www.nprillinois.org Open in urlscan Pro
108.158.32.9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1c...
Effective URL:
https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
Submission: On August 06 via api (August 6th 2024, 11:00:22 pm UTC) from DE — Scanned from AU

Summary HTTP 93 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 15 domains to perform 93 HTTP transactions. The main IP is 108.158.32.9, located in United States and belongs to AMAZON-02, US. The main domain is www.nprillinois.org.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 15th 2023. Valid for: a year.

This is the only time www.nprillinois.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	142.250.66.238 142.250.66.238	15169 (GOOGLE) (GOOGLE)
2	172.217.167.106 172.217.167.106	15169 (GOOGLE) (GOOGLE)
4	142.250.66.200 142.250.66.200	15169 (GOOGLE) (GOOGLE)
8	172.217.24.35 172.217.24.35	15169 (GOOGLE) (GOOGLE)
5	142.250.67.3 142.250.67.3	15169 (GOOGLE) (GOOGLE)
3	142.251.221.78 142.251.221.78	15169 (GOOGLE) (GOOGLE)
8	172.217.24.46 172.217.24.46	15169 (GOOGLE) (GOOGLE)
1	172.217.24.33 172.217.24.33	15169 (GOOGLE) (GOOGLE)
4	108.158.32.9 108.158.32.9	16509 (AMAZON-02) (AMAZON-02)
12	18.67.110.85 18.67.110.85	16509 (AMAZON-02) (AMAZON-02)
21	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
2	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
1	35.175.57.211 35.175.57.211	14618 (AMAZON-AES) (AMAZON-AES)
1	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	142.250.66.193 142.250.66.193	15169 (GOOGLE) (GOOGLE)
1	108.158.18.205 108.158.18.205	16509 (AMAZON-02) (AMAZON-02)
11	172.217.167.97 172.217.167.97	15169 (GOOGLE) (GOOGLE)
1	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
1	34.203.185.0 34.203.185.0	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.67.4 142.250.67.4	15169 (GOOGLE) (GOOGLE)
93	21

5 142.250.66.238 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f14.1e100.net

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.106 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.66.200 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f35.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.67.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.221.78 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.24.46 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f46.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.24.33 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f1.1e100.net

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.158.32.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-9.syd3.r.cloudfront.net

www.nprillinois.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.67.110.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-85.syd62.r.cloudfront.net

npr.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.175.57.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-57-211.compute-1.amazonaws.com

api.composer.nprstations.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

npr-wuis.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.193 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f1.1e100.net

49ffe6a97aade13fe9f191b0a628e56a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.18.205 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-18-205.syd62.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.167.97 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.134 (San Francisco, United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.185.0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-185-0.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.67.4 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com 49ffe6a97aade13fe9f191b0a628e56a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 203 pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	585 KB
14	google.com 1 redirects news.google.com — Cisco Umbrella Rank: 7657 play.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 10	110 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com	261 KB
12	brightspotcdn.com npr.brightspotcdn.com — Cisco Umbrella Rank: 30544	1 MB
11	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280	211 KB
4	nprillinois.org www.nprillinois.org	39 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	369 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
2	disqus.com npr-wuis.disqus.com disqus.com — Cisco Umbrella Rank: 1722	26 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	91 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1859	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2461	15 KB
1	nprstations.org api.composer.nprstations.org — Cisco Umbrella Rank: 52145	1 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 129	2 KB
93	15

	Domain	Requested by
12	npr.brightspotcdn.com	www.nprillinois.org npr.brightspotcdn.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
11	securepubads.g.doubleclick.net	www.nprillinois.org securepubads.g.doubleclick.net news.google.com pagead2.googlesyndication.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
8	play.google.com	www.gstatic.com
8	www.gstatic.com
5	fonts.gstatic.com	fonts.googleapis.com
5	news.google.com	1 redirects
4	www.nprillinois.org	www.gstatic.com npr.brightspotcdn.com
4	www.googletagmanager.com	news.google.com www.nprillinois.org www.googletagmanager.com
3	www.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	www.nprillinois.org connect.facebook.net
2	fonts.googleapis.com	news.google.com www.nprillinois.org
1	www.google.com	tpc.googlesyndication.com
1	ping.chartbeat.net	www.nprillinois.org
1	disqus.com	npr-wuis.disqus.com
1	static.chartbeat.com	news.google.com
1	49ffe6a97aade13fe9f191b0a628e56a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	npr-wuis.disqus.com	npr.brightspotcdn.com
1	api.composer.nprstations.org	npr.brightspotcdn.com
1	lh3.googleusercontent.com
93	21

This site contains links to these domains. Also see Links.

Domain
www.npr.org
groups.webservices.illinois.edu
www.facebook.com
www.linkedin.com
pinterest.com
www.justice.gov
www.instagram.com
www.youtube.com
www.pinterest.com
publicfiles.fcc.gov
npr.brightspotcdn.com
cfll.org
www.cpb.org
healing.illinois.gov
arts.illinois.gov
www.protectmypublicmedia.org
www.uis.edu

Subject Issuer	Validity	Valid
*.news.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-16` - `2024-10-08`	3 months	crt.sh
*.google.com WR2	`2024-07-16` - `2024-10-08`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-07-16` - `2024-10-08`	3 months	crt.sh
grove3.prod.npr.psdops.com Amazon RSA 2048 M03	`2023-11-15` - `2024-12-13`	a year	crt.sh
npr.brightspotcdn.com Amazon RSA 2048 M02	`2023-12-17` - `2025-01-14`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-16` - `2024-08-14`	3 months	crt.sh
*.composer.nprstations.org Amazon RSA 2048 M02	`2023-07-28` - `2024-08-24`	a year	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-16` - `2025-04-16`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
tpc.googlesyndication.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
Frame ID: B0B5F6740D70820F2A7DDEE19583C974
Requests: 61 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 432CC29F00C0D6107C047186C807EBE4
Requests: 1 HTTP requests in this frame

Frame: https://49ffe6a97aade13fe9f191b0a628e56a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 62FC569A37E22872C3982B70577C785D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfIPci4ycHv5ZcP9QG_AzR8n07tzpJkIVja3f7kza64TJhm2seHjhVWUk6Z_TZkrujsaJ9zI3l4XKhcunEOJ_FLVm7AqIodjqK8oyVkAjqydP5pwwG0L52iTJYCJgOxWF741VEIL-8tiz_qHLStxMvAd_1NsXkJrXMV_b3cIHEyOq_tdOSemgwW7sD39lZErcNy0kUnKfrHUOssTvisR_J2u-17lJ5DORua_sevOqLGRDjrcOcjmBTPVV-YQj-_Vgb8F-OfJQGWpc_zm-20Lmy37y4ydeG5SiTveImdj6_CJxIqyDJ5Cj0oQvneO6vmCoSWVGkr-l329BKW3XXnhIzaHhCTJeATQ&sai=AMfl-YRVRAhokmvfluE_tyigYQD6m6-T6TrkYbGzKVQHNISyJE74V8B47RBItnWhKRaRg4PUnswCQI3dVDcVNVU6GDIBCPzrKG2bh5tnahIN9Dknm7DXzysGmT5g3iSSjAHnGbDVcSVtus1kDg_vlGhZrYiZ&sig=Cg0ArKJSzElz_1v9PXLuEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 98E79BA9E32337E088DCF8113E138FD9
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst76ttptQNDAeMXLaKA8ipjathFs2d58GS-7oXG6iirS0S9oW5fjKp6ujs2UQQAf-muNFqTmI4GyFzbpfwPq0v8tr_RIydLqLxIeDsWoRx35mcglj-Xwp-GdcIXbn4XSUuh0bkM5rcYshIpK8TJcShq7NIbvWtTUU8fFBXILZCAXLc0nkwJZrPQ5ctf62RN59gd6Ij-HehdlOhOD4JUZmmFZws9Oq14XiugfatEr7jK1ASd8tKDHT9z3pOJGbJDtFed5ujG_ATudo32w12mKlUlbfxhK9uRUrq6iRETO95VS6ak8lnFAkGaFphFh9NXXhSAYynYLYaHgEJSQ6eWfNe-KG-qCEBR8Q&sai=AMfl-YTZEBxtPJGYP_Qc6CXWazn5DvqO0ode9_VZ_XxskX7KzRJXzG3rSqxc7h82-DK1nmU9cm9CpFCbw2WNF0ChrBP-LtU0b3v2WmB_F7T9xAUfPk0ap7yiH61kMB29MwQvqSi6azXBBm3-dJ4xc6aklmb3&sig=Cg0ArKJSzH-p_9FKSDWBEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 5BDA412A03DCF3B82D75EE35A1719DAF
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHjrFvMgZYT9z4h_hfkW_5yiJ_9ejXi0BFHLecQ1wJaLhDM8w2JTRMcnofDnrd0S-6hUXp1fMzL-1xEddtqT-2p_FQZoyJXsBQ0lnA0GAkH0ifrtQnUSxicTk2roJcYWjw8RGxCJzr10AwYUYTNP3kKhjy8qVrfQu-zc7QHs-V6vseEzRk-E-N1F4gwW-fUk_IHSaMmt-EeET-0uZvVxP5of7mYH6oJYQZhax4Y3sStf0G2oSt8rOq_uQz18m0fDnrGuaYCnO_FsyS0kt887Q5b1gxA8Quk70j6e4j0R1oPsFOFI7g4NQugfZG1E9BsMfJp0g_rYywyitivl0HJoSr3PwvszKZ3g&sai=AMfl-YTSPUd053tIop3HM5fch2LaQm-I6pjeZDDWPv6kxciJNjH9tIm7WfhAuuhZz3nzRqFmDkpfbYUfltbgJj0xM009C2E0p0SvGgekJg1NOq5-AJ4PbQHMcSSPS3LKGo1jABhNvZRG-VG1Y9yP89H-DFkh&sig=Cg0ArKJSzNrckAkbHARXEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: C70FC9659C1A77CC1E7AABC1D0EDB515
Requests: 8 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=npr-wuis&t_i=00000190-9969-db42-a599-d9e9e9b70000&t_u=https%3A%2F%2Fwww.nprillinois.org%2F2024-07-09%2Fu-s-says-russian-bot-farm-used-ai-to-impersonate-americans&t_e=U.S.%20says%20Russian%20bot%20farm%20used%20AI%20to%20impersonate%20Americans&t_d=%0A%20%20%20%20%20%20%20%20U.S.%20says%20Russian%20bot%20farm%20used%20AI%20to%20impersonate%20Americans%0A%20%20%20%20&t_t=U.S.%20says%20Russian%20bot%20farm%20used%20AI%20to%20impersonate%20Americans&s_o=default
Frame ID: 2EB3E417ACC3450392AC95183589E935
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 71F0EEF8CE27E94D91E96A6ABB9D90FB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C734BA843C85B33BE373BB4FE832A8C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

