRjB-tbwgJbVQwJ-2S_eYF00Ko24RO6sOQ0Hw==
truncated
/ 		172 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44c448205f15c4f82a4dfe267d5a2efac45224543d44a7c073b167813d449fce

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
MercuryTextG3-Italic-Pro.edfe4723e09e.otf
static.spokesman.com/sv3/fonts/mercury/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/sv3/fonts/mercury/MercuryTextG3-Italic-Pro.edfe4723e09e.otf
Requested by
Host: static.spokesman.com
URL: https://static.spokesman.com/sv3/css/style.min.d9865cc8780e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:e000:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dfc02a8e6f295102871d721f23120a13077e491345a93614fcbb43867de3301

Request headers

Referer
https://static.spokesman.com/sv3/css/style.min.d9865cc8780e.css
Origin
https://www.spokesman.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 11:54:08 GMT
via
1.1 af9d66efe7802df1efbc8106c86a13e6.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-C3
age
2606871
x-cache
Hit from cloudfront
content-length
98936
last-modified
Mon, 24 Oct 2022 22:59:25 GMT
server
AmazonS3
etag
"edfe4723e09ee8d5e8b042a82c5a2ef2"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
binary/octet-stream
access-control-allow-origin
https://www.spokesman.com
cache-control
max-age=31536000,public
access-control-allow-credentials
true
vary
Origin
accept-ranges
bytes
x-amz-cf-id
95bdrH2SKGl5R3TyeWYP6M2WBCWsn19UdpTmTh4p7nKuKCN6jJAtjQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 15:38:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1388
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 24 Nov 2022 17:38:49 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma20153/575681700/20/
Redirect Chain
  • https://js.matheranalytics.com/s/ma20153/575681700/ml.js?cb3=1610
  • https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
148 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
a77ccf47a61b8eb1d83a4101826726c3b2b0e5b34eb9f2601785b4d1e513932c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 06:11:03 GMT
content-encoding
br
via
1.1 google
last-modified
Fri, 05 Aug 2022 08:39:28 GMT
server
nginx
age
35455
etag
"0033e6720ea8d009cad21d1cffea7a41"
vary
Accept-Encoding
x-cache
HIT Fri, 05 Aug 2022 08:56:38 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43903

Redirect headers

date
Thu, 24 Nov 2022 16:01:58 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
6-gc-usw1-10928
js
www.googletagmanager.com/gtag/ 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9cf47d8ab173129de3f583b2ad0f6784add29d6b5e35e0b56aa3353ea4365e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76452
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 24 Nov 2022 16:01:57 GMT
637d6314197d9.hires.jpg
thumb.spokesman.com/FFDdquriP9B8C7Lm_gkOqCiF98Q=/1170x658/smart/media.spokesman.com/photos/2022/11/23/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/FFDdquriP9B8C7Lm_gkOqCiF98Q=/1170x658/smart/media.spokesman.com/photos/2022/11/23/637d6314197d9.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c4:3e00:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Thumbor/6.7.5 /
Resource Hash
619e622fb73038ce7a8f80e21e51c445deea96703ea2c40fc4d44e417892978c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 11:33:44 GMT
via
1.1 7b5e90ec4988c1c340392b828c6f9f4a.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
SFO5-C1
age
16093
etag
"019affbe1966c11ae4005ccd9d2a36960fd7fee1"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
82218
x-amz-cf-id
6lSeDoQ100SHCSos3mpo_cOW95GUvon6oN49MWDZUr1kNx-7sPDvGg==
expires
Sun, 19 Nov 2023 11:33:44 GMT
63740a211fa1e.hires.jpg
thumb.spokesman.com/9GJ3cC05THuTJEI_FN_DAo3gFSI=/530x298/smart/media.spokesman.com/photos/2022/11/23/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/9GJ3cC05THuTJEI_FN_DAo3gFSI=/530x298/smart/media.spokesman.com/photos/2022/11/23/63740a211fa1e.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c4:3e00:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Thumbor/6.7.5 /
Resource Hash
7b4c3c6605046f3ef2eaedabeee487ef3687ba7b2df1be308883ab8a3e076fe3

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 12:04:11 GMT
via
1.1 7b5e90ec4988c1c340392b828c6f9f4a.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
SFO5-C1
age
14266
etag
"29946bcfb6fea56f7b9b6fab28a04c6b47cc3862"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
31990
x-amz-cf-id
m8SIrFgzgkE80oedSL4oVl3ORf6A5QP_DUKO5buTmbPuv10aEAmO6w==
expires
Sun, 19 Nov 2023 12:04:11 GMT
637d586c924e4.hires.jpg
thumb.spokesman.com/8YTdGGM3Ok3DPuVhSeZFdZNQT0E=/530x298/smart/media.spokesman.com/photos/2022/11/23/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/8YTdGGM3Ok3DPuVhSeZFdZNQT0E=/530x298/smart/media.spokesman.com/photos/2022/11/23/637d586c924e4.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c4:3e00:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Thumbor/6.7.5 /
Resource Hash
7ec7b3beddeb2a5ecaeafd3d25d935daa4175db55d181ee8abe6aded23e3e2ad

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 10:35:19 GMT
via
1.1 7b5e90ec4988c1c340392b828c6f9f4a.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
SFO5-C1
age
19598
etag
"84485947c64e1e765cccbefbf90cd7904571e974"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
23768
x-amz-cf-id
QKDrWXdFQfvHJ-nt_zbLtG_5s3gbNUZn9tX3-zLpzWnDg2LBR6r3yQ==
expires
Sun, 19 Nov 2023 10:35:19 GMT
62bbc0ab55fa3.hires.jpg
thumb.spokesman.com/W-nbjbp5S9FkUWrrzedQguHb_34=/530x298/smart/media.spokesman.com/photos/2022/11/23/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thumb.spokesman.com/W-nbjbp5S9FkUWrrzedQguHb_34=/530x298/smart/media.spokesman.com/photos/2022/11/23/62bbc0ab55fa3.hires.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c4:3e00:2:4597:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Thumbor/6.7.5 /
Resource Hash
ba5e7913cc534338268a299176fffdbdc4ac420076c7f8ad8aae62254add382a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 13:00:23 GMT
via
1.1 7b5e90ec4988c1c340392b828c6f9f4a.cloudfront.net (CloudFront)
server
Thumbor/6.7.5
x-amz-cf-pop
SFO5-C1
age
10894
etag
"642e2d6d23b68db5df85665c82dfe786e19c4406"
vary
Accept
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
max-age=31104000,public
content-length
17796
x-amz-cf-id
qXDM6oeHaYh69SI7asUznaFeKm3KiU1eZMy0iR4e8RAFWQ7b_cFwrA==
expires
Sun, 19 Nov 2023 13:00:23 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-230256-14&cid=1931252641.1669305718&jid=2046534121&gjid=1663307366&_gid=678781254.1669305718&_u=YGBAiEABBAAAAEACI~&z=413150213
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c01::9a Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 24 Nov 2022 16:01:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spokesman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=692717796&t=pageview&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAACI~&jid=2046534121&gjid=1663307366&cid=1931252641.1669305718&tid=UA-230256-14&_gid=678781254.1669305718&gtm=2wgb905P9SH6&cd7=Homepage&cd9=homepage&z=1899867973
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 13:43:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8283
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 07:30:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 24 Nov 2023 07:30:47 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		95 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.spokesman.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e15f20e9ef9afb2d807e387e719bf1e183ac72a1ff378d2b28f79cc33efd9ae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
expires
Thu, 24 Nov 2022 16:01:57 GMT
noncritical.min.21be32a1957d.js
static.spokesman.com/sv3/js/ 		1 MB
376 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/sv3/js/noncritical.min.21be32a1957d.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:e000:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5a2aee262821f014d61d9949b24dd6e194a702ae23c9e3661824e512e550ec09

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 04 Sep 2022 02:35:34 GMT
content-encoding
gzip
via
1.1 8fd16721c32269f6a38b6515e2acebe8.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 21:30:44 GMT
server
AmazonS3
x-amz-cf-pop
SFO5-C3
age
7046784
etag
W/"21be32a1957dfe9740992b69551e2dbc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000,public
x-amz-cf-id
IkM3flm_fc6wupZZt9k4IjhmCyts1ciqBFg3iFFsOLPWxf9wxo-Hog==
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-G3BY0LGVDL&gtm=2oeb90&_p=692717796&cid=1931252641.1669305718&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sid=1669305717&sct=1&seg=0&dl=https%3A%2F%2Fwww.spokesman.com%2F&en=page_view&_fv=1&_ss=1&ep.content_type=homepage
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 16:01:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spokesman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
homepage.ba1889af7be1.json
static.spokesman.com/ads/spokesman/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.spokesman.com/ads/spokesman/homepage.ba1889af7be1.json
Requested by
Host: static.spokesman.com
URL: https://static.spokesman.com/ads/spokesman/base_ads.b6d5845dec51.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a6:e000:1e:dc88:cb00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79fc30a3a4b255c915bba01c0691a5653ec71151821aedb5147898821927e362