U.S. says Russian bot farm used AI to impersonate Americans | NPR Illinois

Page URL History Show full URLs

https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZ... HTTP 302
https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZ... Page URL
https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

93
Requests

99 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

21
IPs

2
Countries

2833 kB
Transfer

7026 kB
Size

18
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://www.npr.org/podcasts/475680317/the-21st
Title: The 21st

Search URL Search Domain Scan URL

URL: https://groups.webservices.illinois.edu/subscribe/84080
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=52726949983&display=popup&href=https%3A%2F%2Fwww.nprillinois.org%2F2024-07-09%2Fu-s-says-russian-bot-farm-used-ai-to-impersonate-americans
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?url=https%3A%2F%2Fwww.nprillinois.org%2F2024-07-09%2Fu-s-says-russian-bot-farm-used-ai-to-impersonate-americans&mini=true&title=U.S.%20says%20Russian%20bot%20farm%20used%20AI%20to%20impersonate%20Americans&summary=The%20bot%20farm%20used%20AI%20to%20create%20social%20media%20profiles%20impersonating%20Americans%20and%20posting%20post%20support%20for%20Russia%E2%80%99s%20war%20in%20Ukraine%20and%20other%20pro-Kremlin%20narratives.&source=NPR%20Illinois
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/bookmarklet/?url=https%3A%2F%2Fwww.nprillinois.org%2F2024-07-09%2Fu-s-says-russian-bot-farm-used-ai-to-impersonate-americans&description=U.S.%20says%20Russian%20bot%20farm%20used%20AI%20to%20impersonate%20Americans&media=https://npr.brightspotcdn.com/dims3/default/strip/false/crop/5333x4000+333+0/resize/5333x4000!/?url=http%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2Ff2%2F62%2Fc56c6e76497d97117c773b38a95b%2Fgettyimages-979599890.jpg
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.justice.gov/opa/pr/justice-department-leads-efforts-among-federal-international-and-private-sector-partners
Title: Justice Department alleged

Search URL Search Domain Scan URL

URL: https://www.npr.org/2024/06/06/g-s1-2965/russia-propaganda-deepfakes-sham-websites-social-media-ukraine
Title: ramping up propaganda efforts

Search URL Search Domain Scan URL

URL: https://www.npr.org/2024/05/30/g-s1-1670/openai-influence-operations-china-russia-israel
Title: using AI

Search URL Search Domain Scan URL

URL: https://www.npr.org/2022/03/01/1083824030/techs-crackdown-on-russian-propaganda-is-a-geopolitical-high-wire-act
Title: ban Russian state media

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nprillinois/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCRopF2BLbagbMZ_yt8Ff0QQ
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/nprillinois
Title: pinterest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nprillinois
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/18697474
Title: linkedin

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/WUIS
Title: WUIS FCC Public File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/fm-profile/WIPA
Title: WIPA FCC Public File

Search URL Search Domain Scan URL

URL: https://npr.brightspotcdn.com/40/28/7301f1bb49d891f2fec32102cb1b/2023-09-25-schedule.pdf
Title: Schedule (printable)

Search URL Search Domain Scan URL

URL: https://cfll.org/

Search URL Search Domain Scan URL

URL: https://www.cpb.org/

Search URL Search Domain Scan URL

URL: https://healing.illinois.gov/

Search URL Search Domain Scan URL

URL: https://arts.illinois.gov/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ILPubBroadcasting

Search URL Search Domain Scan URL

URL: https://www.protectmypublicmedia.org/

Search URL Search Domain Scan URL

URL: https://www.uis.edu/cspl/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6TnpIOGlGTmQ4aEd6M2hEZw?oc=5 HTTP 302
https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6TnpIOGlGTmQ4aEd6M2hEZw?oc=5&hl=en-AU&gl=AU&ceid=AU:en Page URL
https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6TnpIOGlGTmQ4aEd6M2hEZw?oc=5 HTTP 302
https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6TnpIOGlGTmQ4aEd6M2hEZw?oc=5&hl=en-AU&gl=AU&ceid=AU:en

93 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6T... Show response
news.google.com/rss/articles/
Redirect Chain

https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVP...
https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVP...

426 KB
107 KB

469ms
468ms

Document
text/html

142.250.66.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6TnpIOGlGTmQ4aEd6M2hEZw?oc=5&hl=en-AU&gl=AU&ceid=AU:en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

4c8f2e1e52487637586cbb803fe12d88c099caac9544bc4b3258ae923fe1de67

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wR8_dWE3TEvRgRlt7QXwnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wR8_dWE3TEvRgRlt7QXwnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-site
date: Tue, 06 Aug 2024 23:00:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/DotsSplashUi/web-reports?context=eJzj8tHikmJw05BikPj6kkkDiJ3SZ7AGAbFP_QzWGCD-tGMGa-vNc6xTgTjp33nWIiBeEnGR9VDiRVZDhUusjkBcz3CZlcn0MqsQN8ffq6e2sgl0vHvKp6SclF8Yn5JfUlxckJNYnFGcWlSWWhRvZGBkYmBhYKJnaBFfYAAAaC4wqw"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: script-src 'report-sample' 'nonce-4m7wJQGb0MGkAGo6r567FA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
content-type: application/binary
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: same-site
date: Tue, 06 Aug 2024 23:00:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6TnpIOGlGTmQ4aEd6M2hEZw?oc=5&hl=en-AU&gl=AU&ceid=AU:en
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 508ms
107ms Stylesheet
text/css 172.217.167.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700,400i,500i,700i

Requested by

Host: news.google.com
URL: https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6TnpIOGlGTmQ4aEd6M2hEZw?oc=5&hl=en-AU&gl=AU&ceid=AU:en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f10.1e100.net

Software

ESF /

Resource Hash

800f633202ce8f9164b880fd6ed86fc0673a476462c0df7ada22f14b7acd7725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Aug 2024 23:00:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 22:37:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Aug 2024 23:00:13 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
89 KB 512ms
110ms Script
application/javascript 142.250.66.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SYGF1G18MM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

996e82b8f1fb7a3e44db2806293f5c0b03e994f5ab188d57d089d5b538816e1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90739
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Aug 2024 23:00:13 GMT

GET
H2 200 m=he6YWd,aLI87 Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=_b,_tp/excm=_b,_tp,sy... 373 KB
109 KB 405ms
4ms Script
text/javascript 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=_b,_tp/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2M8_Md53J4qWhASIHqxPdknzd3UQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=he6YWd,aLI87

Requested by

Host:
URL: /_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/am=GAQRPhhoFhhAAQ/d=1/excm=_b,_tp,syndicationarticleview/ed=1/dg=0/wt=2/ujg=1/rs=ALs0n2PA0XaFke8ZAXAMKWmNtoJsZgKrRw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f35.1e100.net

Software

sffe /

Resource Hash

c08dfa26ba1ab74cdf2ae1169dbe0f038abac2d38e8791be878d112a82dfe845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 16:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 111066
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 18:41:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Aug 2025 16:45:25 GMT

GET
H2 200 5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2
fonts.gstatic.com/s/googlesanstext/v22/ 16 KB
16 KB 406ms
3ms Font
font/woff2 142.250.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesanstext/v22/5aUu9-KzpRiLCAt4Unrc-xIKmCU5qEp2iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700,400i,500i,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

sffe /

Resource Hash

97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://news.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 22:16:50 GMT
x-content-type-options: nosniff
age: 2604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15996
x-xss-protection: 0
last-modified: Wed, 31 Jul 2024 20:31:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 22:16:50 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 503ms
100ms Fetch
text/plain 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-SYGF1G18MM&gtm=45je47v0v9117462484za200&_p=1722985213659&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=1531468471.1722985214&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722985214&sct=1&seg=0&dl=https%3A%2F%2Fnews.google.com%2Frss%2Farticles%2FCBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6TnpIOGlGTmQ4aEd6M2hEZw%3Foc%3D5%26hl%3Den-AU%26gl%3DAU%26ceid%3DAU%3Aen&dt=Google%20News&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1971
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SYGF1G18MM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 23:00:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://news.google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 543ms
135ms Preflight
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 06 Aug 2024 23:00:14 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 540ms
135ms Preflight
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 06 Aug 2024 23:00:14 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 m=LEikZe Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=_b,_tp,aLI87,he6YWd/e... 224 B
221 B 10ms
8ms Script
text/javascript 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=_b,_tp,aLI87,he6YWd/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2M8_Md53J4qWhASIHqxPdknzd3UQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=LEikZe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f35.1e100.net

Software

sffe /

Resource Hash

1f5645fa7db3c441f4bfa3c0962e1479a4b3d0958b888b63b971ba93c77619e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 16:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 156
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 18:41:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Aug 2025 16:45:25 GMT

POST
H3 200 log
play.google.com/ 131 B
155 B 263ms
164ms Fetch
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=_b,_tp/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2M8_Md53J4qWhASIHqxPdknzd3UQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=he6YWd,aLI87

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Aug 2024 23:00:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000
expires: Tue, 06 Aug 2024 23:00:14 GMT

POST
H3 200 log
play.google.com/ 131 B
155 B 259ms
162ms XHR
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 06 Aug 2024 23:00:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000
expires: Tue, 06 Aug 2024 23:00:14 GMT

GET
H2 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=LEikZe,_b,_tp,aLI87,h... 1 KB
854 B 5ms
4ms Script
text/javascript 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=LEikZe,_b,_tp,aLI87,he6YWd/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2M8_Md53J4qWhASIHqxPdknzd3UQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=bm51tf

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f35.1e100.net

Software

sffe /

Resource Hash

5d637723295e6bdb985608a019c6c271b7a92cb0f42d6915f180074aa2fd450a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 16:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 789
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 18:41:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Aug 2025 16:45:25 GMT

GET
H2 200 m=PrPYRd,s39S4,pw70Gc,QIhFr,hc6Ubd Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=LEikZe,_b,_tp,aLI87,b... 16 KB
6 KB 4ms
4ms Script
text/javascript 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=LEikZe,_b,_tp,aLI87,bm51tf,he6YWd/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2M8_Md53J4qWhASIHqxPdknzd3UQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=PrPYRd,s39S4,pw70Gc,QIhFr,hc6Ubd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f35.1e100.net

Software

sffe /

Resource Hash

70883b0df4028169f397776a9423b05efe930064f8ef00b34f5f07b8ee7ef4e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 16:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 6103
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 18:41:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Aug 2025 16:45:25 GMT

GET
H2 200 m=lW1Lhc Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=LEikZe,PrPYRd,QIhFr,_... 13 KB
5 KB 5ms
4ms Script
text/javascript 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=LEikZe,PrPYRd,QIhFr,_b,_tp,aLI87,bm51tf,hc6Ubd,he6YWd,pw70Gc,s39S4/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2M8_Md53J4qWhASIHqxPdknzd3UQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=lW1Lhc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f35.1e100.net

Software

sffe /

Resource Hash

bd71dccc5d856d27ae8c401c31f2a3c89c53933a5eecd65e717ca99ac7601456

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 16:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 5153
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 18:41:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Aug 2025 16:45:26 GMT

POST
H3 200 batchexecute Show response
news.google.com/_/DotsSplashUi/data/ 258 B
262 B 127ms
126ms XHR
application/json 142.250.66.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=Fbv4je&source-path=%2Frss%2Farticles%2FCBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6TnpIOGlGTmQ4aEd6M2hEZw&f.sid=7281909054073311610&bl=boq_dotssplashserver_20240804.18_p0&hl=en-AU&gl=AU&soc-app=140&soc-platform=1&soc-device=1&_reqid=25215&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

74b32a126b5932447dd6abcaec6f9b3e5a28ce0c7e263b7b8f1251ecbcc5d2b1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 06 Aug 2024 23:00:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=LEikZe,PrPYRd,QIhFr,_... 4 KB
2 KB 4ms
4ms Script
text/javascript 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=LEikZe,PrPYRd,QIhFr,_b,_tp,aLI87,bm51tf,hc6Ubd,he6YWd,lW1Lhc,pw70Gc,s39S4/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2M8_Md53J4qWhASIHqxPdknzd3UQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f35.1e100.net

Software

sffe /

Resource Hash

098803a6b604365b6752d37b99fe0141c6f7e4842b5aae4f2e269c718ab17bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 16:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 1761
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 18:41:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Aug 2025 16:45:26 GMT

GET
H2 200 -DR60l-K8vnyi99NZovm9HlXyZwQ85GMDxiwJWzoasZYCUrPuUM_P_4Rb7ei03j-0nRs0c4F=w32
lh3.googleusercontent.com/ 2 KB
2 KB 417ms
6ms Other
image/png 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://lh3.googleusercontent.com/-DR60l-K8vnyi99NZovm9HlXyZwQ85GMDxiwJWzoasZYCUrPuUM_P_4Rb7ei03j-0nRs0c4F=w32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f1.1e100.net

Software

fife /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 19:14:24 GMT
x-content-type-options: nosniff
age: 13550
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000
content-length: 1540
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Aug 2024 19:14:24 GMT

GET
H2 200 m=RqjULd Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=FCpbqb,LEikZe,PrPYRd,... 21 KB
7 KB 6ms
4ms Script
text/javascript 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=FCpbqb,LEikZe,PrPYRd,QIhFr,WhJNk,Wt6vjf,_b,_tp,aLI87,bm51tf,hc6Ubd,he6YWd,hhhU8,lW1Lhc,pw70Gc,s39S4/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2M8_Md53J4qWhASIHqxPdknzd3UQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=RqjULd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f35.1e100.net

Software

sffe /

Resource Hash

893b5d63438e2c21e9f9f4bf486730168ca99cda11cba2a16e1bbf67ab41f816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 16:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 7465
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 18:41:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Aug 2025 16:45:26 GMT

GET
H3 200 m=e5qFLc,O1Gjze,L1AAkb,KUM7Z,duFQFc,aW3pY,xQtZb,SpsfSb,Z5uLle,BBI74,MdUzUe,zbML3c Show response
www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=FCpbqb,LEikZe,PrPYRd,... 151 KB
39 KB 3ms
3ms Script
text/javascript 172.217.24.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-dots/_/js/k=boq-dots.DotsSplashUi_desktop_ms.en_AU.DREXAgy6PLw.es5.O/ck=boq-dots.DotsSplashUi_desktop_ms.Y9t-e8XSxkU.L.B1.O/am=GAQRPhhoFhhAAQ/d=1/exm=FCpbqb,LEikZe,PrPYRd,QIhFr,RqjULd,WhJNk,Wt6vjf,_b,_tp,aLI87,bm51tf,hc6Ubd,he6YWd,hhhU8,lW1Lhc,pw70Gc,s39S4/excm=_b,_tp,syndicationarticleview/ed=1/wt=2/ujg=1/rs=ALs0n2M8_Md53J4qWhASIHqxPdknzd3UQQ/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;G3BKud:E8sThf;JsbNhc:Xd8iUd;KFjtub:zthM6;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:eYnyH;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ZwIgGc:lwOjSb;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kDu84d:hECoeb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;up4Zyb:qY1Xef;wR5FRb:O1Gjze;xqZiqf:BBI74;yxTchf:KUM7Z;zxnPse:duFQFc/m=e5qFLc,O1Gjze,L1AAkb,KUM7Z,duFQFc,aW3pY,xQtZb,SpsfSb,Z5uLle,BBI74,MdUzUe,zbML3c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f35.1e100.net

Software

sffe /

Resource Hash

f9d2705c43bbe38b36d32c4290a492a1ed53691adc1a952b3b9e55cbe5e4442d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 16:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/dots-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000
content-length: 40055
x-xss-protection: 0
last-modified: Fri, 02 Aug 2024 18:41:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/dots-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/dots-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/dots-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Aug 2025 16:45:26 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 338ms
135ms Preflight
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 06 Aug 2024 23:00:14 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 336ms
136ms Preflight
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 06 Aug 2024 23:00:14 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log
play.google.com/ 131 B
155 B 261ms
163ms Fetch
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Aug 2024 23:00:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000
expires: Tue, 06 Aug 2024 23:00:14 GMT

POST
H3 200 log
play.google.com/ 131 B
155 B 257ms
160ms Fetch
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.24.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f46.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Aug 2024 23:00:14 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000
expires: Tue, 06 Aug 2024 23:00:14 GMT

POST
H3 200 batchexecute
news.google.com/_/DotsSplashUi/data/ 151 B
186 B 219ms
218ms XHR
application/json 142.250.66.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=xZTw2c&source-path=%2Frss%2Farticles%2FCBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6TnpIOGlGTmQ4aEd6M2hEZw&f.sid=7281909054073311610&bl=boq_dotssplashserver_20240804.18_p0&hl=en-AU&gl=AU&soc-app=140&soc-platform=1&soc-device=1&_reqid=125215&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 06 Aug 2024 23:00:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Primary Request u-s-says-russian-bot-farm-used-ai-to-impersonate-americans Show response
www.nprillinois.org/2024-07-09/ 207 KB
34 KB 862ms
775ms Document
text/html 108.158.32.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.158.32.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-158-32-9.syd3.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

c8941d714070ba95c8c2f4c13eb8c2449ec52119a6cf5d50ec5210011d3c7c47

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.grovecms.org/

Request headers

Referer: https://news.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control: max-age=300
content-encoding: gzip
content-length: 34821
content-security-policy: frame-ancestors 'self' https://app.grovecms.org/
content-type: text/html;charset=UTF-8
date: Tue, 06 Aug 2024 23:00:14 GMT
server: N/A
vary: Accept-Encoding
via: 1.1 8e52b0323db9e9f5baf300137747fffe.cloudfront.net (CloudFront)
x-amz-cf-id: n5voQhPo1G3ywRPYc_Xcb3M-bOoELXPCzmdznPOW04jFl3nxjCnzDQ==
x-amz-cf-pop: SYD3-P2
x-cache: Miss from cloudfront
x-powered-by: Brightspot

POST
H3 200 batchexecute
news.google.com/_/DotsSplashUi/data/ 149 B
186 B 111ms
109ms XHR
application/json 142.250.66.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/_/DotsSplashUi/data/batchexecute?rpcids=t11Gyd&source-path=%2Frss%2Farticles%2FCBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6TnpIOGlGTmQ4aEd6M2hEZw&f.sid=7281909054073311610&bl=boq_dotssplashserver_20240804.18_p0&hl=en-AU&gl=AU&soc-app=140&soc-platform=1&soc-device=1&_reqid=225215&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.66.238 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f14.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 06 Aug 2024 23:00:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin-allow-popups
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 All.min.ab6eee59525552b9100e33650d638008.gz.css
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/ 435 KB
65 KB 70ms
4ms Stylesheet
text/css 18.67.110.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.ab6eee59525552b9100e33650d638008.gz.css
Requested by: Host: www.nprillinois.org
URL: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-85.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0ee057a88a75fd67a82fd23957e289bf1ad657c0913e8b419eb7c3a59be5634

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Jul 2024 16:44:52 GMT
content-encoding: gzip
via: 1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified: Mon, 22 Apr 2024 13:12:16 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P2
age: 2787324
etag: "63775e18655c56ec8ba57699c99b9f2e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 66064
x-amz-cf-id: duqVHDjIjiVHriY9QGniyZOzoSKb3Czenk3Kw-mVU2uEgj8fBiGE2g==

GET
H2 200 All.min.d910eddccf6fc10215241126a8cbfd61.gz.js Show response
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/ 942 KB
255 KB 73ms
7ms Script
text/javascript 18.67.110.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.d910eddccf6fc10215241126a8cbfd61.gz.js
Requested by: Host: www.nprillinois.org
URL: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-85.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7b1515e4887aaae622a0d52e2ca469d838329be317eddfce5d7f16502f50f6d

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 30 Jul 2024 17:54:08 GMT
content-encoding: gzip
via: 1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified: Tue, 30 Jul 2024 17:47:59 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P2
age: 623168
etag: "ac1861c4b7a887de18582aa8d80cbf49"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 259941
x-amz-cf-id: PJX2cZjwfmkP3UO-I1pPYL-JbqWNteh8lbOupnHhM4AOwcd-D7zetw==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 249ms
137ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.nprillinois.org
URL: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

3b244257da824f1be4d294b0751e942801a13ee8d8eb3385c25e0021cc512118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31695
x-xss-protection: 0
server: cafe
etag: 793 / 19941 / m202407310101 / config-hash: 6149763733754485172
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Aug 2024 23:00:15 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 325ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.nprillinois.org
URL: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

2634b6b0e503b85fc6539e9677f150ab9a50cb6fa4e5c10ba00e6ddad06d1936

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Aug 2024 23:00:15 GMT
content-md5: ezeEGHL3D3dF7vHhgzhqOw==
document-policy: force-load-at-top
x-fb-server-load: 44
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=12, mss=1317, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: Sk7Bh+22Yb4KgZPfdBhxUhNiHnJxduItUFY36qCeiJIQXHtmD+Ngiz+b1lYWo1X9sW9RTrXzisksRJv4a0VhwQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: ace90f21bfd8dfa3b30255c053e28bb2
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "61ef31e23fe2170570b22c476f91957c"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 06 Aug 2024 23:13:48 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 288 KB
88 KB 562ms
154ms Script
application/javascript 142.250.66.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Requested by

Host: www.nprillinois.org
URL: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f66e529c8c72aa71ade975596324cd07ea348380f104cecfa7c163ba53695487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89823
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 22:06:46 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Aug 2024 23:00:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 508ms
107ms Stylesheet
text/css 172.217.167.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Requested by

Host: www.nprillinois.org
URL: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f10.1e100.net