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 16:03:04 GMT
content-encoding
gzip
via
1.1 af9d66efe7802df1efbc8106c86a13e6.cloudfront.net (CloudFront)
x-amz-cf-pop
SFO5-C3
age
86335
x-cache
Hit from cloudfront
last-modified
Tue, 22 Nov 2022 01:54:23 GMT
server
AmazonS3
etag
W/"ba1889af7be1a2a7e8f93d1af49b39ef"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
https://www.spokesman.com
cache-control
max-age=31536000,public
access-control-allow-credentials
true
vary
Accept-Encoding,Origin
x-amz-cf-id
mCXAUBjJ1evXPYy_z6nGYz9wJIOw9p-FQU-fowFhfeOa9xa2k4CtGg==
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-230256-14&cid=1931252641.1669305718&jid=2046534121&_u=YGBAiEABBAAAAEACI~&z=2126918154
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 16:01:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-230256-14&cid=1931252641.1669305718&jid=2046534121&_u=YGBAiEABBAAAAEACI~&z=2126918154
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 16:01:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&hier=Homepage&ptype=homepage&pubname=The%20Spokesman-Review&sec=Homepage&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=3b8cf8cd-c654-4410-b140-da888932b31f&pid=4b77d5dc-253d-4b85-a580-0760e5a8f292&dtm=1669305718130&qnm=_matherq&visible=1&tabid=430200bc-150a-4760-8c78-e4c23052f1f3&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x10486&tofa=1669305718&vid=1&lvidt=1669305718&duid=3e68d01b-eda8-4f64-9f84-63a6728e2fd9&fp=2157192617&cid=ma20153&mrk=575681700&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY2OTMwNTcxNTIwMiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxMG1iIiwiaGVhcFQiOiIxMC42bWIiLCJmc3RQYWludCI6IjI1MzQiLCJmZXRjaFMiOiIxNTYwIiwiZG9tYWluUyI6IjE1NjAiLCJkb21haW5FIjoiMTU3NCIsImNvbm5TIjoiMTU3NCIsImNvbm5FIjoiMTc5NiIsInNzbFMiOiIxNjgyIiwicmVxdVMiOiIxNzk2IiwicmVzcFMiOiIxOTYwIiwicmVzcEUiOiIyMDc4IiwiZG9tTG9hZCI6IjE5NjIiLCJkb21JbnRlciI6IjI1OTUiLCJkb21Mb2FkUyI6IjI3MTEiLCJkb21Mb2FkRSI6IjI3MTIifSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiIxOTMxMjUyNjQxIiwicmVmVGltZSI6IjE2NjkzMDU3MTgxMzAifV19
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.65.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-65-178.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Thu, 24 Nov 2022 16:01:58 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
beacons
p.flipp.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1194406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.42.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-42-107.nrt12.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 24 Nov 2022 16:01:58 GMT
via
1.1 4e3f72e2c4eb3d47552bc8e75079d6de.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C5
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.spokesman.com
access-control-allow-credentials
true
x-amz-cf-id
7fIyN902yaGH4FYdxlDmI6cmQUl-MGwrf9-uf5hOd17uhOtDlt3PNw==
loader.min.js
loader-cdn.azureedge.net/prod/spokesman/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Requested by
Host: static.spokesman.com
URL: https://static.spokesman.com/sv3/js/noncritical.min.21be32a1957d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/89CE) /
Resource Hash
15674734cdaa54a37e99e7854a30f3da7465e70073105be99f3f7e38fbc6109d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 24 Nov 2022 16:01:58 GMT
content-encoding
gzip
content-md5
DusdRQ/QGIwtaEXi1VARqw==
age
43092
x-cache
HIT
content-length
12036
x-ms-lease-status
unlocked
last-modified
Tue, 08 Nov 2022 08:25:07 GMT
server
ECAcc (tka/89CE)
etag
0x8DAC162BE6B6FDD
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
193950ea-801e-002f-67b9-fffa75000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
integrator.js
adservice.google.co.jp/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=www.spokesman.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.spokesman.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		158 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=634402122736493&correlator=4199233875568905&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=1009641%2CSpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100%2CSpokesmanDesktop_Homepage_Anchor_729x90%2CSpokesman_homepage_top_300x250%2CSpokesmanDesktop_Homepage_Dashboard_300x250%2CSpokesman_homepage_728x90%2CSpokesmanDesktop_homepage_1_728x90%2CSpokesmanDesktop_homepage_2_728x90%2CSpokesmanDesktop_homepage_3_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=1280x100%2C728x90%2C300x600%7C300x250%2C300x250%2C728x90%2C728x90%2C728x90%2C728x90&ifi=1&adks=2404035854%2C1337061979%2C3725654123%2C811898262%2C883754903%2C3635373852%2C2447737946%2C2531107668&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669305718345&lmt=1669305718&dlt=1669305717164&idt=816&adxs=160%2C436%2C1220%2C1146%2C436%2C244%2C244%2C244&adys=223%2C1110%2C356%2C1794%2C8377%2C4618%2C5950%2C6649&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.spokesman.com%2F&frm=20&vis=1&psz=1600x101%7C1600x-1%7C300x0%7C300x0%7C1600x0%7C1088x0%7C1088x0%7C1088x0&msz=1600x101%7C1600x-1%7C300x0%7C300x0%7C1600x0%7C1088x0%7C1088x0%7C1088x0&fws=4%2C516%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1931252641.1669305718&ga_sid=1669305718&ga_hid=692717796&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecb2a4cde8ae10c8b02f7526d84881bfdbbbf8c2c0a604199ae59aa62a006a20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35498
x-xss-protection
0
google-lineitem-id
4994623904,-2,5239133665,-1,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138346926686,-2,138378999441,-1,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.spokesman.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
71299baf5b06666fed3f90bb30cb802a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C1B7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://71299baf5b06666fed3f90bb30cb802a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 16:01:58 GMT
expires
Fri, 24 Nov 2023 16:01:58 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
polyfill.min.js
polyfill.io/v3/ 		101 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://www.spokesman.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 16:01:58 GMT
age
5024966
detected-user-agent
Chrome Mobile/107.0.0
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=5
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Mon, 26 Sep 2022 19:15:30 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
normalized-user-agent
chrome/107.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
loader-config.json
cdn.wgchrrammzv.com/prod/spokesman/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.wgchrrammzv.com/prod/spokesman/loader-config.json
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/8930) /
Resource Hash
428b19348f218a44e36bd16a007cc9a5b16598f3575812a81a715a6c04ff1112

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 24 Nov 2022 16:01:58 GMT
content-encoding
gzip
content-md5
lk8uT/FaJ5kjp9h7g1oAvw==
age
43090
x-cache
HIT
content-length
1280
x-ms-lease-status
unlocked
last-modified
Tue, 08 Nov 2022 08:28:41 GMT
server
ECAcc (tka/8930)
etag
0x8DAC1633E4B50FD
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ee32a589-501e-0061-0db9-ffd4fd000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:147:120f:30c:1ba0:fc6:265a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/8932) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 24 Nov 2022 16:01:59 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
793
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (tka/8932)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6880e8f3-001e-005a-431c-00f5ad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Thu, 24 Nov 2022 16:31:59 GMT
fp.min.js
cdn.mircheigeshoa.com/prod/spokesman/ 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mircheigeshoa.com/prod/spokesman/fp.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/89D0) /
Resource Hash
1c357277498ee507bd84708a5dfef24f58c93d01e06e51fc99e81eea1cf19c6b

Request headers

Referer
Origin
https://www.spokesman.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 24 Nov 2022 16:01:59 GMT
content-encoding
gzip
content-md5
y4PrPvTkeTwvNEbb1JXY5A==
age
32436
x-cache
HIT
content-length
23424
x-ms-lease-status
unlocked
last-modified
Tue, 08 Nov 2022 08:23:01 GMT
server
ECAcc (tka/89D0)
etag
0x8DAC16273BA0985
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
988e7fb5-d01e-001d-12d2-fffa02000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
cdn.godiciardstia.com/prod/spokesman/ 		219 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.godiciardstia.com/prod/spokesman/g2i.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/8955) /
Resource Hash
465aa2d51df873ac13ca220c835e7d985c650ecff5c1f620dd99a84ecba262ec

Request headers

Referer
Origin
https://www.spokesman.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 24 Nov 2022 16:01:59 GMT
content-encoding
gzip
content-md5
XING99N5uWIeYk4No1XwxA==
age
10721
x-cache
HIT
content-length
48956
x-ms-lease-status
unlocked
last-modified
Tue, 08 Nov 2022 08:25:17 GMT
server
ECAcc (tka/8955)
etag
0x8DAC162C44E71E9
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7cdeb74d-801e-00a9-4f05-0036cc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.pranmcpkx.com/prod/spokesman/ 		853 KB
198 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/89D0) /
Resource Hash
af5562cfd1a2957b4ed169df51b9455e90c0695bb93ee3ea6919c3dedf5f1d4e

Request headers

Referer
Origin
https://www.spokesman.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 24 Nov 2022 16:01:59 GMT
content-encoding
gzip
content-md5
z5cWMBqTUc4D+GTwQH466Q==
age
1914
x-cache
HIT
content-length
202061
x-ms-lease-status
unlocked
last-modified
Wed, 09 Nov 2022 11:25:22 GMT
server
ECAcc (tka/89D0)
etag
0x8DAC24516FB35F7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a49c36c7-f01e-0057-3b19-00598d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
t8y9347t.min.css
cdn.pranmcpkx.com/prod/spokesman/ 		348 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.css
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/8957) /
Resource Hash
c1577ba94752b8302f8a5518b1ccd8b21507a7da67cd613dc990e8fd10f8ab5e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 24 Nov 2022 16:01:59 GMT
content-encoding
gzip
content-md5
HBagnSR9fGL2/9/2zSnVqw==
age
23328
x-cache
HIT
content-length
35356
x-ms-lease-status
unlocked
last-modified
Tue, 08 Nov 2022 09:20:56 GMT
server
ECAcc (tka/8957)
etag
0x8DAC16A8A813381
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1a0c95d4-801e-002f-5ae7-fffa75000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
view
securepubads.g.doubleclick.net/pcs/ Frame 6268 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvB0b3VGbTWS570bTR7QEBP23G1Y1BkbxCvuIFDOqcGmprlAFDVumD4KG-eAfJrIpNPBBx77MS76z_1f4hi5LAbz0VHu9IDV_VAjvcNhtgGE9MKSk6i2360qlu5cLKu4EwY4D01lHcbUSRnztlX85U6QkumpKfoba3sr5AwwtFuFZxEaz12wc5jKYWA5fA1tRzdozx_uam18R47utjVe3BaOdoySA1EJy3ES33JImV03uLKtzuT_EQlIlIdP7kGchQt7txEEz2jpoemKUydbTlULsXKGKGRFIZ6oxLxcQmrPZT1F9PKxd3Qex1Rv-WicXbbHPyw5XsBTgRLtUfCWG7-DdWr8PvZfO60NO4igUqeMwE4r5BHw&sai=AMfl-YS91ozifw6B4ArCAVGazwG40KBKKsn9sd1LRwEeax0ot98A71IrFQxcCZer5p2SHfgjCMf8mibza06Jh81V1k648B-URBLUVezTs-lkRUwmuoiwR-O0LQer0wL5NwQy-j-tUsVAkwkP8WRHfeeH_Q&sig=Cg0ArKJSzK4Ckri7jFMMEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 16:01:59 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 6268 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 12:38:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
12218
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Dec 2022 12:38:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6268 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 12:38:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
12217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Dec 2022 12:38:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6268 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 16:01:59 GMT
10798137461613137031
tpc.googlesyndication.com/simgad/ Frame 6268 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10798137461613137031
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92aae892248a7997424fb418031fcb8eefa9cbe7bb00e9e96b6148450d7744b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:59 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45279
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 16:47:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 24 Nov 2023 16:01:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A67C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzIQpdNYIHyG2F6MskcQq3MYeIEqJdt-jXKyak6xWfNibNEIcewsYT0-Ck0qQ7qZ2nKMb5BkZbBs3SWJ2Df9tvV9jrjYUvXnukkG3zQy8O5bszuKVQBgqVrJE6AGRB82K0UxbGPHK-GR1MrJEfUie5LqCCqKKDQBgKwCRkCukjoqJF2UwKifr0N11nWhZOwmqodITHt10-sKxficXxQzwrVRwOM99i2VaUMLvQGUrVeQ2t4c76Lgi7mn-7j9T7M0jIZW-fX3vK5BjojtYeZIJKSyGqCTK80Z4vn9ziL3XzWJ4srtkAphHeQBfgaKA7_1c0XJEUTsrG22E_Zz6OL_Yt2Q&sai=AMfl-YQvMRgzXC1Pn2uCwTyAApA8TTVAaPDN5pyzPNDxTvsRm5vMhVutCAxd3DG98HbmVGo9ccQVq5C59CUHlpF7z5-fpaKxCHo_ay1LA27bcp1_MwWM_g2flcpxo1w6eC39Rs_uuKGkIEkwGiIh31BKdg&sig=Cg0ArKJSzB2J8dLQV_kJEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 16:01:59 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame A67C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 12:38:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
12218
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Dec 2022 12:38:21 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame A67C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 12:38:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
12217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Dec 2022 12:38:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A67C 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 16:01:59 GMT
6523296504736135071
tpc.googlesyndication.com/simgad/ Frame A67C 		207 KB
207 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6523296504736135071
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b45ebfb3a5396b07835e54789a90eb661a594524d6c0848af83e003ffa32b410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:59 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
211702
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 16:43:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 24 Nov 2023 16:01:59 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 4450 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 21 Nov 2022 18:08:54 GMT
age
251585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 Nov 2023 18:08:54 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4450 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 19:09:39 GMT
age
161540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 19:09:39 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4450 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 21 Nov 2022 18:08:54 GMT
age
251585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 Nov 2023 18:08:54 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4450 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 21 Nov 2022 18:08:54 GMT
age
251585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 Nov 2023 18:08:54 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 4450 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 21 Nov 2022 18:08:54 GMT
age
251585
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 Nov 2023 18:08:54 GMT
css
fonts.googleapis.com/ Frame 4450 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 24 Nov 2022 16:01:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 14:35:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 24 Nov 2022 16:01:59 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4450 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 22:04:41 GMT
x-content-type-options
nosniff
server
cafe
age
64638
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Thu, 24 Nov 2022 22:04:41 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 4450 		344 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 11:25:25 GMT
x-content-type-options
nosniff
server
cafe
age
16594
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Fri, 25 Nov 2022 11:25:25 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4450 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVVgIdpV_Y97-GYTD2gS9nqOACqPWy5Ftu-zr2dcQ0ujQsc02EAEgw6D8AWCJ88WE9BOgAf_uxrQoyAEJqQIYm6Z63MyCPuACAKgDAcgDCqoE1AJP0HqvbRknmq7WtbmknNsIZRQHGkcHd5nbBZagrTV1FjOpoOsORWF7a3iFeEgttIrlKK3TiAytfyfhvlIZBLpKHppmPAMf7OrwVEIt5juKqPe2cRD46qzMKo6Xp93ql0887nRRqCFsvA2qHrgHaoO_spFcYsVlsezd3Hxuevah6bPRt-QVKkxzyfEoEh41j7OkPtoJM7w9t7ZRXwXOJyxZ7qOi4kIK55oR_HCqMBlrY8Y5ZIUphImjS9dS5b5vlHLDwLD5T_YXPEy0RnbuQTMFSNVAjQeje9uhomxcptsTI6xYGXn3acuq1T4ju_lO2ZXM2xxAihH7JM9I6GdGTEZIz5VuGh_A9JqUU3xdQLlSqHSODOnND7h62PGWO5rvsPuGkBbPwNNUJB7mNNtvgSeR4X8gSV8aThe91Mg1i3mhqkVhMndZn1eIAgu2KSFemNEV_GSewASMy-v9swTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH_6aXlAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD-6APSCA8IgGEQARgdMgKKAjoCgECACgHICwG4E-QD2BMN0BUBgBcBshceChwIABIUcHViLTk3Nzk2NTIxMjIwMTQ3MjgYuYoG&sigh=vO83PCyOXwo&uach_m=[UACH]&cid=CAQSSwDq26N9ubE7UN1c7xSjBp8w5TfICY_JTVc6zSovs6ZEDOvuzW34fkvpwopQRNZRFY1-A9qY91yYKAzJZl4eYWU5L1HiKO-IxvCWMRgBIBM&template_id=484
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDk5NDYyMzkwNCIsImVidXkiOiIzODU2NTMwMTEiLCJlYWR2IjoiNDQzMDUzMjExIiwiZWNpZCI6IjEzODM0NjkyNjY4NiIsImVlbnYiOiJqIiwiZXBpZCI6Ii8xMDA5NjQxL1Nwb2tlc21hbkRlc2t0b3BfU3VwZXJMZWFkZXJCb2FyZF9Ib21lUGFnZV8xMjgweDEwMCIsImVzaWQiOm51bGwsInNpemUiOiIxMjgweDEwMCIsInJlbmRlcmVkIjoiMSJ9&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=54568f79-c0a5-4115-b50f-d02799fdc009&pid=4b77d5dc-253d-4b85-a580-0760e5a8f292&dtm=1669305719008&qnm=_matherq&visible=1&tabid=430200bc-150a-4760-8c78-e4c23052f1f3&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x10602&tofa=1669305718&vid=1&lvidt=1669305718&duid=3e68d01b-eda8-4f64-9f84-63a6728e2fd9&fp=2157192617&cid=ma20153&mrk=575681700
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.65.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-65-178.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Thu, 24 Nov 2022 16:01:59 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
2076313506083323656
tpc.googlesyndication.com/simgad/4527883168660289233/ Frame 4450 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4527883168660289233/2076313506083323656
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f333e57236bfdfa050867788c817568f36860fbffbacc2394b98db56d3c9ed58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.spokesman.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 23:26:27 GMT
x-content-type-options
nosniff
age
146132
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37793
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 12:16:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 22 Nov 2023 23:26:27 GMT
truncated
/ Frame 4450 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f2b46d7bc104aa6ea98d1cd019cd2da749eac91fa0acf55ff3eaa398dbdec38

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4450 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
679940bbf117e6bc24434d99f0b381098067028ce38d874c7bcbad861bc5736b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6268 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
703f448d9d4cfc508719b4358dae9b37f9230ae8538cb86c8143d754ac81d783