Software

ESF /

Resource Hash

0c8b18f48ce0c5d32811cbd452596dd833357f1135db12fe7e7f61c5cabcd81a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
Origin: https://www.nprillinois.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Aug 2024 23:00:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 06 Aug 2024 23:00:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Aug 2024 23:00:16 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/c95052b/2147483647/strip/true/crop/1453x1937+565+0/resize/150x200!/quality/90/ 8 KB
8 KB 6ms
6ms Image
image/jpeg 18.67.110.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/c95052b/2147483647/strip/true/crop/1453x1937+565+0/resize/150x200!/quality/90/?url=https%3A%2F%2Fmedia.npr.org%2Fassets%2Fimg%2F2019%2F09%2F24%2Fwany5886-49f844bd5640c38e9927a09564035ffac0f00ec8.jpg
Requested by: Host: www.nprillinois.org
URL: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-85.syd62.r.cloudfront.net
Software: Apache /
Resource Hash: 021ec9de1955137d8c648ebc30ca61994587db1f3973557105ca2a129c72248d

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Jul 2024 22:47:30 GMT
via: 1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SYD62-P2
age: 2419965
x-cache: Hit from cloudfront
content-type: image/jpeg
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 8065
x-amz-cf-id: VuIJp7HsDGTM4LRs4em0Odhia7sFUpYj_OzAQmClOT3hKILInGZhZw==
expires: Wed, 09 Jul 2025 22:47:30 GMT

GET
H2 200 bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js Show response
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/_resource/analytics/ 9 KB
3 KB 4ms
4ms Script
text/javascript 18.67.110.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by: Host: www.nprillinois.org
URL: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-85.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 05 Jul 2024 16:44:52 GMT
content-encoding: gzip
via: 1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2023 13:10:24 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P2
age: 2787324
etag: "c066757a8992615b576ac565d39d182d"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3003
x-amz-cf-id: UWtAXaHlCOJm2O9hY8HFrXBIPiBRYzbKRoZnBWdOVhoWUSQKNxs8Wg==

GET
H2 200 a25806274237d06e00a6.bcb27e846d65db81e599d1bada682c2e.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/ 64 KB
65 KB 14ms
6ms Font
application/octet-stream 18.67.110.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/a25806274237d06e00a6.bcb27e846d65db81e599d1bada682c2e.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.ab6eee59525552b9100e33650d638008.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-85.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.ab6eee59525552b9100e33650d638008.gz.css
Origin: https://www.nprillinois.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 22:15:27 GMT
via: 1.1 e3d6764a647541ed814ff5842b8b1476.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 3717889
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 65916
last-modified: Mon, 22 May 2023 14:22:25 GMT
server: AmazonS3
etag: "9feb0110b6dff9ee2b9ebd17f7a1aee6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.nprillinois.org
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: luN7-sjjjQPsVBqXBk8VxXwOhH-ogJLGbc_Bcah4IZ-cI-mtkM3v2g==

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/bc07de6/2147483647/strip/true/crop/252x60+0+0/resize/504x120!/format/webp/quality/90/ 4 KB
5 KB 6ms
5ms Image
image/webp 18.67.110.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/bc07de6/2147483647/strip/true/crop/252x60+0+0/resize/504x120!/format/webp/quality/90/?url=https%3A%2F%2Fnpr.brightspotcdn.com%2Fdims4%2Fdefault%2Fc24c773%2F2147483647%2Fresize%2Fx60%2Fquality%2F90%2F%3Furl%3Dhttp%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2F14%2Fe3%2Fc6e33fe549b7bca8d77693d5229f%2Fnpr-il-23-4c-no-space.png
Requested by: Host: www.nprillinois.org
URL: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-85.syd62.r.cloudfront.net
Software: Apache /
Resource Hash: 5bb539e1edf4e028049de5fac62868c20c33c0abbee7d846b187ea942cb53700

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Apr 2024 09:10:05 GMT
via: 1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SYD62-P2
age: 10331410
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 4278
x-amz-cf-id: YERAFkNUmro-hfQc_vxPb9GWLxK49jFSVy-pLev-Fe8BNPUBCIX3pg==
expires: Wed, 09 Apr 2025 09:10:05 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/a995b9b/2147483647/strip/true/crop/138x46+0+0/resize/1760x586!/format/webp/quality/90/ 16 KB
16 KB 5ms
5ms Image
image/webp 18.67.110.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/a995b9b/2147483647/strip/true/crop/138x46+0+0/resize/1760x586!/format/webp/quality/90/?url=https%3A%2F%2Fmedia.npr.org%2Fimages%2Fstations%2Flogos%2Fnpr.gif
Requested by: Host: www.nprillinois.org
URL: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-85.syd62.r.cloudfront.net
Software: Apache /
Resource Hash: a1812aee105946804c1f904efd8830f09a7c16d0fd5a227e1f6ab2f64f1c5289

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:56:52 GMT
via: 1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SYD62-P2
age: 20124203
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 16148
x-amz-cf-id: 4Z-GMGvzlP2od_HhFVfLRk6Zlj9sqn4UeQEgwx3uINv8AyB4ARO9IA==
expires: Tue, 17 Dec 2024 00:56:52 GMT

GET
H2 200 /
npr.brightspotcdn.com/dims4/default/66c59d0/2147483647/strip/true/crop/5333x4000+0+0/resize/1760x1320!/format/webp/quality/90/ 387 KB
387 KB 6ms
6ms Image
image/webp 18.67.110.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npr.brightspotcdn.com/dims4/default/66c59d0/2147483647/strip/true/crop/5333x4000+0+0/resize/1760x1320!/format/webp/quality/90/?url=https%3A%2F%2Fnpr.brightspotcdn.com%2Fdims3%2Fdefault%2Fstrip%2Ffalse%2Fcrop%2F5333x4000%20333%200%2Fresize%2F5333x4000%21%2F%3Furl%3Dhttp%3A%2F%2Fnpr-brightspot.s3.amazonaws.com%2Ff2%2F62%2Fc56c6e76497d97117c773b38a95b%2Fgettyimages-979599890.jpg
Requested by: Host: www.nprillinois.org
URL: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-85.syd62.r.cloudfront.net
Software: Apache /
Resource Hash: 4f0e3f9fac947cd9d50a147c05b679086a066b1dca9d9a6651c73a02e36a8a54

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Sat, 27 Jul 2024 11:00:19 GMT
via: 1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: SYD62-P2
age: 907195
x-cache: Hit from cloudfront
content-type: image/webp
edge-control: downstream-ttl=31536000
cache-control: max-age=31536000, public
x-robots-tag: nofollow
content-length: 395796
x-amz-cf-id: -1ogk-VauVYkWRm7U672DdFTWzNFVnXrHPYK3yBDavZ5lDUlKQF7Tw==
expires: Sun, 27 Jul 2025 11:00:20 GMT

POST
H2 204 _track Show response
www.nprillinois.org/ 0
201 B 404ms
403ms XHR
text/plain 108.158.32.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.nprillinois.org/_track
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-9.syd3.r.cloudfront.net
Software: N/A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 06 Aug 2024 23:00:15 GMT
via: 1.1 8e52b0323db9e9f5baf300137747fffe.cloudfront.net (CloudFront)
server: N/A
x-amz-cf-pop: SYD3-P2
x-amz-cf-id: ODmNJhjJ3WDb8slrczOfU-L_yBhPbB-sRmpLve3yQOXGOWdhTNYd3w==
x-cache: Miss from cloudfront

GET
H2 200 now Show response
api.composer.nprstations.org/v1/widget/5187f774e1c802c97cd50dd7/ 2 KB
1 KB 638ms
205ms Fetch
application/json 35.175.57.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.composer.nprstations.org/v1/widget/5187f774e1c802c97cd50dd7/now?format=json&style=v2&show_song=true
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.d910eddccf6fc10215241126a8cbfd61.gz.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.175.57.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-175-57-211.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash: 502232cd5948bba3d4afc9ccb1fc8f7310e44829addbac516bf044ee28f57828

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:16 GMT
content-encoding: gzip
server: nginx
x-powered-by: Express
vary: Accept-Encoding, X-HTTP-Method-Override, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type, api_key

GET
H/1.1 200
OK embed.js Show response
npr-wuis.disqus.com/ 80 KB
26 KB 573ms
253ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://npr-wuis.disqus.com/embed.js

Requested by

Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.d910eddccf6fc10215241126a8cbfd61.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

874f16834120ea58496f7e1e82de62ad9dd1873f7ab915264ff9344c59bc9be7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date: Tue, 06 Aug 2024 23:00:16 GMT
content-encoding: gzip
Strict-Transport-Security: max-age=300; includeSubdomains
server: openresty
Age: 0
Vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
x-service: router
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 26323

GET
H2 200 4dfb11468086b6644234.4324699069756c7680a6e7fffeff0857.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/ 37 KB
37 KB 8ms
6ms Font
application/octet-stream 18.67.110.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/4dfb11468086b6644234.4324699069756c7680a6e7fffeff0857.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.ab6eee59525552b9100e33650d638008.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-85.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f253fa17446bb4f97d687e514e47ad8d90f53ec2db5a27078c2e48a19153d3ff

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.ab6eee59525552b9100e33650d638008.gz.css
Origin: https://www.nprillinois.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Apr 2024 11:00:55 GMT
via: 1.1 e3d6764a647541ed814ff5842b8b1476.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 10324761
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 37812
last-modified: Mon, 22 May 2023 14:22:23 GMT
server: AmazonS3
etag: "edaa7375a6aa70847d9ac82c5a1aaf1d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.nprillinois.org
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: HPnd0OgNiay25TMZWC5cYOVn8DnDZ5z-hQAuVzO-_XD5RQi6KKu50A==

GET
H2 200 512246f3e4dd1aa9f3b6.85ad50e76a8a1549510da5e301f292d1.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/ 65 KB
65 KB 8ms
7ms Font
application/octet-stream 18.67.110.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/512246f3e4dd1aa9f3b6.85ad50e76a8a1549510da5e301f292d1.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.ab6eee59525552b9100e33650d638008.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-85.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 71347fb3ea7e3f722eb29972cfe86ca18ca8326a490f4a789334b4dbbc4fbc3c

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.ab6eee59525552b9100e33650d638008.gz.css
Origin: https://www.nprillinois.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Fri, 28 Jun 2024 05:19:21 GMT
via: 1.1 e3d6764a647541ed814ff5842b8b1476.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 3433255
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 66296
last-modified: Mon, 22 May 2023 14:22:24 GMT
server: AmazonS3
etag: "c8bde939f4823cf1d13619290782e58b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.nprillinois.org
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: tHLRQyOYKjnoczA6APRQowCkyGFIV2gKmSkvO9N67LrJILFVtamcjA==