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A67C 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ac32a6b0987efd35d4229428c230a223088352c28e0d934b9b5ae61dc8a3c5e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4450 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.spokesman.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:47:18 GMT
x-content-type-options
nosniff
age
508481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 Nov 2023 18:47:18 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4450 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.spokesman.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 10:38:38 GMT
x-content-type-options
nosniff
age
192201
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 10:38:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6268 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAiniNMdM-orK1ZKdXQSHJ6Wo0RXGH0XYn2xZwBJJlR9TLQNQhKHGER6GuYav18Z0uDySLcqpgR3zFIlcWktTFqgu3OvhuKBEmFPZZqsSTXCds_gram3KNr_2VeNxNsg-RnC0__GSJMqM9UpfC8g7LZ5gFbl38KZMoT1LU6JoDYY0IDSey4CNjIDaEOTNxIgt1jxvSVDrb2utI9Z6RWYiNGkHOwR7sB-bWHMzQ8lIm3GLvU__UvddXtPDe0hLtEikYGzZXPvzUSEcrnH4rDi3Ptu0Fe0UsHvQhBNzt95yoEhRtelKojHo1LGpX-r0M0chCxByXYHY-KnE5_2wcSNM1LyNU9HR96iL5k_kZKNQV6zwuptV4bva2&sai=AMfl-YQEZVH0HAKn1vzc5U-5xMgstq7vhelLGMYMNdCxnCC1ZvjfvkHO-DWew04W_War4VK-xA-0N2mrVAqjN0C4F1ZVd3OPKlVHoIJ5unXoTKgp3pvjGnIt8l8sDTd5E_bZcPqz5IjQT0a8KCVg2qUjVA&sig=Cg0ArKJSzBlewpeyWY_dEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 16:01:59 GMT
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 		87 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1669305719228
Requested by
Host: cdn.mircheigeshoa.com
URL: https://cdn.mircheigeshoa.com/prod/spokesman/fp.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13d01d56a98fe70e255a5d5f1453d030ad412167c6cfccbf1a20e67859327fe5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:59 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 24 Nov 2022 16:01:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juhyNCXCRb%2Fvs43HMtSwaQUCKKxOyFYQyUgiMU0FYS5o0VabrXkoCanfWSmizqQZoGxJnu2bzkQUtn6Yf0KLeyntiFsGju4LV%2BjmUKq%2BgzkayFacDNyhGjoUxxuhY5xn%2BBfm"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
76f35dc96f098a78-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTIzOTEzMzY2NSIsImVidXkiOiIyMzEzNzk1NzgxIiwiZWFkdiI6IjQ1NzEwODI5NDAiLCJlY2lkIjoiMTM4Mzc4OTk5NDQxIiwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvU3Bva2VzbWFuX2hvbWVwYWdlX3RvcF8zMDB4MjUwIiwiZXNpZCI6bnVsbCwic2l6ZSI6IjMwMHg2MDAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=c074c23d-852a-40c5-bf1e-7bb058dbdba9&pid=4b77d5dc-253d-4b85-a580-0760e5a8f292&dtm=1669305719010&qnm=_matherq&visible=1&tabid=430200bc-150a-4760-8c78-e4c23052f1f3&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x10602&tofa=1669305718&vid=1&lvidt=1669305718&duid=3e68d01b-eda8-4f64-9f84-63a6728e2fd9&fp=2157192617&cid=ma20153&mrk=575681700
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.65.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-65-178.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Thu, 24 Nov 2022 16:01:59 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame A67C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupfUs9TTM-GCvEKld9WJwAutwiqiGVzijupZrmY4LqXhlFrYlOFV5-E030WH9d1TbjToH2Cx8qyIKf8soC4fDbea4YRZtFqQGQ3X9hrqKJqyR5V2pFXo3z1FfOkl8LkBNS6WWQjxld4dhHc0RbfxhKYlKyL9aUKYwE-E3DKgJSYZztTZnKVHz4Q4XgBTa_-w3U4ATZCcwvMvHEfFHzin-F_Z2r7tcWqI_s-p4-AAxm6POnGQW-DopJCMB2x56lZwgDK8M1Ryo53X8f6pGb7TvtdkEi5sI0ypt3PYVYXQ192X25548TfxUpiKmfssCfhSaECib3QtJ1qDBqADK6V-C4_p-6&sai=AMfl-YRN5MM5f0gZ73qpJlbqcOYUqMHMlTi7ewAEsT11P5AWHMFX2Uq8JMja-zA-zzBz32XLbr8kBLwidZKP4SOKqmZUH9EeTXJ9bfh85__pPXVDR8juNa0_6uD9mwUIdizRljEOXCuSKblW2g_jDB0Sig&sig=Cg0ArKJSzKZgyom5IBYTEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 24 Nov 2022 16:01:59 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMCIsImVhZHYiOiIwIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvU3Bva2VzbWFuRGVza3RvcF9Ib21lcGFnZV9EYXNoYm9hcmRfMzAweDI1MCIsImVzaWQiOm51bGwsInNpemUiOiIzMDB4MjUwIiwicmVuZGVyZWQiOiIxIn0&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=f77da77f-cdea-4dbc-8a7e-423b64dd0129&pid=4b77d5dc-253d-4b85-a580-0760e5a8f292&dtm=1669305719011&qnm=_matherq&visible=1&tabid=430200bc-150a-4760-8c78-e4c23052f1f3&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x10602&tofa=1669305718&vid=1&lvidt=1669305718&duid=3e68d01b-eda8-4f64-9f84-63a6728e2fd9&fp=2157192617&cid=ma20153&mrk=575681700
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.65.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-65-178.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Thu, 24 Nov 2022 16:01:59 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
gtm.js
www.googletagmanager.com/ 		157 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQTQTTW&l=MG2DL
Requested by
Host: cdn.godiciardstia.com
URL: https://cdn.godiciardstia.com/prod/spokesman/g2i.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:80c::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
075d911e83bf68aa381d87049a6cc19b8e3d6e3a22a8d5f24e67553b724dda98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:01:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54000
x-xss-protection
0
last-modified
Thu, 24 Nov 2022 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 24 Nov 2022 16:01:59 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:147:120f:30c:1ba0:fc6:265a , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/8932) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 24 Nov 2022 16:01:59 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
793
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (tka/8932)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6880e8f3-001e-005a-431c-00f5ad000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Thu, 24 Nov 2022 16:31:59 GMT
index.js
cdn.czx5eyk0exbhwp43ya.biz/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/index.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/891C) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 24 Nov 2022 16:01:59 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
101809
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (tka/891C)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
6b3e4970-001e-0098-2b31-ffd7df000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
SR__SPOKESMAN.json
cdn.pranmcpkx.com/prod/data/spokesman/ 		1 MB
1 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/data/spokesman/SR__SPOKESMAN.json?_=1669305719727
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
684fd3160245b5299f62d223bfae2f2261b57d2d2f55f50a6d2aef0a7e45d118

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Thu, 24 Nov 2022 16:01:59 GMT
last-modified
Mon, 21 Nov 2022 21:30:28 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count
1
etag
0x8DACC079C8534B6
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
b000dd08-201e-0044-3b1e-007d81000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
content-length
1457541
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.70.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 16:02:01 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
EQ4BP1KWBF661787
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
PBk6UAIOL8gdiwfSRgd7AQhc8w00B2Dl/DR21+pHnf0sa4cOtb9XZZfdk1omjy0uu9lNhfKrMAY=
x-amz-meta-s3b-last-modified
20191015T134358Z
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=692717796&t=pageview&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEABBAAAAGACI~&jid=693062111&gjid=1603669906&cid=1931252641.1669305718&tid=UA-230256-42&_gid=678781254.1669305718&_r=1&gtm=2wgb90WQTQTTW&cd1=1669305719803.d8970axg&cd2=Not%20Set&cd5=Not%20Set&cd6=Not%20Set&cd7=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd3=Not%20Set&cd4=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=homepage&cd17=Not%20Set&cd18=Default&z=1791499536
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 16:01:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spokesman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQTQTTW&l=MG2DL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 24 Nov 2022 15:38:49 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1390
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 24 Nov 2022 17:38:49 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=692717796&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MetaTagsCollected&el=Not%20Set&_u=aGDACEABBAAAAGACI~&jid=&gjid=&cid=1931252641.1669305718&tid=UA-230256-42&_gid=678781254.1669305718&gtm=2wgb90WQTQTTW&cd1=1669305719811.q3zbm67b&cd2=8a14e1406520b8b06a9b1478b5447619&cd5=Not%20Set&cd6=Not%20Set&cd7=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd3=Not%20Set&cd4=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=homepage&cd17=Not%20Set&cd18=Default&z=1907136997
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 13:43:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8285
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-230256-42&cid=1931252641.1669305718&jid=693062111&gjid=1603669906&_gid=678781254.1669305718&_u=aGDACEABBAAAAGACI~&z=342266821
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4008:c01::9a Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 24 Nov 2022 16:01:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.spokesman.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ff4d01f14c9d00c600952b773c9bda7568bf964dc367f7f360f6c31c9b70846
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:02:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11246
x-xss-protection
0
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.165.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-165-82.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Tue, 06 Sep 2022 17:54:43 GMT
Via
1.1 cba2cf43b0607878c205b07218216cfc.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
NRT12-C4
Age
6818838
ETag
"d89453438fbf10dcf4c13265c40d5160"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=26920000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4255
X-Amz-Cf-Id
ySME1mIx4jGADxYbIgMVVtvKywZu0fJLLkGflZYnIAYRgVg0D72KTg==
aam.js
aamcftag.aamsitecertifier.com/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aamcftag.aamsitecertifier.com/aam.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2066:1a00:14:c3e7:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ef65f1d4b3ddf07c3960a578d532f8aecd6b9d551631b2611596fb652480a9b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 23:31:29 GMT
content-encoding
gzip
via
1.1 cc98e564ef92b44464a2b674b080c286.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 12:12:37 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C5
age
59987
etag
"866e5e2d2bbc029b03dd3a94440e09f2"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
27410
x-amz-cf-id
IB003lr6wZGSVGjIj9VyfbvFiyrHYRXpkUmvd1e-g1kFL4H91-fNSw==
x-amz-meta-s3b-last-modified
20221117T120833Z
load_tags.js
pymx5.com/scripts/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/load_tags.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:49:20 GMT
age
760
x-guploader-uploadid
ADPycdtIc0G5yAeaej784EjJ7ad38hoWQZtqCkdC8T1VcyfIuQDqJIDpYZmIYL2ulYVXWbmkR-5hDF88wMEdtfgjhwzDCg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8946
last-modified
Fri, 15 Jul 2022 06:19:11 GMT
server
UploadServer
etag
"f6b06694767e707999eecbe9538b403a"
x-goog-generation
1657865951655064
x-goog-hash
crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public,max-age=3600
x-goog-stored-content-length
8946
accept-ranges
bytes
content-type
application/javascript
tr
www.facebook.com/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=260139058256176&ev=PageView
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 24 Nov 2022 16:02:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=692717796&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=10%25&_u=aGDAiEABBAAAAGACI~&jid=&gjid=&cid=1931252641.1669305718&tid=UA-230256-14&_gid=678781254.1669305718&gtm=2wgb905P9SH6&cd7=Homepage&cd9=homepage&z=534090276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 13:43:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8286
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
load_optional_tags
api.pymx5.com/v1/sites/ 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pymx5.com/v1/sites/load_optional_tags
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.74.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
203.74.96.34.bc.googleusercontent.com
Software
nginx/1.13.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:02:00 GMT
via
1.1 google
server
nginx/1.13.7
allow
GET, HEAD, OPTIONS
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.70.73.107 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.spokesman.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Thu, 24 Nov 2022 16:01:59 GMT
x-content-type-options
nosniff
track
dc.services.visualstudio.com/v2/ 		223 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.70.73.107 Sydney, Australia, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
099dab513d8ed4fe5dd80830bd52cbbc4c66a14eb7c96c620f0f64a6ba771f62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
5004BFEB-643E-42F3-A49F-25B935398E2D
strict-transport-security
max-age=31536000
date
Thu, 24 Nov 2022 16:01:59 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
223
atrk.gif
certify.alexametrics.com/ 		0
0
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:bc:1202:9644:6957:60fd:1e5f Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:02:00 GMT
server
Server
init-1003q1exso0bwjopt7yf.js
api.aamapiv2.com/api/ 		484 B
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.aamapiv2.com/api/init-1003q1exso0bwjopt7yf.js
Requested by
Host: aamcftag.aamsitecertifier.com
URL: https://aamcftag.aamsitecertifier.com/aam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:2beb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de7f42db70feb901fa90db51fb287e8da8b3ff18e51aed0ed6dd16cc593a7207

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 16:02:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xVvpwT2O3eyU40jhV8TqTWLTdZ%2FNbmZA158fYkaBmD3DfHfDBqGqT4RGQvTOY%2FxNst4Ipn2QEZkYLTczh%2FGmfX5QRsz2EM8IJJD5Q5juV8zDtDym5LDUdOcG%2Fe27AxHn%2B4bF9s0XBcURB5k6z7b"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
76f35dd068c1afac-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
i
aamcf.aamsitecertifier.com/ 		43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aamcf.aamsitecertifier.com/i?stm=1669305720381&e=pv&url=https%3A%2F%2Fwww.spokesman.com%2F&page=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=210&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=5a84f8f5-15e6-4851-9403-618d53067bc6&dtm=1669305720379&vp=1600x1200&ds=4000x10788&vid=1&sid=6bde3f65-c987-4d89-84c8-87dbe47d3e6b&duid=e19ac29c-bef9-4de6-84e7-3c6c1f9ea647&fp=3700358444&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7Il9nYSI6IkdBMS4yLjE5MzEyNTI2NDEuMTY2OTMwNTcxOCJ9fV19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.185.210.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-185-210-97.us-west-2.compute.amazonaws.com
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 16:02:00 GMT
Server
Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:02:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 24 Nov 2022 16:02:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 238E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
56246
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 00:24:34 GMT
expires
Fri, 24 Nov 2023 00:24:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 39D9 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
13e48d7e73d61f60b58201c0e850bd5e679f4f393e6fdb64e1e78a389b22c90b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XCIJVufxYUqgfnKAl-JIrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-XCIJVufxYUqgfnKAl-JIrw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 24 Nov 2022 16:02:00 GMT
expires
Thu, 24 Nov 2022 16:02:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame 238E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 00:24:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15986
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Nov 2023 00:24:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 39D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=634402122736493&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 238E 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?383eBw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:02:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pp.js
api.aamapiv2.com/s/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.aamapiv2.com/s/pp.js
Requested by
Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2beb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a9f3c83892833387d92f857563b6f3cfdee0277cbc648a932a2718e000e9e42