GET
H2 200 6bbd0c361be9983f8ab6.c34f0550299e7b1df8097deca3f3e423.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/ 151 KB
152 KB 10ms
9ms Font
application/octet-stream 18.67.110.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/6bbd0c361be9983f8ab6.c34f0550299e7b1df8097deca3f3e423.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.ab6eee59525552b9100e33650d638008.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-85.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9de129dc339ad6d1ef70979fbb767a093b58f7074295ce5023220880aebdfeea

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.ab6eee59525552b9100e33650d638008.gz.css
Origin: https://www.nprillinois.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Mon, 24 Jun 2024 09:14:10 GMT
via: 1.1 e3d6764a647541ed814ff5842b8b1476.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 3764766
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 154784
last-modified: Mon, 22 May 2023 14:22:26 GMT
server: AmazonS3
etag: "651186a8d354527d1d1109c8494c1330"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.nprillinois.org
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: 5fx_KxgoaboTyboISXXIJlT2HzYv0gYcLhE2ngtPH0Jsun27dgdVSQ==

GET
H2 200 1e91381cb4c002cdd726.6a829d3b47948aff3773d4ef7c692b54.woff2
npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/ 62 KB
62 KB 14ms
14ms Font
application/octet-stream 18.67.110.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/1e91381cb4c002cdd726.6a829d3b47948aff3773d4ef7c692b54.woff2
Requested by: Host: npr.brightspotcdn.com
URL: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.ab6eee59525552b9100e33650d638008.gz.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.110.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-110-85.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e98838f5615ef1b770afa611ee8e16049049748d057d5610899de9cd93f85e1e

Request headers

Referer: https://npr.brightspotcdn.com/resource/00000177-1bc0-debb-a57f-dfcf4a950000/styleguide/All.min.ab6eee59525552b9100e33650d638008.gz.css
Origin: https://www.nprillinois.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Apr 2024 11:00:55 GMT
via: 1.1 e3d6764a647541ed814ff5842b8b1476.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 10324761
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 63208
last-modified: Mon, 22 May 2023 14:22:26 GMT
server: AmazonS3
etag: "45333152d84c5b68301514bb6689f0e2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: https://www.nprillinois.org
cache-control: public, max-age=31536000
access-control-allow-credentials: true
vary: Origin
accept-ranges: bytes
x-amz-cf-id: qg3z5J7qL3Q3_cPtMsz3eXdbkA9oO_alFuQpL4GfQ2mujOBjgiGVWw==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 8ms
4ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=174342a987e7ed0bdf0ed509e05acc95

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

24d2aeda729178201752a2ae3f4d717da8082ebcc13862aed1de0bcdeb6b1498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.nprillinois.org/
Origin: https://www.nprillinois.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Aug 2024 23:00:15 GMT
content-md5: 4vfeRsTWnll44+k/UklXtQ==
document-policy: force-load-at-top
x-fb-server-load: 36
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89184
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4328, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: 3qqHIr/aCX01HkMnwAfscyNOIE1fei58X4Oypm4km3ClvaK6+Z+1RIALxt56CHvAPh1lpJDB6SVEcPHGm8pY9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c5cfa8875a3628e7f0a0a63917218038
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "f2c34369d1b01a1645dc99fae9cb8b53"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 06 Aug 2025 21:42:57 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/ 473 KB
148 KB 5ms
5ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

16c97b6c26473d70b044e56a04aaa08a40cbf07d644e8bea637f41d3e4acbc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 18:48:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15123
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 151011
x-xss-protection: 0
server: cafe
etag: 11172422436733227893
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 06 Aug 2025 18:48:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 67 B
68 B 197ms
100ms XHR
application/json 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nprillinois.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

92c55e3a647cf09fd4f1dfd6deaeee68ed0497c734dc60ede873005bd3b9d0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
expires: Tue, 06 Aug 2024 23:00:16 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
19 KB 408ms
3ms Font
font/woff2 142.250.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nprillinois.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 22:09:59 GMT
x-content-type-options: nosniff
age: 3017
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18536
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 22:09:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 408ms
4ms Font
font/woff2 142.250.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

sffe /

Resource Hash

d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nprillinois.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 22:15:58 GMT
x-content-type-options: nosniff
age: 2658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18596
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 22:15:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 412ms
8ms Font
font/woff2 142.250.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

sffe /

Resource Hash

ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nprillinois.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 22:09:23 GMT
x-content-type-options: nosniff
age: 3053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18588
x-xss-protection: 0
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 22:09:23 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 20 KB
20 KB 412ms
8ms Font
font/woff2 142.250.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed|Roboto|Roboto:400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.nprillinois.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 22:16:45 GMT
x-content-type-options: nosniff
age: 2611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Aug 2025 22:16:45 GMT

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 432C 0
0 100ms
4ms Document
text/html 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 704
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 28915
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Aug 2024 22:48:32 GMT
expires: Tue, 06 Aug 2024 23:38:32 GMT
last-modified: Mon, 05 Aug 2024 19:44:26 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 200 KB
33 KB 197ms
196ms Fetch
text/plain 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1723712623718524&correlator=3015474279466804&eid=44809527%2C31083342%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407310101&ptt=17&impl=fifs&iu_parts=78715079%2CWUIS_leaderboard_1%2CWUIS_medium_1%2CWUIS_medium_2%2CWUIS_medium_3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1722985216211&lmt=1722985216&adxs=436%2C1100%2C1100%2C1100&adys=253%2C313%2C1000%2C1040&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.nprillinois.org%2F2024-07-09%2Fu-s-says-russian-bot-farm-used-ai-to-impersonate-americans&ref=https%3A%2F%2Fnews.google.com%2F&vis=1&psz=1600x0%7C300x0%7C300x0%7C300x0&msz=1600x0%7C300x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600&topics=9&tps=9&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1722985215482&idt=564&prev_scp=id%3D00000190-9969-db42-a599-d9e9e9b70000%26type%3Dnews-story%26tags%3DNPR%2520News%2520API%2520Ingest%2520Tag%2CNPR%2520Top%2520Stories%2520API%2520Ingest%2520Tag%7Cid%3D00000190-9969-db42-a599-d9e9e9b70000%26type%3Dnews-story%26tags%3DNPR%2520News%2520API%2520Ingest%2520Tag%2CNPR%2520Top%2520Stories%2520API%2520Ingest%2520Tag%7Cid%3D00000190-9969-db42-a599-d9e9e9b70000%26type%3Dnews-story%26tags%3DNPR%2520News%2520API%2520Ingest%2520Tag%2CNPR%2520Top%2520Stories%2520API%2520Ingest%2520Tag%7Cid%3D00000190-9969-db42-a599-d9e9e9b70000%26type%3Dnews-story%26tags%3DNPR%2520News%2520API%2520Ingest%2520Tag%2CNPR%2520Top%2520Stories%2520API%2520Ingest%2520Tag&adks=3454549498%2C2041801469%2C651583479%2C1716499519&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

27e538febaec840d43ac54705eb28523de7b7ed4941b56e3cfe0a4d55e25e193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33552
x-xss-protection: 0
google-lineitem-id: 198554119,6476415064,-2,6080395650
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 109773607519,138460834620,-2,138400847695
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nprillinois.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
49ffe6a97aade13fe9f191b0a628e56a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 62FC 0
0 328ms
122ms Document
text/html 142.250.66.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://49ffe6a97aade13fe9f191b0a628e56a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.193 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Aug 2024 23:00:16 GMT
expires: Tue, 06 Aug 2024 23:00:16 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
91 KB 172ms
171ms Script
application/javascript 142.250.66.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XGZ99F1SED&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

fa7cecbeb976a753dbc68653cc1d694c3e3c850c7122bb6fd80e27cf68aae599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93373
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Aug 2024 23:00:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 301 KB
100 KB 193ms
193ms Script
application/javascript 142.250.66.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BS397MS0WY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N39QFDR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.200 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

96e24275a0daf3d8338fdd9f0be222bfa478c52ff0afc6a0d4e0c1d0e8e83f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102550
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 06 Aug 2024 23:00:16 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 346ms
7ms Script
application/x-javascript 108.158.18.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: news.google.com
URL: https://news.google.com/rss/articles/CBMingFBVV95cUxPTVlQT2RsTVphcVdscVo1ODdSb2NZTlJGdEplcUx5MlB1TlZBM1hRVjlDTk90QnpzU1ctTzIwalA2QXZNMEtZNzFzUER3Si03QW5DektUdHRyQkZXWmpNSHRXS2V0LTBjTGM3aE5KWXRKdDVPckdKOTFZcHA2QXY1Vk1fcDAyNjZVbzlkYXl6TnpIOGlGTmQ4aEd6M2hEZw?oc=5&hl=en-AU&gl=AU&ceid=AU:en
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.18.205 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-18-205.syd62.r.cloudfront.net
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 16:16:48 GMT
content-encoding: gzip
via: 1.1 ed714340561a82eb64e0092ff1378696.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: SYD62-P3
age: 24208
etag: W/"665fad8c-9895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: M8om01BY4PIXkZmhT1AFu85IN2Is0MIN0d-C1ERi3rgV-LnxezG-EQ==
expires: Wed, 07 Aug 2024 16:16:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 98E7 0
0 145ms
145ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfIPci4ycHv5ZcP9QG_AzR8n07tzpJkIVja3f7kza64TJhm2seHjhVWUk6Z_TZkrujsaJ9zI3l4XKhcunEOJ_FLVm7AqIodjqK8oyVkAjqydP5pwwG0L52iTJYCJgOxWF741VEIL-8tiz_qHLStxMvAd_1NsXkJrXMV_b3cIHEyOq_tdOSemgwW7sD39lZErcNy0kUnKfrHUOssTvisR_J2u-17lJ5DORua_sevOqLGRDjrcOcjmBTPVV-YQj-_Vgb8F-OfJQGWpc_zm-20Lmy37y4ydeG5SiTveImdj6_CJxIqyDJ5Cj0oQvneO6vmCoSWVGkr-l329BKW3XXnhIzaHhCTJeATQ&sai=AMfl-YRVRAhokmvfluE_tyigYQD6m6-T6TrkYbGzKVQHNISyJE74V8B47RBItnWhKRaRg4PUnswCQI3dVDcVNVU6GDIBCPzrKG2bh5tnahIN9Dknm7DXzysGmT5g3iSSjAHnGbDVcSVtus1kDg_vlGhZrYiZ&sig=Cg0ArKJSzElz_1v9PXLuEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Aug 2024 23:00:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240801/r20110914/ Frame 98E7 23 KB
9 KB 410ms
6ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240801/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

cafe /

Resource Hash

f88c1da986c6222e070edfef4cbb51b88e16bfcd9dd099f37b6839bccd75b6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 21:56:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 1548005776607054986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Aug 2024 21:56:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240801/r20110914/client/ Frame 98E7 3 KB
2 KB 408ms
4ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240801/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 21:56:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Aug 2024 21:56:40 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 98E7 203 KB
63 KB 7ms
4ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 22:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64474
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Aug 2024 23:30:15 GMT