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:02:00 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 18 Oct 2022 14:09:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"634eb38a-3bc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqYrbgYrxTotWuexrn0nD1S%2FXdMFJQnJ2kEMrEiXSNaecAs2rhEm6MAZD1XnnALGr%2FMrA2O6i6IRUZMXVFhbPzC7%2B%2FBkUqKykFEFw9YO84oXx5c9YNP0yg%2BuiV%2B%2FvELRHYctKFwFWOdraQgkT8lk"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
76f35dd22d79aff4-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=634402122736493&bg=!dHeldzPNAAbvMpMzzzI7ACkAdvg8WoF_mqRq_NDpWD9kglt0kDJ7WyIuYkw_8fCHJ8QbHMEEjECT_AIAAABBUgAAAAJoAQcKACL-XgxEG41Fl6Rh9HmyKz59St4VrSR3mJXydWJ-vKNN0rS1mQKZzs_GlROjRkU1ZPmGlD1xrH2SVmd_yq2o0vc7DuhrsBwIgm2Jo4qtBtQMYPpZvzmEFriF6tS0y7ih_KVpG_PyVanYteheogLwd5UjZ2WVwFV7SnoubrYVmVkLVuyxsjaM8qDP4bxbUxfjfoNNhs1osOmd-Jzey18LrylXMid3GoHa8FZvFMX9_pi0v_68XItZ9-w9wZ8RUMej74mXjQgHnLEh-MedshapEg2C07QyeQc3JfTQFc7lF619I6QDuMmnWT_gfYgma9H_KZlIVFOtB9deNKKaLe1FALoa-GJPUh7XrBxS-rwETe6fTdZRyw0dwtKm2pZ-Wodpi9ypc8y8sJcmXk_G8CeWdkf7An5nzyZjppLttiAVckPdQFfoFr_JMaBVpZOMJjyUe5Hx_i1yyFL31ubVZh26dhUMr-lB1h-yq6nC75YAaJ9WYLVhD7lnOza4FOAlbAusOQAmZoZdSbqXa3Zorx4jd8jg18gr0KhyDdAVzNDS3hcWlUZAMKTM7wQBMMrEl0U41I2792hmoynNpNvbNUtvZWXCbyacfs3s38_vQZXywkGPKfbW8ZwF2kN9IjI2GQw87nJA9NW3jorIlPipyHEphJW0leFmaS9am6eqgvavb2jeWC2PUo-kJjYy9wtowtMs1f0mgZFvYpAzIQ1zSj3u_UDc444K2ULgpvzdwgOs4fXKedi9naDUymbxctPfPQOiYA30CGk5xcX4SIvvYbB-FVJtw3fP0p9hdbpBEZ7TXZLhMPMyky2681YEYmwIh3hyPilTPr7d9gXmRP1m3ogIzMP5Kkcc4WtIhQoxRhLEzkONi0N3lQIe7oEZ04RS1hXwgeDvIlQXTlkF33a2F1xQndmM6-sMkR3dL17Z8t2g6ps
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
x
api.aamapiv2.com/api/ 		0
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.aamapiv2.com/api/x?EU8eIznlatnc07iC$dXJsJDAkaHR0cHM6Ly93d3cuc3Bva2VzbWFuLmNvbS8iLCJyZWZlcnJlciQwJCIsImFuY2VzdG9yT3JpZ2lucyQwJCIsInZpZGVvJDAkMTYwMHgxMjAweDI0IiwiZnJhbWUkMCQwIiwiaGlkZGVuJDAkMCIsInZpc2liaWxpdHlTdGF0ZSQwJHZpc2libGUiLCJoYXNGb2N1cyQwJDEiLCJ3aW5kb3ckMCQxNjAweDEyMDAiLCJwaXhlbHJhdGlvJDAkMSIsImlubmVyJDAkMTYwMHgxMjAwIiwib3V0ZXIkMCQxNjAweDEyMDAiLCJsb2NhbFN0b3JhZ2UkMCQxIiwic2Vzc2lvblN0b3JhZ2UkMCQxIiwiYXBwQ29kZU5hbWUkMCRNb3ppbGxhIiwiYXBwTmFtZSQwJE5ldHNjYXBlIiwiYXBwVmVyc2lvbiQwJDUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiIsImNvb2tpZUVuYWJsZWQkMCR0cnVlIiwiZGV2aWNlTWVtb3J5JDAkOCIsImRvTm90VHJhY2skMCQiLCJoYXJkd2FyZUNvbmN1cnJlbmN5JDAkNCIsImxhbmd1YWdlJDAkZW4tVVMiLCJwbGF0Zm9ybSQwJFdpbjMyIiwicHJvZHVjdCQwJEdlY2tvIiwicHJvZHVjdFN1YiQwJDIwMDMwMTA3IiwidXNlckFnZW50JDAkTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNy4wLjUzMDQuMTEwIFNhZmFyaS81MzcuMzYiLCJ2ZW5kb3IkMCRHb29nbGUgSW5jLiIsInZlbmRvclN1YiQwJCIsIndlYmRyaXZlciQwJGZhbHNlIiwibmF2aWdhdG9yLWhhc2gkMyQyOWU0MTg2ZCIsIm5hdmlnYXRvci10aW1lJDQkMyIsInNlbmRCZWFjb24kNCQxIiwiZm9udHJlbmRlciQ0JDEiLCJ0aW1lJDQkMTY2OTMwNTcyMDk1NSIsInRpbWV6b25lJDQkMCIsInBsdWdpbnMtdGltZSQ0JDAuMSIsInBsdWdpbnMkNCRiNmQwNTU1OCIsIm1lbS10b3RhbEpTSGVhcFNpemUkNCQxMC42IiwibWVtLXVzZWRKU0hlYXBTaXplJDQkMTAiLCJtZW0tanNIZWFwU2l6ZUxpbWl0JDQkMzc2MCIsInRpbWUtZmlyc3RQYWludCQ0JDI1MzQiLCJ0aW1lLWZldGNoU3RhcnQkNCQxNTYwIiwidGltZS1kb21haW5Mb29rdXBTdGFydCQ0JDE1NjAiLCJ0aW1lLWRvbWFpbkxvb2t1cEVuZCQ0JDE1NzQiLCJ0aW1lLWNvbm5lY3RTdGFydCQ0JDE1NzQiLCJ0aW1lLWNvbm5lY3RFbmQkNCQxNzk2IiwidGltZS1zZWN1cmVDb25uZWN0aW9uU3RhcnQkNCQxNjgyIiwidGltZS1yZXF1ZXN0U3RhcnQkNCQxNzk2IiwidGltZS1yZXNwb25zZVN0YXJ0JDQkMTk2MCIsInRpbWUtcmVzcG9uc2VFbmQkNCQyMDc4IiwidGltZS1kb21Mb2FkaW5nJDQkMTk2MiIsInRpbWUtZG9tSW50ZXJhY3RpdmUkNCQyNTk1IiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRTdGFydCQ0JDI3MTEiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudEVuZCQ0JDI3MTIiLCJ0aW1lLWRvbUNvbXBsZXRlJDQkNTEyMSIsInRpbWUtbG9hZEV2ZW50U3RhcnQkNCQ1MTIxIiwidGltZS1sb2FkRXZlbnRFbmQkNCQ1MTIyIiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDQkMCIsIm5hdmlnYXRpb24tdHlwZSQ0JG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDEyJDAiLCJnbG9iYWxzJDEzJGJhYTc5MmMwIiwiZG9jdW1lbnQtdGltZSQxOCQwIiwiZG9jdW1lbnQkMTkkNzk1OTYwN2EiLCJjb25uZWN0aW9uJDE5JCIsImRvd25saW5rTWF4JDE5JCIsImdldFVzZXJNZWRpYSQxOSQyIiwicGFnZS1mcmFtZS1jb3VudCQxOSQ3IiwicGFnZS1mcmFtZS1saXN0JDE5JDEyODB4MTAwI2dvb2dsZSAzMDB4NjAwI2dvb2dsZSAzMDB4MjUwI2dvb2dsZSAweDAjNzEyOTliYWY1YjA2NjY2ZmVkM2Y5MGJiMzBjYjgwMmEuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbSAweDAjZ29vZ2xlIDB4MCN0cGMuZ29vZ2xlc3luZGljYXRpb24uY29tIDB4MCN3d3cuZ29vZ2xlLmNvbSIsInBhZ2UtaGFzaC10aW1lJDIyJDMuMSIsInBhZ2UtaGFzaCQyMyQyNTU3NjI5NyIsImZvbnQkMzAkMTAwMDAwMCIsInN0eWxlLWhhc2gkMzAkOGNiNmIyY2MiLCJzdHlsZS10aW1lJDMxJDAuNiIsImF1ZGlvLWNvZGVjJDMxJDIyMjEyIiwidmlkZW8tY29kZWMkMzEkMjIyMDAwIiwiY2xvY2skMzYkNjAwMiIsInNvcnQkNDUkOC42Iiwic3RhY2skNDYkMTM5NTYiLCJzdGFjay1lcnJvciQ0NiRSYW5nZUVycm9yOiBNYXhpbXVtIGNhbGwgc3RhY2sgc2l6ZSBleGNlZWRlZCIsInN0YWNrLXRpbWUkNDYkMSIsIndlYmdsJDUwJDEiLCJ3ZWJnbDIkNTAkMSIsIndlYmdsLXZlbmRvciQ1MCRJbnRlbCBJbmMuIiwid2ViZ2wtcmVuZGVyZXIkNTAkSW50ZWwgSXJpcyBPcGVuR0wgRW5naW5lIiwid2ViZ2wtZXh0ZW5zaW9ucyQ1MCQ0NDk1Mzk2NSIsIndlYmdsLXRpbWUkNTAkNC40IiwicGVybWlzc2lvbi1nZW9sb2NhdGlvbiQ1MyRwcm9tcHQiLCJiYXR0ZXJ5JDUzJDEgMSAwIEluZmluaXR5IiwiYXVkaW9jb250ZXh0JDU0JGY3ZTcxMmQ5IiwiYXVkaW9jb250ZXh0LXRpbWUkNTQkMjEuMiIsImludGVyc2VjdGlvbi1zaXplJDU0JDE2MDB4MTIwMCIsImludGVyc2VjdGlvbiQ1NCQxMSIsInBlcm1pc3Npb24tbm90aWZpY2F0aW9ucyQ1NCRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQ1NCRwcm9tcHQiLCJwZXJtaXNzaW9uLW1pY3JvcGhvbmUkNTQkcHJvbXB0IiwicGVybWlzc2lvbi1wZXJzaXN0ZW50LXN0b3JhZ2UkNTQkcHJvbXB0IiwiYWRibG9jayQxMzEkMCIsImZyYW1lcmF0ZSQxMzYkODA~
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:2beb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:02:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udagIQKwNpbIK1H3hKTcyebHXqkFLT0Bmnea%2B7%2FDoWWAKYIFFI5nEThRshmH5qzqYc%2FQ16ToEUKPyXf7lXk%2Fj5jmIEmtP5ygqgQgB8zgYR38eqyIdKVE%2BXPibLX07YnCrwbhi7c23IDk9F5dVTz9"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
76f35dd5983f1f0f-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.70.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Thu, 24 Nov 2022 16:02:04 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
2Y8J04AFS0FHH9RJ
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
Q11bzA17aYczRL2K3jYFeblj9seL3DHtdeFpO99H4KgK9sgPLCIHMzj1vimfkT+HRy+WPPcfprA=
x-amz-meta-s3b-last-modified
20191015T134358Z
index.js
cdn.czx5eyk0exbhwp43ya.biz/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/index.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:247:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/891C) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 24 Nov 2022 16:02:03 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
101813
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (tka/891C)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
6b3e4970-001e-0098-2b31-ffd7df000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
views
prod-spokesman-proxy-connext.azurewebsites.net/api/ 		64 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-spokesman-proxy-connext.azurewebsites.net/api/views?UserId=8a14e1406520b8b06a9b1478b5447619&ConfigCode=SPOKESMAN&SiteCode=SR
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/spokesman/t8y9347t.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
26a3fabdf71141620385737bed9c17655464346664a470a1bdd006c96660d940

Request headers

source-system
Plugin
site-code
SR
autoqa
false
accept-language
jp-JP,jp;q=0.9
settingskey
null
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3NDEzMDU3MTl9.QA-ykpXWWfKiY5_8QY1vdW7rTVI_4QuXch6d-uu0SNs
ssid
4affa806224f1644ec7847d933487391
environment
prod
config-code
SPOKESMAN
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
content-type
application/json
access-control-allow-origin
*
accept
application/json
location
System
Referer
version
Version: 2.8.2