GET
H2 200 2952330202453323594
tpc.googlesyndication.com/simgad/ Frame 98E7 105 KB
105 KB 560ms
159ms Image
image/png 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2952330202453323594

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

90ec7cd98b8616dfd88c89987c449e6a2c8bcaae78520374c816dcbd8a4794bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Wed, 06 Aug 2025 23:00:17 GMT
date: Tue, 06 Aug 2024 23:00:17 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107177
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 19:03:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5BDA 0
0 144ms
143ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst76ttptQNDAeMXLaKA8ipjathFs2d58GS-7oXG6iirS0S9oW5fjKp6ujs2UQQAf-muNFqTmI4GyFzbpfwPq0v8tr_RIydLqLxIeDsWoRx35mcglj-Xwp-GdcIXbn4XSUuh0bkM5rcYshIpK8TJcShq7NIbvWtTUU8fFBXILZCAXLc0nkwJZrPQ5ctf62RN59gd6Ij-HehdlOhOD4JUZmmFZws9Oq14XiugfatEr7jK1ASd8tKDHT9z3pOJGbJDtFed5ujG_ATudo32w12mKlUlbfxhK9uRUrq6iRETO95VS6ak8lnFAkGaFphFh9NXXhSAYynYLYaHgEJSQ6eWfNe-KG-qCEBR8Q&sai=AMfl-YTZEBxtPJGYP_Qc6CXWazn5DvqO0ode9_VZ_XxskX7KzRJXzG3rSqxc7h82-DK1nmU9cm9CpFCbw2WNF0ChrBP-LtU0b3v2WmB_F7T9xAUfPk0ap7yiH61kMB29MwQvqSi6azXBBm3-dJ4xc6aklmb3&sig=Cg0ArKJSzH-p_9FKSDWBEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Aug 2024 23:00:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240801/r20110914/ Frame 5BDA 23 KB
0 395ms
395ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240801/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

cafe /

Resource Hash

f88c1da986c6222e070edfef4cbb51b88e16bfcd9dd099f37b6839bccd75b6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 21:56:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 1548005776607054986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Aug 2024 21:56:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240801/r20110914/client/ Frame 5BDA 3 KB
0 393ms
393ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240801/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 21:56:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Aug 2024 21:56:40 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5BDA 203 KB
0 0ms
0ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 22:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64474
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Aug 2024 23:30:15 GMT

GET
H2 200 698242648317922857
tpc.googlesyndication.com/simgad/ Frame 5BDA 174 KB
174 KB 555ms
168ms Image
image/png 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/698242648317922857

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

d5c78476b2df35c5cd2bc60def9b9dc813845774888dd37d4f4e12aa8b8fd1f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Wed, 06 Aug 2025 23:00:17 GMT
date: Tue, 06 Aug 2024 23:00:17 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178365
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 22:42:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C70F 0
0 143ms
143ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHjrFvMgZYT9z4h_hfkW_5yiJ_9ejXi0BFHLecQ1wJaLhDM8w2JTRMcnofDnrd0S-6hUXp1fMzL-1xEddtqT-2p_FQZoyJXsBQ0lnA0GAkH0ifrtQnUSxicTk2roJcYWjw8RGxCJzr10AwYUYTNP3kKhjy8qVrfQu-zc7QHs-V6vseEzRk-E-N1F4gwW-fUk_IHSaMmt-EeET-0uZvVxP5of7mYH6oJYQZhax4Y3sStf0G2oSt8rOq_uQz18m0fDnrGuaYCnO_FsyS0kt887Q5b1gxA8Quk70j6e4j0R1oPsFOFI7g4NQugfZG1E9BsMfJp0g_rYywyitivl0HJoSr3PwvszKZ3g&sai=AMfl-YTSPUd053tIop3HM5fch2LaQm-I6pjeZDDWPv6kxciJNjH9tIm7WfhAuuhZz3nzRqFmDkpfbYUfltbgJj0xM009C2E0p0SvGgekJg1NOq5-AJ4PbQHMcSSPS3LKGo1jABhNvZRG-VG1Y9yP89H-DFkh&sig=Cg0ArKJSzNrckAkbHARXEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Aug 2024 23:00:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240801/r20110914/ Frame C70F 23 KB
0 2ms
2ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240801/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

cafe /

Resource Hash

f88c1da986c6222e070edfef4cbb51b88e16bfcd9dd099f37b6839bccd75b6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 21:56:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9141
x-xss-protection: 0
server: cafe
etag: 1548005776607054986
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Aug 2024 21:56:43 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240801/r20110914/client/ Frame C70F 3 KB
0 1ms
1ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240801/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 21:56:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1229
x-xss-protection: 0
server: cafe
etag: 16544991220582087243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Aug 2024 21:56:40 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C70F 203 KB
0 0ms
0ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 22:30:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64474
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Aug 2024 23:30:15 GMT

GET
H2 200 2035286482162495265
tpc.googlesyndication.com/simgad/ Frame C70F 212 KB
213 KB 504ms
135ms Image
image/png 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2035286482162495265

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

fbabbc32ac581e5a235b31d670b847857aad8106d2c61fbcd79abe83e0ab6785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: Wed, 06 Aug 2025 23:00:16 GMT
date: Tue, 06 Aug 2024 23:00:16 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217281
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 16:28:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 98E7 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a7b8177ac57ddb0827122c5bc00c0a7de2ffa9f77c0c90284a47d796a7d683b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5BDA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c424c9093de72703d7d55b6e80e9a4a365c77054522d4ff9b00bb70902bbce0c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame C70F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c332de443538f8a7814fab28a27c240b3dfae0869a856db83fd5a427e7f10616

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 2EB3 0
0 268ms
251ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=npr-wuis&t_i=00000190-9969-db42-a599-d9e9e9b70000&t_u=https%3A%2F%2Fwww.nprillinois.org%2F2024-07-09%2Fu-s-says-russian-bot-farm-used-ai-to-impersonate-americans&t_e=U.S.%20says%20Russian%20bot%20farm%20used%20AI%20to%20impersonate%20Americans&t_d=%0A%20%20%20%20%20%20%20%20U.S.%20says%20Russian%20bot%20farm%20used%20AI%20to%20impersonate%20Americans%0A%20%20%20%20&t_t=U.S.%20says%20Russian%20bot%20farm%20used%20AI%20to%20impersonate%20Americans&s_o=default

Requested by

Host: npr-wuis.disqus.com
URL: https://npr-wuis.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.134 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nprillinois.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Age: 0
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2930
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://com-disqus.netmng.com:* 'unsafe-inline' https://referrer.disqus.com/juggler/ https://connect.facebook.net/en_US/sdk.js https://cdn.syndication.twimg.com/tweets.json https://apis.google.com https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Content-Type: text/html; charset=utf-8
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 06 Aug 2024 23:00:16 GMT
ETag: W/"lounge:view:10253306890.6b577bc7c42fe4037348a46bf2b521e4.2"
Last-Modified: Tue, 09 Jul 2024 21:50:51 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Strict-Transport-Security: max-age=300; includeSubdomains
Timing-Allow-Origin: *
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 98E7 0
0 135ms
134ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 23:00:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BDA 0
0 262ms
134ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 23:00:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C70F 0
0 399ms
139ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 23:00:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 512ms
104ms Fetch
text/plain 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XGZ99F1SED&gtm=45je47v0v887396349z8813477654za200zb813477654&_p=1722985215585&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=751754761.1722985217&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722985216&sct=1&seg=0&dl=https%3A%2F%2Fwww.nprillinois.org%2F2024-07-09%2Fu-s-says-russian-bot-farm-used-ai-to-impersonate-americans&dr=https%3A%2F%2Fnews.google.com%2F&dt=U.S.%20says%20Russian%20bot%20farm%20used%20AI%20to%20impersonate%20Americans%20%7C%20NPR%20Illinois&en=page_view&_fv=1&_nsi=1&_ss=1&ep.tag_implementation=Grove%20Site%20(GTM-N39QFDR)&ep.station_operator=o653&ep.station=NPR%20Illinois%20%7C%2091.9%20UIS&ep.page_type=news-story&ep.nid=00000190-9969-db42-a599-d9e9e9b70000&ep.article_category=&ep.article_author=Shannon%20Bond&ep.article_keywords=NPR%20News%20API%20Ingest%20Tag%2CNPR%20Top%20Stories%20API%20Ingest%20Tag&ep.story_org_id=s1&ep.site_name=NPR%20Illinois&epn.inline_audio=0&ep.program=&ep.article_published_date=2024-07-09T17%3A32%3A09Z&epn.article_word_count=0&ep.npr_story_id=g-s1-9010&ep.station_org_id=653&ep.npr_cms_site=true&ep.article_series=&tfd=2148
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XGZ99F1SED&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 23:00:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nprillinois.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 632ms
205ms Image
image/gif 34.203.185.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=nprillinois.org&p=%2F2024-07-09%2Fu-s-says-russian-bot-farm-used-ai-to-impersonate-americans&u=C-1yNrBZRQ_bDiIn8c&d=nprillinois.org&g=33583&g0=No%20Section&g1=Shannon%20Bond&n=1&f=00001&c=0&x=0&m=0&y=3798&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=https%3A%2F%2Fnews.google.com%2F&PA=https%3A%2F%2Fwww.nprillinois.org%2F2024-07-09%2Fu-s-says-russian-bot-farm-used-ai-to-impersonate-americans&b=2180&t=BMJAACqBw72DxkJuMCANWg98x4xx&V=147&i=U.S.%20says%20Russian%20bot%20farm%20used%20AI%20to%20impersonate%20Americans%20%7C%20NPR%20Illinois&tz=-480&sn=1&sv=BTL3U1CiaLhoDUXqLjCbUihCB_jh0j&sr=https%3A%2F%2Fnews.google.com%2F&sd=1&im=067b0fff&_
Requested by: Host: www.nprillinois.org
URL: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.185.0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-185-0.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Tue, 06 Aug 2024 23:00:17 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
content-type: image/gif

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 431ms
105ms Fetch
text/plain 142.251.221.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-BS397MS0WY&gtm=45je4850v9102559062z8813477654za200zb813477654&_p=1722985215585&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250753&cid=751754761.1722985217&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722985216&sct=1&seg=0&dl=https%3A%2F%2Fwww.nprillinois.org%2F2024-07-09%2Fu-s-says-russian-bot-farm-used-ai-to-impersonate-americans&dr=https%3A%2F%2Fnews.google.com%2F&dt=U.S.%20says%20Russian%20bot%20farm%20used%20AI%20to%20impersonate%20Americans%20%7C%20NPR%20Illinois&en=page_view&_fv=1&_ss=1&ep.station=NPR%20Illinois%20%7C%2091.9%20UIS&ep.page_type=news-story&ep.nid=00000190-9969-db42-a599-d9e9e9b70000&ep.article_category=&ep.article_author=Shannon%20Bond&ep.article_keywords=NPR%20News%20API%20Ingest%20Tag%2CNPR%20Top%20Stories%20API%20Ingest%20Tag&ep.story_org_id=s1&ep.site_name=NPR%20Illinois&epn.inline_audio=0&ep.program=&ep.article_published_date=2024-07-09T17%3A32%3A09Z&epn.article_word_count=0&ep.npr_story_id=g-s1-9010&ep.station_org_id=653&ep.npr_cms_site=true&ep.article_series=&tfd=2230
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BS397MS0WY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.221.78 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s31-in-f14.1e100.net
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 23:00:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nprillinois.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C70F 0
0 143ms
143ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6itwW8sPGTZbdK1APDTC-9b68nwdV3TFIHVRYwnF-h70oiiGXTxMM3fonCUmrG99nHmS8YDO2V1iAFRjbiMAe62V1rak0xpA8IGPx9z1NeypetT7WQRBxOgieEzDalVwEjWO0QCgZjPcWGCCfiRZInCplQF11x31vELE7CjKCQhonJRKj3DfBWIN9KZ0E0wGK1oiCZ5DgmKJExlTJucCm0Jznrxa0lEBXIb0B3efKsIVMnDhAZD2YZEkwXJ_O-l7yH1tjfNUHB05fr9V2eZbjX1iWbYJd6-FQ1gGPwnrE7UJXQ39h_WjzB7dsZih8N40m24JjM-D11dh8vON_G1TUB8Rcx5WlDzBw&sai=AMfl-YQQbegpixdOAFzWBbsumBwkyBcgQSOXH-wKq5ZQIqMuexFXBI1lDhA_EHE802GspcpnvKCkBkGwILgCHCR1qm63oOeHGyI5Zz1fWWlYP2ipcCaMpqcgkPoedkCLHG-F1JvPScncys4RFHxEU_yz_7Yn&sig=Cg0ArKJSzCbptLTmuQNrEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Aug 2024 23:00:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 98E7 0
0 143ms
142ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvekKrSHjqI0-QELdyy5pBEfjHaUUv1kocgB6yNBfduvBbjoqBM09EEQXUxr5cdRx3EdHqCNCGb7nuinpn5yWaxFPq1h-xchHJa7s6IZzdw-xUpELKSqio_47iPJnGfTITt4vzKwckOFBlNXaL5NHc0cgj4xjGBSAxoeNMU9jb7K_tNDzdJpP3mdgrez4d6qQImRvpbyXL0cnwXAch3Vj0tioYox4n3aDRiwlYBB_4P482GOg4_XXHEyqWM4wmDRQ1eJ2ZkRrHYtrTBhH4nAv6dlleowz8QwoXVFYF7bUPoLqiSirF5CsRmiWGinDZ7jBVXmAV9Lkdrhqyyd6hmZ9bcmuAjk0KrZ7v9&sai=AMfl-YQJR7a904-UR4RrRFd1rZ48ykh9lX-5B3CjnM5CF_gfJe2WxZY7iFpiiY6rpyshzgeS0yFcxmGS1oDRKhcjnvad7OOmMuE6rCWpO84JQ2uMXkUjxzE2ia2i9Fl6aOK7J03Gndm3NICjehRkg53Z7_cB&sig=Cg0ArKJSzIrA7MyGhBzbEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Aug 2024 23:00:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5BDA 0
0 142ms
141ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEUF58DbKDCSq9M4BPSrH4wQouqJ9-hSE75NJ7mwBxpl1D_qepAgQT3LHgnaL4yDr9g1CLKjdl6kKXY5QEs_ZagH6L7UOYbfc87dwbU5P0YDQSFb1FwAXQal8_sZTTVGeDiyedJ5_GVZtASPTUQqFo8SIy33fbbWe5bL1uRGkIuZKyHKe-I_btekYzIDIegdIy_KH3cVWzInl4UMe4Da4Eg3hLoJpZOBYhuh2wC5R3ID4Zax_UntnMUG_q5EajvOfhvE4BSxSpKhpEqMtL4hAVzeaelqsw6G2SZIEHX9txcEWt8NF-q8JehoY_qctodSifMRw6BnZo1wpfNfjThg5M9EfMZoWksv7-&sai=AMfl-YT1MxSjY8cDL6oSDPjnvvFZxaEW927mmjecRvkW-dkm7Brs9jUtvfDlmPZop5xKdZuzwAbY-8CXqeQ86PLPda8guGHIqbWTobKiL5XgVxJJQ8dLOwCBmskCvMbx7GV1ySbpzeeBsX78r7SK9jtQHvc9&sig=Cg0ArKJSzHPQDxEfqw0NEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Aug 2024 23:00:17 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 138ms
136ms Fetch
text/html 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s25-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98E7 42 B
65 B 142ms
142ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsvLw95Vw6R2DFD3pw8UZ3CFUK97_i3Rf2WiawBXTMV68DrZA5VC7BTkg9sO0cs8FoDL16jGdGiC-2bfOl7aXZC94RGIEuCriKMRI6YT-dQQmFWewJ2gr8Zfamrg2Qt6qHtb46EDTJOz4kAVGLYQML6WpiS04pxsU&sig=Cg0ArKJSzCN-N6fiSMM6EAE&id=lidar2&mcvt=1000&p=253,436,343,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240805&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3454549498&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1891801600&rst=1722985216478&rpt=782&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 23:00:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 136ms
135ms XHR
application/json 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

5d27a5e38727b3c62e96db51e1f3cef135982160d456e93fa03767ec93b3bb28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12959
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5BDA 42 B
65 B 140ms
140ms Fetch
image/gif 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoqRzOUpRJde3xhqUsU9ecAgxfEMayWXAV3G_05z35sPDtXUuqSf-nlIcvMsE1GDjqUtFLcTWjFfBawsfYIjM1s-1-HYhpWNJieaxZDWHSBBzUsPKO19tgiXYeBeTgjRchKj3MFsR6fBlnnoqljwfQgItlAVf4YA4&sig=Cg0ArKJSzNYiy_MbuZZaEAE&id=lidar2&mcvt=1004&p=403,1100,653,1400&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20240805&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2041801469&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1891801600&rst=1722985216501&rpt=836&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Aug 2024 23:00:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 favicon-16x16.png
www.nprillinois.org/ 1 KB
2 KB 256ms
256ms Other
image/png 108.158.32.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nprillinois.org/favicon-16x16.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.158.32.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-158-32-9.syd3.r.cloudfront.net

Software

N/A /

Resource Hash

4e32fa20de65bf82db152dfe1849f24f8d975af46c8b82996c3e0a91e1374238

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.grovecms.org/

Request headers

Referer: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://app.grovecms.org/
via: 1.1 8e52b0323db9e9f5baf300137747fffe.cloudfront.net (CloudFront)
date: Tue, 06 Aug 2024 23:00:17 GMT
server: N/A
x-amz-cf-pop: SYD3-P2
x-cache: Miss from cloudfront
content-type: image/png;charset=UTF-8
cache-control: max-age=300
content-length: 1265
x-amz-cf-id: VlR_FPEmyB3DN5PGC8Vwn_Pg9HW-Wt-c8bfVpPpzvPANi6Yf29QzVg==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 148ms
146ms Script
text/javascript 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date: Tue, 06 Aug 2024 23:00:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Aug 2024 23:00:18 GMT

GET
H2 200 favicon-32x32.png
www.nprillinois.org/ 3 KB
3 KB 425ms
425ms Other
image/png 108.158.32.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nprillinois.org/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.158.32.9 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-158-32-9.syd3.r.cloudfront.net

Software

N/A /

Resource Hash

1571ae29a33dd974cd74f068e04f9d5fd1fbfe8817f9b682d7d1a498a56a9e3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.grovecms.org/

Request headers

Referer: https://www.nprillinois.org/2024-07-09/u-s-says-russian-bot-farm-used-ai-to-impersonate-americans
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://app.grovecms.org/
via: 1.1 8e52b0323db9e9f5baf300137747fffe.cloudfront.net (CloudFront)
date: Tue, 06 Aug 2024 23:00:17 GMT
server: N/A
x-amz-cf-pop: SYD3-P2
x-cache: Miss from cloudfront
content-type: image/png;charset=UTF-8
cache-control: max-age=300
content-length: 2681
x-amz-cf-id: pLbGGKpfTz57hE8hnAi0sE9Yh-KDN4Xu2Rst7Orf5W1J6gg8oxIf3A==

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 71F0 0
0 398ms
3ms Document
text/html 172.217.167.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nprillinois.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 135365
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Aug 2024 09:24:14 GMT
expires: Tue, 05 Aug 2025 09:24:14 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 9C73 0
0 206ms
103ms Document
text/html 142.250.67.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.4 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MFMtlNY6veSK-kn4JlmB4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nprillinois.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-MFMtlNY6veSK-kn4JlmB4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Aug 2024 23:00:18 GMT
expires: Tue, 06 Aug 2024 23:00:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407310101&jk=1723712623718524&bg=!aGulayTNAAZjy5caQ8s7ADQBe5WfOBIhVhbLpEaq0fmHQ2fOPjBC4gQoT5BztxozUrDupbVcCAcIi0Ds5JCuOw1EiqbeAgAAAFZSAAAAA2gBB34ANkLM8DKWqOj1ctnp9lIaC4MUxIb_xBpob0kTFnY5rZEn8jaf3km151MAg6QcUBEa7Roz5mZ5rpkCxw8I-uCy7bXGJhEVfIesjJ6Wzr0hZZ9oyhLWrS0VQpSrk2ejr4lm7bILi8UFR4MXrbEi5TeYc6Rm8JxuQjutrC4xztagk6mY7AKVNuhEtKlUHjLCMRVXoeGXwNafXWJ5FQJJ4jLbhMrEIsBMa1kyfp-L1T0I0fn9IaahMp42E_DluHAIhLUfJjFlp6lVLalZvEbPTM-JpK5HXu5AYc3fRlGmWUF0bAXS00LMnBxabzvt6sU8G2UGNbWh012V4shpOs4KCKw57ueby_2JqOcqQ1poICnPDLUavl7TZpyEfW7FqKRFMMhpE8IKJ-v1Ksg720YZBUhCuu7numySmkFEr1RHb_dMbUrjHfVNpEoWw2GCUV7dz2WsDql-rbGOC16LNRP_bM5jhXapKSQ7v9-kOf2VjGt7VQXWt5u01zr4XfbrucOL0gnDZqY-BPxGzawKK1b85ws-82IKEfQDa-hbrLDXBYXF5zk2OOuES7rWKqPM-QBkpJNPZOO973hJyWpttE-RW0ALaXZBqZafWKT7y_w_sd2b31d7ogvKByQHITT0bGDhPSzauUzAzhBfF_6P-3qGSL9n5dTtL2zBm_MYYV-9wPPEI1Wu0e-kEL0-XhGWARYr6QKoU1sC8kxmt47Bn7xXsUpA_keuY4s1igJNImPQM7hKiULaj83N3wKIBES07alHuvd-pGmaoMU9Q0KdlpMZi1V8F15AD_2pe7j_PgGdetSB9-fksIBpdDJbxXXZWiWk9s-jhsajDf9RYA-hS1lA9QOknmHnbREflodtOIKMJQwtTCyDX36g3n95vUnAhfo-d3bcHU9zIyc-RT-he4chsZvwPzmQ6jLLe-XaiOVYAEDEpJ1OEuh0gqu3QJRXN6OrBc7bqrLVLcNvVvzOlSsT3zwClfMplqXQBjXVCF_aFU7upgkabgiOzV2AOlYuDjWgSvWjFg

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
news.google.com/	1970-01-21 02:59:13	Name: GN_PREF Value: W251bGwsIkNBSVNEQWo4MWNxMUJoQ1FsZW1IQWciXQ__
.news.google.com/	1970-01-21 08:12:25	Name: _ga Value: GA1.1.1531468471.1722985214
news.google.com/	1970-01-20 23:19:37	Name: OTZ Value: 7678020_24_24__24_
.google.com/	1970-01-21 02:59:56	Name: NID Value: 516=lHHYELwgLpAEeSulDsDrwrP_GnyT1A1Laer-YeV-wSSvY7GjcxDuFPyOGluh9iuJiUybUwaMi6iOw7fZCfl9bE0IBpRMbP3b_CwBaQotCkrn0UIZI0tJEcUi2Qzr-aFdFiau5OJFYUEZ0m9SU4bhXhVOGH7nUC82Gzp5kjpiqk7z7tdX
.news.google.com/	1970-01-21 08:12:25	Name: _ga_SYGF1G18MM Value: GS1.1.1722985214.1.0.1722985215.0.0.0
www.nprillinois.org/	1969-12-31 23:59:59	Name: BSP_PLAYER_PREROLLUID Value: {"version":"1.0.1","uuid":"j0wt16b2o","timestamp":1722985215738}
.nprillinois.org/	1970-01-21 07:58:01	Name: __gads Value: ID=a599d4cca1163d0d:T=1722985216:RT=1722985216:S=ALNI_MZV9A_mS7uL1QRci18Ob2k5ryVYpQ
.nprillinois.org/	1970-01-21 07:58:01	Name: __gpi Value: UID=00000eb7abc470f3:T=1722985216:RT=1722985216:S=ALNI_Maag5z6MZkyJBEAljCeJ4Y-ineGVA
.nprillinois.org/	1970-01-21 02:55:37	Name: __eoi Value: ID=53f0e5f12f4756f5:T=1722985216:RT=1722985216:S=AA-Afjb_fH_dcnZocZirgo6F0k6R
.doubleclick.net/	1970-01-21 08:12:25	Name: IDE Value: AHWqTUlPOZeewCm50J9FnYDoolIW1vz2xxI26z2bSMNYDSQEiazQG3f8KEAW6jcdDWM
.nprillinois.org/	1970-01-21 08:12:25	Name: _ga_XGZ99F1SED Value: GS1.1.1722985216.1.0.1722985216.0.0.0
.nprillinois.org/	1970-01-21 08:12:25	Name: _ga Value: GA1.1.751754761.1722985217
.nprillinois.org/	1970-01-21 08:05:13	Name: _cb Value: C-1yNrBZRQ_bDiIn8c
.nprillinois.org/	1970-01-21 08:05:13	Name: _chartbeat2 Value: .1722985216764.1722985216764.1.BTL3U1CiaLhoDUXqLjCbUihCB_jh0j.1
.nprillinois.org/	1970-01-20 22:36:27	Name: _cb_svref Value: https%3A%2F%2Fnews.google.com%2F
.nprillinois.org/	1970-01-21 08:12:25	Name: _ga_BS397MS0WY Value: GS1.1.1722985216.1.0.1722985216.0.0.0
disqus.com/	1970-01-20 22:36:27	Name: __jid Value: 2nh56533qh08mk
.disqus.com/	1970-01-21 07:22:01	Name: disqus_unique Value: 2nh566n2ivhtad

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wR8_dWE3TEvRgRlt7QXwnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DotsSplashUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/ https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/main_light_binary.js https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://youtube.com https://www.youtube.com https://youtube.googleapis.com https://*.ytimg.com https://ajax.googleapis.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DotsSplashUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/DotsSplashUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

49ffe6a97aade13fe9f191b0a628e56a.safeframe.googlesyndication.com
api.composer.nprstations.org
connect.facebook.net
disqus.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
news.google.com
npr-wuis.disqus.com
npr.brightspotcdn.com
pagead2.googlesyndication.com
ping.chartbeat.net
play.google.com
securepubads.g.doubleclick.net
static.chartbeat.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.nprillinois.org
pagead2.googlesyndication.com
108.158.18.205
108.158.32.9
142.250.204.2
142.250.66.193
142.250.66.200
142.250.66.238
142.250.67.3
142.250.67.4
142.251.221.78
151.101.128.134
157.240.8.23
172.217.167.106
172.217.167.97
172.217.24.33
172.217.24.35
172.217.24.46
18.67.110.85
199.232.192.134
34.203.185.0
35.175.57.211
021ec9de1955137d8c648ebc30ca61994587db1f3973557105ca2a129c72248d
098803a6b604365b6752d37b99fe0141c6f7e4842b5aae4f2e269c718ab17bba
0c8b18f48ce0c5d32811cbd452596dd833357f1135db12fe7e7f61c5cabcd81a
1571ae29a33dd974cd74f068e04f9d5fd1fbfe8817f9b682d7d1a498a56a9e3a
16c97b6c26473d70b044e56a04aaa08a40cbf07d644e8bea637f41d3e4acbc7e
1f5645fa7db3c441f4bfa3c0962e1479a4b3d0958b888b63b971ba93c77619e8
24d2aeda729178201752a2ae3f4d717da8082ebcc13862aed1de0bcdeb6b1498
2634b6b0e503b85fc6539e9677f150ab9a50cb6fa4e5c10ba00e6ddad06d1936
27e538febaec840d43ac54705eb28523de7b7ed4941b56e3cfe0a4d55e25e193
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2
3b244257da824f1be4d294b0751e942801a13ee8d8eb3385c25e0021cc512118
4c8f2e1e52487637586cbb803fe12d88c099caac9544bc4b3258ae923fe1de67
4e32fa20de65bf82db152dfe1849f24f8d975af46c8b82996c3e0a91e1374238
4f0e3f9fac947cd9d50a147c05b679086a066b1dca9d9a6651c73a02e36a8a54
502232cd5948bba3d4afc9ccb1fc8f7310e44829addbac516bf044ee28f57828
5bb539e1edf4e028049de5fac62868c20c33c0abbee7d846b187ea942cb53700
5d27a5e38727b3c62e96db51e1f3cef135982160d456e93fa03767ec93b3bb28
5d637723295e6bdb985608a019c6c271b7a92cb0f42d6915f180074aa2fd450a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6a7b8177ac57ddb0827122c5bc00c0a7de2ffa9f77c0c90284a47d796a7d683b
70883b0df4028169f397776a9423b05efe930064f8ef00b34f5f07b8ee7ef4e1
71347fb3ea7e3f722eb29972cfe86ca18ca8326a490f4a789334b4dbbc4fbc3c
74b32a126b5932447dd6abcaec6f9b3e5a28ce0c7e263b7b8f1251ecbcc5d2b1
800f633202ce8f9164b880fd6ed86fc0673a476462c0df7ada22f14b7acd7725
874f16834120ea58496f7e1e82de62ad9dd1873f7ab915264ff9344c59bc9be7
893b5d63438e2c21e9f9f4bf486730168ca99cda11cba2a16e1bbf67ab41f816
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8cef08634dc57d6519717c5a99a9e502bdc96586fe64770520a4820b0b089920
90ec7cd98b8616dfd88c89987c449e6a2c8bcaae78520374c816dcbd8a4794bc
92c55e3a647cf09fd4f1dfd6deaeee68ed0497c734dc60ede873005bd3b9d0f4
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
96e24275a0daf3d8338fdd9f0be222bfa478c52ff0afc6a0d4e0c1d0e8e83f39
97399a2914c593da2895d9729aa0170a1956e91ee54cf7550696691949558a37
996e82b8f1fb7a3e44db2806293f5c0b03e994f5ab188d57d089d5b538816e1f
9de129dc339ad6d1ef70979fbb767a093b58f7074295ce5023220880aebdfeea
a1812aee105946804c1f904efd8830f09a7c16d0fd5a227e1f6ab2f64f1c5289
ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6
bd71dccc5d856d27ae8c401c31f2a3c89c53933a5eecd65e717ca99ac7601456
c08dfa26ba1ab74cdf2ae1169dbe0f038abac2d38e8791be878d112a82dfe845
c332de443538f8a7814fab28a27c240b3dfae0869a856db83fd5a427e7f10616
c424c9093de72703d7d55b6e80e9a4a365c77054522d4ff9b00bb70902bbce0c
c8941d714070ba95c8c2f4c13eb8c2449ec52119a6cf5d50ec5210011d3c7c47
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5c78476b2df35c5cd2bc60def9b9dc813845774888dd37d4f4e12aa8b8fd1f9
d7b1515e4887aaae622a0d52e2ca469d838329be317eddfce5d7f16502f50f6d
d9bada3a44bb2ffa66dec5cc781cafc9ef17ed876cd9b0c5f7ef18228b63cebb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e98838f5615ef1b770afa611ee8e16049049748d057d5610899de9cd93f85e1e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ee057a88a75fd67a82fd23957e289bf1ad657c0913e8b419eb7c3a59be5634
f253fa17446bb4f97d687e514e47ad8d90f53ec2db5a27078c2e48a19153d3ff
f66e529c8c72aa71ade975596324cd07ea348380f104cecfa7c163ba53695487
f88c1da986c6222e070edfef4cbb51b88e16bfcd9dd099f37b6839bccd75b6c4
f9d2705c43bbe38b36d32c4290a492a1ed53691adc1a952b3b9e55cbe5e4442d
fa7cecbeb976a753dbc68653cc1d694c3e3c850c7122bb6fd80e27cf68aae599
fbabbc32ac581e5a235b31d670b847857aad8106d2c61fbcd79abe83e0ab6785

www.nprillinois.org Open in urlscan Pro 108.158.32.9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

93 Requests

99 %HTTPS

0 %IPv6

15 Domains

21 Subdomains

21 IPs

2 Countries

2833 kBTransfer

7026 kBSize

18 Cookies

24 Outgoing links

Page URL History

Redirected requests

93 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.nprillinois.org Open in urlscan Pro
108.158.32.9 Public Scan

Screenshot
Live screenshot

Full Image

93
Requests

99 %
HTTPS

0 %
IPv6

15
Domains

21
Subdomains

21
IPs

2
Countries

2833 kB
Transfer

7026 kB
Size

18
Cookies

93 HTTP transactions
3 data transactions