Response headers

Expires
-1
Pragma
no-cache
Date
Thu, 24 Nov 2022 16:02:03 GMT
Content-Encoding
gzip
X-Server-Time
11/24/2022 4:02:04 PM
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
176
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
views
prod-spokesman-proxy-connext.azurewebsites.net/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-spokesman-proxy-connext.azurewebsites.net/api/views?UserId=8a14e1406520b8b06a9b1478b5447619&ConfigCode=SPOKESMAN&SiteCode=SR
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method
GET
Origin
https://www.spokesman.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin
*
Content-Length
0
Date
Thu, 24 Nov 2022 16:02:04 GMT
X-Powered-By
ASP.NET
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=692717796&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MeterLevelSet&el=%7B%22MeterDetermineMethod%22%3A%22Dynamic%22%2C%22MeterRuleName%22%3A%22Home%20Page%22%2C%22MeterLevel%22%3A%22Free%22%7D&_u=aGDACEABBAAAAGACI~&jid=&gjid=&cid=1931252641.1669305718&tid=UA-230256-42&_gid=678781254.1669305718&gtm=2wgb90WQTQTTW&cd1=1669305724594.6eybbcj&cd2=8a14e1406520b8b06a9b1478b5447619&cd5=Not%20Set&cd6=Unknown&cd7=Free&cd8=Not%20Set&cd9=Not%20Set&cd3=Not%20Set&cd4=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=homepage&cd17=Not%20Set&cd18=Default&z=468801516
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 13:43:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8290
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=692717796&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=ConversationDetermined&el=%7B%22ConversationName%22%3A%22Homepage%20Sale%20Promo%22%2C%22MeterLevel%22%3A%22Free%22%2C%22ConversationDateStarted%22%3A%222022-11-24T16%3A02%3A04Z%22%2C%22ConversationDateEnded%22%3A%22Not%20Set%22%2C%22ConversationDateExpiratation%22%3A%222022-12-24T16%3A02%3A04Z%22%2C%22ConversationPaywallLimit%22%3A%22unlimited%22%2C%22ArticleViews%22%3A%221%22%7D&_u=aGDACEABBAAAAGACI~&jid=&gjid=&cid=1931252641.1669305718&tid=UA-230256-42&_gid=678781254.1669305718&gtm=2wgb90WQTQTTW&cd1=1669305724768.nj0c6rwr&cd2=8a14e1406520b8b06a9b1478b5447619&cd5=Not%20Set&cd6=Unknown&cd7=Free&cd8=Homepage%20Sale%20Promo&cd9=1&cd3=Not%20Set&cd4=Not%20Set&cd10=unlimited&cd11=unlimited&cd12=2022-11-24T16%3A02%3A04Z&cd13=2022-12-24T16%3A02%3A04Z&cd14=Not%20Set&cd15=Not%20Set&cd16=homepage&cd17=Not%20Set&cd18=Default&z=1617094950
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 13:43:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8290
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=692717796&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=PageView&el=%7B%22Page%22%3A%22The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington%22%2C%22ContentType%22%3A%22Not%20Set%22%2C%22MeterLevel%22%3A%22Free%22%7D&_u=aGDACEABBAAAAGACI~&jid=&gjid=&cid=1931252641.1669305718&tid=UA-230256-42&_gid=678781254.1669305718&gtm=2wgb90WQTQTTW&cd1=1669305724858.5hiwgyyk&cd2=8a14e1406520b8b06a9b1478b5447619&cd5=Not%20Set&cd6=Unknown&cd7=Free&cd8=Homepage%20Sale%20Promo&cd9=1&cd3=Not%20Set&cd4=Not%20Set&cd10=unlimited&cd11=unlimited&cd12=2022-11-24T16%3A02%3A04Z&cd13=2022-12-24T16%3A02%3A04Z&cd14=Not%20Set&cd15=Not%20Set&cd16=homepage&cd17=Not%20Set&cd18=Default&z=551592038
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 24 Nov 2022 13:43:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
8290
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify.alexametrics.com
URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&time=1669305720350&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.spokesman.com%2F&random_number=7049514847&sess_cookie=cf064087184aa5fde1ee13206ca&sess_cookie_flag=1&user_cookie=cf064087184aa5fde1ee13206ca&user_cookie_flag=1&dynamic=true&domain=spokesman.com&account=TEMji1aUCm00qs&jsv=20130128&user_lang=en-US

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| dataLayer string| PAYMETER_ENV boolean| PAYMETER_DEBUG function| $ function| jQuery object| flippxp string| config_file object| google_tag_manager object| google_tag_data function| loadScript function| waitForGlobal function| domready object| lazySizesConfig object| lazySizes string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| googletag object| ggeac object| google_js_reporting_queue object| sr_ads object| slots number| viewportWidth function| viewportResizedHorizontal function| paragraphCount function| debounce function| defineAd function| enableAds function| displayAd function| refreshAds function| showAds function| setupCatfish function| setupSiderail function| setupInstory function| removeEmpty function| setupAds function| startAds function| onYouTubeIframeAPIReady undefined| google_measure_js_timing function| handleMessageFromNative object| _mather object| _matherq object| tid function| At object| n function| t object| SrExpandoBox boolean| authenticated boolean| attemptedAuth function| check_authentication function| sideMenu function| setRefresh function| SRPageInit object| calendarFilters object| TabNav object| SrFilterList object| HideAndSeek object| SRSectionNav object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| Gumshoe function| Splide object| splide object| plinks object| menus object| _mg2q object| catfishParent object| button object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| MG2Loader object| appInsights string| slotElementId object| slotElement object| AI object| Microsoft function| __extends function| _endsWith object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights object| nxtBundle object| webpackJsonpnxtBundle function| setImmediate function| clearImmediate object| NxtInner object| Connext object| CnnXt object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| MG2DL function| _____WB$wombat$assign$function_____ function| __WB_pmw object| gPartners object| _atrk_opts object| GlobalAamNamespace function| aamsitecertifier function| ia object| _0x5193 function| _0x27fd function| _typeof object| eventsUUIDGen function| uuidGenv4 function| uuidGenerator object| weightedFilter function| getOGTags object| loadTags function| atrk boolean| _atrk_fired object| Snowplow object| GoogleGcLKhOms function| __$PP object| google_image_requests

25 Cookies

Domain/Path Name / Value
amazon-logins-account.duckdns.org/ Name: PHPSESSID
Value: 0bd51e6252b4d0c41aedb668383ad11e
.spokesman.com/ Name: _gid
Value: GA1.2.678781254.1669305718
.spokesman.com/ Name: _dc_gtm_UA-230256-14
Value: 1
.spokesman.com/ Name: _ga_G3BY0LGVDL
Value: GS1.1.1669305717.1.0.1669305717.0.0.0
www.spokesman.com/ Name: flipp-uid
Value: f3d134f2-3a09-4fc3-b9fa-8f4386e5737f
.spokesman.com/ Name: _sp_ses.53c5
Value: *
.p.flipp.com/ Name: gid
Value: "AEk8HAAARfvUyuf8AGTrfg=="
.spokesman.com/ Name: __gads
Value: ID=3a6a534914bfc542:T=1669305718:S=ALNI_MbPaXiu4gg-XOr9YH3iBxa3Twar1g
.spokesman.com/ Name: __gpi
Value: UID=00000b8300083746:T=1669305718:RT=1669305718:S=ALNI_Mbg1MOWH3K9lP53dqUNvX05OghTlQ
.spokesman.com/ Name: _sp_id.53c5
Value: 3e68d01b-eda8-4f64-9f84-63a6728e2fd9.1669305718.1.1669305719.1669305718
www.spokesman.com/ Name: ai_user
Value: 9Mhh2|2022-11-24T16:01:59.032Z
.doubleclick.net/ Name: IDE
Value: AHWqTUlP9qb6beG-I1iCe2iiuXZ54zsvRLOCRt76kgVGHCGYCnNZ2_Y1hrbbfjayhgE
.spokesman.com/ Name: anonDeviceId
Value: 8a14e1406520b8b06a9b1478b5447619
.spokesman.com/ Name: _ga
Value: GA1.2.1931252641.1669305718
.spokesman.com/ Name: _gat_UA-230256-42
Value: 1
www.spokesman.com/ Name: ai_session
Value: yZyZf|1669305719848.4|1669305719848.4
.spokesman.com/ Name: __asc
Value: cf064087184aa5fde1ee13206ca
.spokesman.com/ Name: __auc
Value: cf064087184aa5fde1ee13206ca
www.spokesman.com/ Name: _gada_ses.e3de
Value: *
www.spokesman.com/ Name: _gada_id.e3de
Value: e19ac29c-bef9-4de6-84e7-3c6c1f9ea647.1669305720.1.1669305720.1669305720.6bde3f65-c987-4d89-84c8-87dbe47d3e6b
www.spokesman.com/ Name: privAu
Value: 0
.pymx5.com/ Name: _ia_uid
Value: eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.pmIkFuSOjCFMCDMh9qAc2y4TKDkLhzY-101BLk2FYdE7r4EaNsGfmg.q3sYXiV6yd30MiNu.eRUuWHWsVRWXMXylgYvoxnN3oZPqZkYPZ5B4cKEQUjFRXnVhJf36fwSVsOAeLtJgH8uoykwTa6-KcfTISL3GYhHgFXleZQkmiRp2bBarwo9U980x4CvQAttsCPN96Jx37l-CGYU4o4actgqtuIx-einqKjrAjoPSJDsye9I3WsPVrr3dOrGdnuFCOPAWDv9iWjmYmu-5YLl_LN-0WtVhC2ooGa0NE8uA_l52dlCKIYjdZcD9iw6mzG1EX1sLeRYt8PSI6ngEXQg-cnUM50j1wC9AdlSq31IuISmZJP6g5aBEc7AYk4Ihx4k7B5VOPN4PkZ_EemiS9VevN5d_uBmzaFxDDGO6R3nevojwHqslIxk.e6Z9Jylybs3TURR5VZdZzQ
.pymx5.com/ Name: _ia_version
Value: 2
.spokesman.com/ Name: nxt_upd_ac_SR_SPOKESMAN_PROD
Value: 1
.spokesman.com/ Name: nxt_SR_SPOKESMAN_PROD
Value: {%221%22:{%22100132%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:%222022-11-24T16:02:04.661Z%22}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:100132}}

3 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&time=1669305720350&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.spokesman.com%2F&random_number=7049514847&sess_cookie=cf064087184aa5fde1ee13206ca&sess_cookie_flag=1&user_cookie=cf064087184aa5fde1ee13206ca&user_cookie_flag=1&dynamic=true&domain=spokesman.com&account=TEMji1aUCm00qs&jsv=20130128&user_lang=en-US
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

71299baf5b06666fed3f90bb30cb802a.safeframe.googlesyndication.com
aamcf.aamsitecertifier.com
aamcftag.aamsitecertifier.com
adservice.google.co.jp
adservice.google.com
amazon-logins-account.duckdns.org
api-mg2.db-ip.com
api.aamapiv2.com
api.pymx5.com
az416426.vo.msecnd.net
cdn-gateflipp.flippback.com
cdn.ampproject.org
cdn.czx5eyk0exbhwp43ya.biz
cdn.godiciardstia.com
cdn.mircheigeshoa.com
cdn.pranmcpkx.com
cdn.wgchrrammzv.com
certify.alexametrics.com
d31qbv1cthcecs.cloudfront.net
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
js.matheranalytics.com
loader-cdn.azureedge.net
media.spokesman.com
p.flipp.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
polyfill.io
prod-spokesman-proxy-connext.azurewebsites.net
pymx5.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
securepubads.g.doubleclick.net
spokesman.com
static.spokesman.com
stats.g.doubleclick.net
thumb.spokesman.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.spokesman.com
certify.alexametrics.com
107.178.250.234
13.225.165.82
13.70.73.107
13.85.16.224
172.67.75.166
2404:6800:4004:801::2002
2404:6800:4004:80c::2008
2404:6800:4004:80c::200a
2404:6800:4004:81e::2003
2404:6800:4004:820::2002
2404:6800:4004:821::2001
2404:6800:4004:822::200e
2404:6800:4004:824::2001
2404:6800:4004:824::2002
2404:6800:4004:824::2004
2404:6800:4004:825::2001
2404:6800:4004:825::2002
2404:6800:4004:825::2003
2404:6800:4004:827::2002
2404:6800:4008:c01::9a
2600:1f16:bc:1202:9644:6957:60fd:1e5f
2600:9000:2066:1a00:14:c3e7:6780:93a1
2600:9000:20a6:d800:18:730a:3f00:93a1
2600:9000:20a6:e000:1e:dc88:cb00:93a1
2600:9000:20a6:fa00:0:b5fb:e6c0:93a1
2600:9000:21c4:3e00:2:4597:5e80:93a1
2600:9000:21c4:7400:13:3ce1:5800:93a1
2606:2800:147:120f:30c:1ba0:fc6:265a
2606:2800:247:1cb7:261b:1f9c:2074:3c
2606:4700:3032::6815:2beb
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42:a00::282
3.210.65.178
34.96.74.203
35.199.145.112
35.227.203.93
52.217.70.4
54.185.210.97
65.9.42.107
99.84.238.217
075d911e83bf68aa381d87049a6cc19b8e3d6e3a22a8d5f24e67553b724dda98
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
08ab522ec2fa572e6f604eba06e759f56d1fa72facd4fdedbdc68f57aab14a13
099dab513d8ed4fe5dd80830bd52cbbc4c66a14eb7c96c620f0f64a6ba771f62
0f2b46d7bc104aa6ea98d1cd019cd2da749eac91fa0acf55ff3eaa398dbdec38
103336c754fde9c2c7fc565bc5385b94409c0d5480cd8564c25f18f6cced5a85
13d01d56a98fe70e255a5d5f1453d030ad412167c6cfccbf1a20e67859327fe5
13e48d7e73d61f60b58201c0e850bd5e679f4f393e6fdb64e1e78a389b22c90b
15674734cdaa54a37e99e7854a30f3da7465e70073105be99f3f7e38fbc6109d
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1c357277498ee507bd84708a5dfef24f58c93d01e06e51fc99e81eea1cf19c6b
26a3fabdf71141620385737bed9c17655464346664a470a1bdd006c96660d940
29181332e86f1ed1d820c9d8efa35aefcb86a47cbfbe3e9955458bfe906ecb2f
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37b490b8cdbfb4c119d62b2b4e662a6cfc7364a321d604f5010471044169289f
428b19348f218a44e36bd16a007cc9a5b16598f3575812a81a715a6c04ff1112
44c448205f15c4f82a4dfe267d5a2efac45224543d44a7c073b167813d449fce
465aa2d51df873ac13ca220c835e7d985c650ecff5c1f620dd99a84ecba262ec
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5453593559ea77d4419f439614ade4421cfe8d6164d2cf14f9a489570f68c7f1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a2aee262821f014d61d9949b24dd6e194a702ae23c9e3661824e512e550ec09
5ac32a6b0987efd35d4229428c230a223088352c28e0d934b9b5ae61dc8a3c5e
5ba65148259568967389d182b434f97e0da7b6cd83abf926a602433a340ca9d0
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
619e622fb73038ce7a8f80e21e51c445deea96703ea2c40fc4d44e417892978c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
679940bbf117e6bc24434d99f0b381098067028ce38d874c7bcbad861bc5736b
684fd3160245b5299f62d223bfae2f2261b57d2d2f55f50a6d2aef0a7e45d118
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
6a9f3c83892833387d92f857563b6f3cfdee0277cbc648a932a2718e000e9e42
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dfc02a8e6f295102871d721f23120a13077e491345a93614fcbb43867de3301
6ff4d01f14c9d00c600952b773c9bda7568bf964dc367f7f360f6c31c9b70846
703f448d9d4cfc508719b4358dae9b37f9230ae8538cb86c8143d754ac81d783
79fc30a3a4b255c915bba01c0691a5653ec71151821aedb5147898821927e362
7b4c3c6605046f3ef2eaedabeee487ef3687ba7b2df1be308883ab8a3e076fe3
7ec7b3beddeb2a5ecaeafd3d25d935daa4175db55d181ee8abe6aded23e3e2ad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8366b56050cd10f4112259e2b616bf4d2e2fcef89bc3c6b4d5e9fc8e1b37e7f5
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
92aae892248a7997424fb418031fcb8eefa9cbe7bb00e9e96b6148450d7744b0
9ef65f1d4b3ddf07c3960a578d532f8aecd6b9d551631b2611596fb652480a9b
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a77ccf47a61b8eb1d83a4101826726c3b2b0e5b34eb9f2601785b4d1e513932c
ab2e65cd767ab27b65e3bd2f97ffa0163af196c8a0eceb292f5d57527c9adce8
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
af5562cfd1a2957b4ed169df51b9455e90c0695bb93ee3ea6919c3dedf5f1d4e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b45ebfb3a5396b07835e54789a90eb661a594524d6c0848af83e003ffa32b410
b7c15c02826d988a79aa0bb5080f70c3db9943fab1661f7bb4f5eaa62d226b86
ba5e7913cc534338268a299176fffdbdc4ac420076c7f8ad8aae62254add382a
bc2c387a887f40dbb73e526b6213be9cedd527ec7b88d51b497070d97e231c6f
c1577ba94752b8302f8a5518b1ccd8b21507a7da67cd613dc990e8fd10f8ab5e
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ce1926dae0f68eb90e197d30dbd5e458d67f6bedd82bbd82d003728e5004f07c
d4890a3c7a6d70985e71fb7178c58b8c3ff183e6edbb3f07a41affe5b897d3ae
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d9cf47d8ab173129de3f583b2ad0f6784add29d6b5e35e0b56aa3353ea4365e3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7f42db70feb901fa90db51fb287e8da8b3ff18e51aed0ed6dd16cc593a7207
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e15f20e9ef9afb2d807e387e719bf1e183ac72a1ff378d2b28f79cc33efd9ae5
e2e01f10ad6da5bea2017c9fd99319c3e104625804474e3f135e8da3e9fb0faf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93c85341a48fbccd80f6d316b0d45b3b951169f4390adfb5cf81609f4160d45
ecb2a4cde8ae10c8b02f7526d84881bfdbbbf8c2c0a604199ae59aa62a006a20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01417fc967ffe66af41925f6945bfb9b50c9cd70d40d0dbf2597f1475ab8d47
f333e57236bfdfa050867788c817568f36860fbffbacc2394b98db56d3c9ed58
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef