www.spokesman.com Open in urlscan Pro
18.245.86.94 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://xfinity-billpay-alerts.50-6-168-50.cprapid.com/
Effective URL:
https://www.spokesman.com/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On December 10 via api (December 10th 2024, 11:12:45 pm UTC) from IT — Scanned from IT

Summary HTTP 150 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 52 IPs in 7 countries across 47 domains to perform 150 HTTP transactions. The main IP is 18.245.86.94, located in United States and belongs to AMAZON-02, US. The main domain is www.spokesman.com. The Cisco Umbrella rank of the primary domain is 286039.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 29th 2024. Valid for: a year.

This is the only time www.spokesman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	50.6.168.50 50.6.168.50	19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING)
1 1	166.108.36.33 166.108.36.33	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
1 1	18.245.46.41 18.245.46.41	16509 (AMAZON-02) (AMAZON-02)
1	18.245.86.94 18.245.86.94	16509 (AMAZON-02) (AMAZON-02)
5	18.245.31.35 18.245.31.35	16509 (AMAZON-02) (AMAZON-02)
8	18.173.205.30 18.173.205.30	16509 (AMAZON-02) (AMAZON-02)
1	13.35.58.32 13.35.58.32	16509 (AMAZON-02) (AMAZON-02)
7	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	13.35.58.5 13.35.58.5	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
1	172.67.159.162 172.67.159.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.172.112.71 18.172.112.71	16509 (AMAZON-02) (AMAZON-02)
1	3.161.82.72 3.161.82.72	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	91.134.35.216 91.134.35.216	16276 (OVH OVH SAS) (OVH OVH SAS)
3	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
1 2	107.178.250.234 107.178.250.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	152.199.21.175 152.199.21.175	15133 (EDGECAST) (EDGECAST)
2	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
2	173.194.76.155 173.194.76.155	15169 (GOOGLE) (GOOGLE)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	142.250.184.238 142.250.184.238	15169 (GOOGLE) (GOOGLE)
10	54.173.215.37 54.173.215.37	14618 (AMAZON-AES) (AMAZON-AES)
2	178.250.1.4 178.250.1.4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
8	81.17.55.113 81.17.55.113	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
2	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	63.215.202.146 63.215.202.146	41041 (VCLK-EU-S...) (VCLK-EU-SE Conversant LLC)
3	143.244.197.139 143.244.197.139	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	163.5.194.36 163.5.194.36	60558 (SECUREDSE...) (SECUREDSERVERS-EU PHOENIX NAP)
9	52.59.238.109 52.59.238.109	16509 (AMAZON-02) (AMAZON-02)
2	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.247.103.188 34.247.103.188	16509 (AMAZON-02) (AMAZON-02)
2	185.255.84.150 185.255.84.150	200271 (IGUANE-FR...) (IGUANE-FR Iguane Solutions SAS)
5	44.236.165.148 44.236.165.148	16509 (AMAZON-02) (AMAZON-02)
9	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
1	152.199.19.161 152.199.19.161	15133 (EDGECAST) (EDGECAST)
1	104.26.5.15 104.26.5.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	35.227.203.93 35.227.203.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	34.96.74.203 34.96.74.203	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	216.58.206.33 216.58.206.33	15169 (GOOGLE) (GOOGLE)
1	3.5.27.201 3.5.27.201	14618 (AMAZON-AES) (AMAZON-AES)
2	20.50.88.245 20.50.88.245	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	35.214.136.108 35.214.136.108	19527 (GOOGLE-2) (GOOGLE-2)
1	34.225.153.120 34.225.153.120	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.32.100.25 23.32.100.25	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	52.31.168.245 52.31.168.245	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.1.57 178.250.1.57	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
1	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
2	13.85.16.224 13.85.16.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
150	52

2 50.6.168.50 (United States) 2 redirects

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 50-6-168-50.unifiedlayer.com

xfinity-billpay-alerts.50-6-168-50.cprapid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 166.108.36.33 (Sacramento, United States) 1 redirects

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet801.ejoco.com

sacbee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.41 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-41.fra56.r.cloudfront.net

spokesman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-94.fra60.r.cloudfront.net

www.spokesman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.245.31.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-35.fra56.r.cloudfront.net

thumb.spokesman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.173.205.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-30.fra56.r.cloudfront.net

static.spokesman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-32.fra60.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.58.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-5.fra60.r.cloudfront.net

prod.adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.159.162 (United States)

ASN13335 (CLOUDFLARENET, US)

sdk.mrf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.172.112.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-71.fra60.r.cloudfront.net

media.spokesman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-72.fra56.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 91.134.35.216 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: haproxy05.cl13.ovh.mrf.io

events.newsroom.bi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 152.199.21.175 (Germany)

ASN15133 (EDGECAST, US)

loader-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.q0losid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mbmgivexdvpajr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.dmepyodjotcuks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.vmzqqmlpwwmazjnio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pranmcpkx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.194.76.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.173.215.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-215-37.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.4 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

grid-bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 81.17.55.113 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.215.202.146 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE Conversant LLC, US)
PTR: ams01-convex-float1.dotomi.com

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.244.197.139 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 163.5.194.36 (Amsterdam, Netherlands) 1 redirects

ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.59.238.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-238-109.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.247.103.188 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-103-188.eu-west-1.compute.amazonaws.com

hb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.255.84.150 (France)

ASN200271 (IGUANE-FR Iguane Solutions SAS, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.236.165.148 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-165-148.us-west-2.compute.amazonaws.com

adspsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.161 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.5.15 (None, )

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.203.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.203.227.35.bc.googleusercontent.com

pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.74.203 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 203.74.96.34.bc.googleusercontent.com

api.pymx5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.33 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f1.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.27.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

paywall-ad-bucket.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.245 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 108.136.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.153.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-153-120.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.100.25 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-100-25.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.168.245 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-168-245.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.57 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

ssp-sync.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-spokesman-proxy-connext.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	spokesman.com 1 redirects spokesman.com — Cisco Umbrella Rank: 218900 www.spokesman.com — Cisco Umbrella Rank: 286039 thumb.spokesman.com — Cisco Umbrella Rank: 324416 static.spokesman.com — Cisco Umbrella Rank: 368444 media.spokesman.com — Cisco Umbrella Rank: 344096	17 MB
12	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 14473 www.i.matheranalytics.com — Cisco Umbrella Rank: 13861	46 KB
10	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 stats.g.doubleclick.net — Cisco Umbrella Rank: 135 td.doubleclick.net — Cisco Umbrella Rank: 182	325 KB
9	googlesyndication.com c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com
9	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 985	1 KB
8	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1998	2 KB
8	adspsp.com prod.adspsp.com — Cisco Umbrella Rank: 21988 adspsp.com — Cisco Umbrella Rank: 19645	139 KB
7	newsroom.bi events.newsroom.bi — Cisco Umbrella Rank: 7097	5 KB
5	criteo.com 1 redirects grid-bidder.criteo.com — Cisco Umbrella Rank: 1731 dis.criteo.com — Cisco Umbrella Rank: 702 ssp-sync.criteo.com — Cisco Umbrella Rank: 980	2 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 142 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695 www.google.com — Cisco Umbrella Rank: 3	11 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 389 ep2.adtrafficquality.google — Cisco Umbrella Rank: 403	20 KB
3	vmzqqmlpwwmazjnio.com cdn.vmzqqmlpwwmazjnio.com — Cisco Umbrella Rank: 52464	2 MB
3	a-mo.net 1 redirects prebid.a-mo.net — Cisco Umbrella Rank: 788	299 B
3	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2860	2 KB
3	media.net prebid.media.net — Cisco Umbrella Rank: 1005 cs.media.net — Cisco Umbrella Rank: 1071	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	22 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	311 KB
2	azurewebsites.net prod-spokesman-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 495170	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	3 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 801	293 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	79 KB
2	pymx5.com pymx5.com — Cisco Umbrella Rank: 131349 api.pymx5.com — Cisco Umbrella Rank: 143330	10 KB
2	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3983	2 KB
2	minutemedia-prebid.com hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3670	965 B
2	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 281	2 KB
2	dotomi.com web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 5248	1 KB
2	cprapid.com 2 redirects xfinity-billpay-alerts.50-6-168-50.cprapid.com	465 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 780	193 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 419	239 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 525	295 B
1	disqus.com ssp.disqus.com — Cisco Umbrella Rank: 1547	76 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 393	183 B
1	amazonaws.com paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 39898	1 KB
1	pranmcpkx.com cdn.pranmcpkx.com — Cisco Umbrella Rank: 35790	3 KB
1	db-ip.com api-mg2.db-ip.com — Cisco Umbrella Rank: 25330	938 B
1	dmepyodjotcuks.com cdn.dmepyodjotcuks.com — Cisco Umbrella Rank: 59797	48 KB
1	mbmgivexdvpajr.com cdn.mbmgivexdvpajr.com — Cisco Umbrella Rank: 61029	23 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 3366	22 KB
1	q0losid.com cdn.q0losid.com — Cisco Umbrella Rank: 48740	1 KB
1	azureedge.net loader-cdn.azureedge.net — Cisco Umbrella Rank: 56439	11 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 476	98 B
1	flipp.com p.flipp.com — Cisco Umbrella Rank: 13081
1	mrf.io sdk.mrf.io — Cisco Umbrella Rank: 9039	46 KB
1	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 12664	31 KB
1	sacbee.com 1 redirects sacbee.com — Cisco Umbrella Rank: 135271	127 B
0	aamsitecertifier.com Failed aamcftag.aamsitecertifier.com Failed
0	cloudfront.net Failed d31qbv1cthcecs.cloudfront.net Failed
150	47

	Domain	Requested by
10	www.i.matheranalytics.com	www.spokesman.com
9	c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
9	btlr.sharethrough.com	prod.adspsp.com
8	prg.smartadserver.com	prod.adspsp.com
8	static.spokesman.com	www.spokesman.com static.spokesman.com
7	events.newsroom.bi	sdk.mrf.io
7	media.spokesman.com	www.spokesman.com
7	securepubads.g.doubleclick.net	www.spokesman.com securepubads.g.doubleclick.net
5	adspsp.com	www.spokesman.com
5	thumb.spokesman.com	www.spokesman.com
3	cdn.vmzqqmlpwwmazjnio.com	loader-cdn.azureedge.net cdn.vmzqqmlpwwmazjnio.com
3	prebid.a-mo.net	1 redirects prod.adspsp.com
3	ads.servenobid.com	prod.adspsp.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	www.spokesman.com www.googletagmanager.com cdn.dmepyodjotcuks.com
3	prod.adspsp.com	www.spokesman.com prod.adspsp.com
2	prod-spokesman-proxy-connext.azurewebsites.net	cdn.vmzqqmlpwwmazjnio.com
2	dis.criteo.com
2	www.facebook.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	ep2.adtrafficquality.google	securepubads.g.doubleclick.net ep2.adtrafficquality.google
2	connect.facebook.net	www.spokesman.com connect.facebook.net
2	hb-api.omnitagjs.com	prod.adspsp.com
2	hb.minutemedia-prebid.com	prod.adspsp.com
2	ib.adnxs.com	prod.adspsp.com
2	web.hb.ad.cpe.dotomi.com	prod.adspsp.com
2	prebid.media.net	prod.adspsp.com
2	grid-bidder.criteo.com	prod.adspsp.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	js.matheranalytics.com	1 redirects www.spokesman.com
2	xfinity-billpay-alerts.50-6-168-50.cprapid.com	2 redirects
1	www.google.com	ep2.adtrafficquality.google
1	ssp-sync.criteo.com	1 redirects
1	ap.lijit.com
1	pixel.rubiconproject.com
1	cs.media.net
1	us-u.openx.net
1	ssp.disqus.com
1	x.bidswitch.net
1	paywall-ad-bucket.s3.amazonaws.com
1	cdn.pranmcpkx.com	cdn.vmzqqmlpwwmazjnio.com
1	api.pymx5.com	pymx5.com
1	pymx5.com	www.googletagmanager.com
1	ep1.adtrafficquality.google	securepubads.g.doubleclick.net
1	api-mg2.db-ip.com	cdn.mbmgivexdvpajr.com
1	cdn.dmepyodjotcuks.com	loader-cdn.azureedge.net
1	cdn.mbmgivexdvpajr.com	loader-cdn.azureedge.net
1	az416426.vo.msecnd.net	loader-cdn.azureedge.net
1	cdn.q0losid.com	loader-cdn.azureedge.net
1	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
1	td.doubleclick.net	www.googletagmanager.com
1	loader-cdn.azureedge.net	static.spokesman.com
1	idsync.rlcdn.com	www.spokesman.com
1	p.flipp.com	cdn-gateflipp.flippback.com
1	sdk.mrf.io	www.spokesman.com
1	cdn-gateflipp.flippback.com	www.spokesman.com
1	www.spokesman.com
1	spokesman.com	1 redirects
1	sacbee.com	1 redirects
0	aamcftag.aamsitecertifier.com Failed	www.spokesman.com
0	d31qbv1cthcecs.cloudfront.net Failed	www.spokesman.com
150	62

This site contains links to these domains. Also see Links.

Domain
checkout.spokesman.com
myaccount.spokesman.com
pics.spokesman.com
pets.spokesman.com
itunes.apple.com
open.spotify.com
www.myavista.com
www.numericacu.com
innovia.org
spokesmandigital.com
www.facebook.com
www.instagram.com
x.com
www.legacy.com
cowlesco.vistahrms.com

Subject Issuer	Validity	Valid
spokesman.com Amazon RSA 2048 M03	`2024-02-29` - `2025-03-29`	a year	crt.sh
flippback.com Amazon RSA 2048 M02	`2024-08-18` - `2025-09-16`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
prod.adspsp.com Amazon RSA 2048 M02	`2024-11-01` - `2025-12-01`	a year	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
sdk.mrf.io WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
flipp.com Amazon RSA 2048 M02	`2024-06-30` - `2025-07-28`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
ssl03.cert.cl13.k8s.mrf.io E5	`2024-11-25` - `2025-02-23`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-06-06` - `2025-06-06`	a year	crt.sh
*.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
www.i.matheranalytics.com Amazon RSA 2048 M03	`2024-10-16` - `2025-11-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-12-03` - `2025-03-03`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
prebid.media.net WR3	`2024-12-02` - `2025-03-02`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2024-06-17` - `2025-07-19`	a year	crt.sh
ads.servenobid.com R10	`2024-10-30` - `2025-01-28`	3 months	crt.sh
*.a-mo.net R11	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.minutemedia-prebid.com Amazon ECDSA 256 M03	`2024-03-18` - `2025-04-17`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
sni2fb3egl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-20` - `2025-05-21`	a year	crt.sh
adspsp.com Amazon RSA 2048 M02	`2024-11-05` - `2025-12-03`	a year	crt.sh
sni3842egl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-10` - `2025-05-09`	a year	crt.sh
sni3842bgl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-10` - `2025-05-09`	a year	crt.sh
sni3842cgl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-10` - `2025-05-09`	a year	crt.sh
db-ip.com WE1	`2024-11-08` - `2025-02-06`	3 months	crt.sh
adtrafficquality.google WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.pymx5.com Go Daddy Secure Certificate Authority - G2	`2024-07-13` - `2025-08-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-18` - `2024-12-17`	3 months	crt.sh
sni2bf2agl.wpc.edgecastcdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-03` - `2025-09-03`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 03	`2024-11-23` - `2025-05-22`	6 months	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-29` - `2025-02-23`	3 months	crt.sh
ssp.disqus.com Amazon RSA 2048 M02	`2024-09-19` - `2025-10-17`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2024-10-23` - `2025-10-22`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.lijit.com Amazon RSA 2048 M03	`2024-10-21` - `2025-11-20`	a year	crt.sh
www.google.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
*.azurewebsites.net Microsoft Azure RSA TLS Issuing CA 03	`2024-08-04` - `2025-07-30`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.spokesman.com/
Frame ID: F382CFF73157CC8FE478990BE87B4520
Requests: 137 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-G3BY0LGVDL&gacid=1298053471.1733872354&gtm=45je4c90v869949972z871896582za200zb71896582&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=865894191
Frame ID: 9973BC577F2937CFE0ECFD15B3EC912F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 9FB5A03279CCADAFF1D133BAA524CA0C
Requests: 1 HTTP requests in this frame

Frame: https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BA07B819B236DAA625741EAF88B48C95
Requests: 1 HTTP requests in this frame

Frame: https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CA5D091E65B1A3C17B6992359C33B8D0
Requests: 1 HTTP requests in this frame

Frame: https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A444A261AAC59B76AF65D35556223542
Requests: 1 HTTP requests in this frame

Frame: https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FBAB9A5EC3C2D442DF74BDAB66AD5CB6
Requests: 1 HTTP requests in this frame

Frame: https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 563B202644F381A5E4E2A7B2DFACD5D7
Requests: 1 HTTP requests in this frame

Frame: https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3E78DF970C2E589D18C3BF8EA02C7386
Requests: 1 HTTP requests in this frame

Frame: https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 85C8CA00EE0EB0593486A0B2C869B1C4
Requests: 1 HTTP requests in this frame

Frame: https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E65BCC82EAA50B73BCAC459C5ADDEE34
Requests: 1 HTTP requests in this frame

Frame: https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A62BBC3559EB36316E917F13D4B5AA44
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 58A82E9295E5B0C74FD13AD17B29B7EE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6EC0D689F970D1F14A5EB82E139D6B0D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Spokesman-Review | Local News, Business, Entertainment, Sports & Weather for Eastern Washington

Page URL History Show full URLs

http://xfinity-billpay-alerts.50-6-168-50.cprapid.com/ HTTP 307
https://xfinity-billpay-alerts.50-6-168-50.cprapid.com/ HTTP 302
https://sacbee.com/ HTTP 301
https://www.sacbee.com/ HTTP 307
http://xfinity-billpay-alerts.50-6-168-50.cprapid.com/ HTTP 302
https://spokesman.com/ HTTP 301
https://www.spokesman.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

150
Requests

95 %
HTTPS

0 %
IPv6

47
Domains

62
Subdomains

52
IPs

7
Countries

20120 kB
Transfer

25885 kB
Size

50
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://checkout.spokesman.com/?g2i_source=spokesman&g2i_medium=header&g2i_campaign=header
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://myaccount.spokesman.com/Home?SiteCode=SR
Title: My account

Search URL Search Domain Scan URL

URL: https://myaccount.spokesman.com/
Title: Log in

Search URL Search Domain Scan URL

URL: https://checkout.spokesman.com/?g2i_source=spokesman&g2i_medium=header&g2i_campaign=default
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://pics.spokesman.com/
Title: Buy Photo Reprints

Search URL Search Domain Scan URL

URL: https://pets.spokesman.com/
Title: Pets: Jimmy's Clubhouse

Search URL Search Domain Scan URL

URL: https://checkout.spokesman.com/
Title: Subscribe now

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/podcast/the-morning-review/id1417560040?mt=2

Search URL Search Domain Scan URL

URL: https://open.spotify.com/show/4rCqkhhshDZQVXBs04qrGB?si=7LrC97F8RaaxO5-Dwc_2fQ&nd=1

Search URL Search Domain Scan URL

URL: https://www.myavista.com/

Search URL Search Domain Scan URL

URL: https://www.numericacu.com/

Search URL Search Domain Scan URL

URL: https://innovia.org/

Search URL Search Domain Scan URL

URL: https://spokesmandigital.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/spokesmanreview/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/spokesmanreview/?hl=en
Title: Instagram

Search URL Search Domain Scan URL

URL: https://x.com/SpokesmanReview
Title: X

Search URL Search Domain Scan URL

URL: https://checkout.spokesman.com/?stateInfo=&source=external
Title: Print edition home delivery

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/spokesman/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://cowlesco.vistahrms.com/application/login/login.aspx?ReturnUrl=%2f
Title: Cowles Company Jobs

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://xfinity-billpay-alerts.50-6-168-50.cprapid.com/ HTTP 307
https://xfinity-billpay-alerts.50-6-168-50.cprapid.com/ HTTP 302
https://sacbee.com/ HTTP 301
https://www.sacbee.com/ HTTP 307
http://xfinity-billpay-alerts.50-6-168-50.cprapid.com/ HTTP 302
https://spokesman.com/ HTTP 301
https://www.spokesman.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://js.matheranalytics.com/s/ma20153/575681700/ml.js?cb3=1672 HTTP 301
https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js

Request Chain 133

https://ads.servenobid.com/getsync?redirect=chrome%3A%2F%2Fversion%2F HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dchrome%25253A%25252F%25252Fversion%25252F HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID%2526redirect%253Dhttps%25253A%25252F%25252Fads.servenobid.com%25252Fgetsync%25253Fjp%25253D1%252526redirect%25253Dchrome%2525253A%2525252F%2525252Fversion%2525252F HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=5838192549754625660&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dchrome%253A%252F%252Fversion%252F HTTP 302
https://ads.servenobid.com/getsync?jp=1&redirect=chrome%3A%2F%2Fversion%2F HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dchrome%25253A%25252F%25252Fversion%25252F HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dchrome%25253A%25252F%25252Fversion%25252F&cb=1733872358625 HTTP 302
https://ad.turn.com/r/cs?pid=45&id=RX-b38af3c5-7b66-4a7f-a65f-069eb8c488bf-003&rndcb=5440523030 HTTP 302
https://sync.1rx.io/usersync/turn/3161815625539214200?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-b38af3c5-7b66-4a7f-a65f-069eb8c488bf-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-b38af3c5-7b66-4a7f-a65f-069eb8c488bf-003%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D2%2526redirect%253Dchrome%25253A%25252F%25252Fversion%25252F HTTP 302
https://ads.servenobid.com/sync?pid=321&uid=RX-b38af3c5-7b66-4a7f-a65f-069eb8c488bf-003&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dchrome%253A%252F%252Fversion%252F HTTP 302
https://ads.servenobid.com/getsync?jp=2&redirect=chrome%3A%2F%2Fversion%2F HTTP 302
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D3%2526redirect%253Dchrome%25253A%25252F%25252Fversion%25252F HTTP 302
https://ads.servenobid.com/sync?pid=317&uid=4985336732052262992&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D3%26redirect%3Dchrome%253A%252F%252Fversion%252F HTTP 302
https://ads.servenobid.com/getsync?jp=3&redirect=chrome%3A%2F%2Fversion%2F HTTP 302
https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D4%2526redirect%253Dchrome%25253A%25252F%25252Fversion%25252F HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=3768739607719256000V10&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D4%26redirect%3Dchrome%253A%252F%252Fversion%252F HTTP 302
https://ads.servenobid.com/getsync?jp=4&redirect=chrome%3A%2F%2Fversion%2F HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D5%2526redirect%253Dchrome%25253A%25252F%25252Fversion%25252F HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D5%2526redirect%253Dchrome%25253A%25252F%25252Fversion%25252F&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=Jz4QARZHcLBiCeI9RoOgDWQJ&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dchrome%253A%252F%252Fversion%252F

Request Chain 140

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=&gdpr=0

Request Chain 142

https://ssp-sync.criteo.com/user-sync/redirect?profile=207&gpp= HTTP 302
https://dis.criteo.com/dis/usersync.aspx?r=73&p=207&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFalse%26ccpa%3d%26gpp%3d%26gpp_sid%3d%26profile%3d207%26redir%3d&gdpr=&gdpr_consent=&gpp=&gpp_sid=

150 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.spokesman.com/
Redirect Chain

http://xfinity-billpay-alerts.50-6-168-50.cprapid.com/
https://xfinity-billpay-alerts.50-6-168-50.cprapid.com/
https://sacbee.com/
https://www.sacbee.com/
http://xfinity-billpay-alerts.50-6-168-50.cprapid.com/
https://spokesman.com/
https://www.spokesman.com/

260 KB
49 KB

530ms
80ms

Document
text/html

18.245.86.94
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.spokesman.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.86.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-86-94.fra60.r.cloudfront.net

Software

nginx/1.26.2 /

Resource Hash

61e9c99c3d1a3c80754204c77d410083272b168856dde95da325297182e0c63a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 84
cache-control: max-age=300
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Tue, 10 Dec 2024 23:11:08 GMT
referrer-policy: same-origin
server: nginx/1.26.2
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding,Cookie
via: 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
x-amz-cf-id: -f6uR1BuwNcLRG2e92VAb0fo3PDjo-5ZQQ9Q_XOQhJ_hWqHQGEdsHg==
x-amz-cf-pop: FRA60-P6
x-amzn-trace-id: Root=1-6758ca8c-6489d2a03e209ca421ad16d0
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: DENY
x-robots-tag: noarchive

Redirect headers

age: 1748
content-length: 0
date: Tue, 10 Dec 2024 22:43:24 GMT
location: https://www.spokesman.com/
server: AmazonS3
via: 1.1 6373f5d706cb8d973f3ced2fc572f6a8.cloudfront.net (CloudFront)
x-amz-cf-id: bcRyGkrmRqiOVyH3RhlflUtHNTLJbERzgbEhidWKcBAv-fJSli_5vQ==
x-amz-cf-pop: FRA56-P9
x-cache: Hit from cloudfront

GET
H2 200 sr-loader.png
thumb.spokesman.com/uO6q6eDqVn9RLDznlEJuDvMVKgE=/600x0/media.spokesman.com/graphics/2018/07/ 11 KB
12 KB 518ms
61ms Image
image/webp 18.245.31.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.spokesman.com/uO6q6eDqVn9RLDznlEJuDvMVKgE=/600x0/media.spokesman.com/graphics/2018/07/sr-loader.png
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-35.fra56.r.cloudfront.net
Software: Thumbor/6.7.5 /
Resource Hash: ab2e65cd767ab27b65e3bd2f97ffa0163af196c8a0eceb292f5d57527c9adce8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31104000,public
etag: "7b6592542ec6d8d4377eb143251c2f5b7d76aad9"
age: 5532693
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
expires: Thu, 02 Oct 2025 22:20:59 GMT
x-cache: Hit from cloudfront
content-length: 11662
x-amz-cf-id: ZavpXWSMIw9TFcXRanXsix-v6lGUQCY5fF_dbB4dJPOzNxeCR3MMKA==
date: Mon, 07 Oct 2024 22:20:59 GMT
content-type: image/webp
vary: Accept
server: Thumbor/6.7.5
x-amz-cf-pop: FRA56-P8

GET
H2 200 style.min.110d7f425438.css
static.spokesman.com/sites/spokesman/css/ 741 KB
177 KB 597ms
117ms Stylesheet
text/css 18.173.205.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.spokesman.com/sites/spokesman/css/style.min.110d7f425438.css
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db385577bac1b959fe09ffc6eb61d8bda5e1708dda30d7e1e5101d86738007ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary: accept-encoding
cache-control: max-age=31536000,public
content-encoding: gzip
etag: W/"110d7f425438162b01104eaba5dffc6b"
age: 83859
via: 1.1 8c1c3a8ed856f5c19ce3b4158bff94a8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: GJp1-CT6bLhk-IPMKxynX-kGM6w5jYUBUnhfyiJ7LNjhinM8hllvKw==
date: Mon, 09 Dec 2024 23:54:54 GMT
content-type: text/css
last-modified: Mon, 09 Dec 2024 23:52:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256

GET
H2 200 jquery.min.12b69d0ae6c6.js Show response
static.spokesman.com/sites/spokesman/jquery/ 87 KB
31 KB 559ms
79ms Script
application/javascript 18.173.205.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.spokesman.com/sites/spokesman/jquery/jquery.min.12b69d0ae6c6.js
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary: accept-encoding
cache-control: max-age=31536000,public
content-encoding: gzip
etag: W/"12b69d0ae6c6f0c42942ae6da2896e84"
age: 1082122
via: 1.1 8c1c3a8ed856f5c19ce3b4158bff94a8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: rJE_m6KEBV52b4knsuRguQ0ySHPahakCSbzrBgfs0pelim4ptoDEKg==
date: Thu, 28 Nov 2024 10:37:11 GMT
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 20:32:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256

GET
H2 200 critical.min.01e92d87dfe7.js Show response
static.spokesman.com/sites/spokesman/js/ 22 KB
7 KB 64ms
63ms Script
application/javascript 18.173.205.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.spokesman.com/sites/spokesman/js/critical.min.01e92d87dfe7.js
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ef22c9cf20460bbc639afd09b42f03a4e91db23bf8d774280653a7845b157de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary: accept-encoding
cache-control: max-age=31536000,public
content-encoding: gzip
etag: W/"01e92d87dfe75f665e5b3bc2ea97feae"
age: 1082120
via: 1.1 8c1c3a8ed856f5c19ce3b4158bff94a8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: 1t44iaw1oRa51GuNOSKDO5hwWVV2lSnGg_1UjS4M5mnUd7DjdzSATg==
date: Thu, 28 Nov 2024 10:37:13 GMT
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 20:32:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ 86 KB
31 KB 258ms
134ms Script
application/javascript 13.35.58.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1194406
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-32.fra60.r.cloudfront.net
Software: envoy /
Resource Hash: ee1130dfd93a76fc0d5b1b89a7d9c3b04c9c370edc440c95325cbd921fa6bf61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-store
content-encoding: gzip
x-envoy-upstream-service-time: 5
via: 1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: ctdb21BpACaYpJaH5f4bSb13coMAsrYm1mB6KPk3Luu_5kQ7dYuE9w==
date: Tue, 10 Dec 2024 23:12:33 GMT
content-type: application/javascript
vary: Origin,Origin, Accept-Encoding
server: envoy
x-amz-cf-pop: FRA60-P10

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
33 KB 665ms
249ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.spokesman.com
URL: https://www.spokesman.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e513e6b2f6da64ff85814a1b518933236358d67bde6cb4c090873f1abfbfd48b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 71 / 20067 / m202412030101 / config-hash: 18180887078700454198
x-content-type-options: nosniff
expires: Tue, 10 Dec 2024 23:12:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 10 Dec 2024 23:12:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33365
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK adb.4364783.min.js Show response
prod.adspsp.com/ 2 KB
1 KB 190ms
43ms Script
text/javascript 13.35.58.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.adspsp.com/adb.4364783.min.js
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f17201679520bca7d98fe09515b49314d7bdf24047383587b2f3204fbb5cd7e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Encoding: gzip
ETag: W/"b83dc6a92dc9eb0d63ea32348fd3976b"
Age: 594
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: VS-LxBFLltkERdyCoyMAppQgDTNr94LUBgYtcr1SLG9Y_oznQEIgqw==
Date: Tue, 10 Dec 2024 23:05:06 GMT
Content-Type: text/javascript
Vary: accept-encoding
Last-Modified: Tue, 22 Oct 2024 00:13:08 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=1800
Connection: keep-alive
Via: 1.1 f1b6636265d2ca44d8a0ca5488a5ec0c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P10
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 base_ads.3d7203f56dfe.js Show response
static.spokesman.com/sites/spokesman/marketing/ads/data/ 4 KB
2 KB 51ms
51ms Script
application/javascript 18.173.205.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.spokesman.com/sites/spokesman/marketing/ads/data/base_ads.3d7203f56dfe.js
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a120a51667f8a7d4c6202c1ca0df9a2a458633a96f2c1c57116434887a5d3565

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary: accept-encoding
cache-control: max-age=31536000,public
content-encoding: gzip
etag: W/"3d7203f56dfed810ab1f436853ddd579"
age: 798815
via: 1.1 8c1c3a8ed856f5c19ce3b4158bff94a8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: VThXDQwL-lR4qxr69Ll8KyxeZNe6J_mtyjU1hPMfKf_Z6_eayzMnzQ==
date: Sun, 01 Dec 2024 17:18:58 GMT
content-type: application/javascript
last-modified: Mon, 25 Nov 2024 20:32:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256

GET
H2 200 day-fog.png
static.spokesman.com/sites/spokesman/img/weather/header-icons/new/ 12 KB
12 KB 52ms
52ms Image
image/png 18.173.205.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.spokesman.com/sites/spokesman/img/weather/header-icons/new/day-fog.png
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f2a4c20e0c0ecea553428a17fa567ad691d9f490fa3469da05631d48e2f4e43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31536000,public
etag: "35922d3150bc8f0ab9620a168162f8fd"
age: 2387825
via: 1.1 8c1c3a8ed856f5c19ce3b4158bff94a8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 11873
x-amz-cf-id: 37SrHIKPBhb7yznnolJ5vcIss2d-4KDFsUE4wYCrinpXvJlIBW8ASQ==
date: Wed, 13 Nov 2024 07:55:28 GMT
content-type: image/png
last-modified: Tue, 12 Nov 2024 22:13:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 254 KB
88 KB 716ms
62ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6

Requested by

Host: www.spokesman.com
URL: https://www.spokesman.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

40111aaccf53faf38d9e7e9650c11d21adec56c369fd20a5c22878a8edbb104f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 10 Dec 2024 23:12:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 23:12:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 10 Dec 2024 21:45:58 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 89213
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 marfeel-sdk.js Show response
sdk.mrf.io/statics/ 170 KB
46 KB 655ms
228ms Script
application/javascript 172.67.159.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=6814
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.159.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c79a0a3f151f18d18af836c6efe9b7131aaadb6154ebd4a9fcbb12e916f55a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.spokesman.com
Referer

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 193
x-response-time: 137ms
alt-svc: h3=":443"; ma=86400
date: Tue, 10 Dec 2024 23:12:33 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 10 Dec 2024 23:09:20 GMT
vary: Accept-Encoding
cache-control: max-age=1800
x-envoy-upstream-service-time: 150
cf-ray: 8f00eba09e7cd359-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 47226
server: cloudflare

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b5325c8198b46a1f04b64e166cfd31781b2b397f503bea8aed9356e6426b09b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 6747b1e3b504e.hires.jpg
media.spokesman.com/photos/2024/11/27/ 4 MB
4 MB 710ms
61ms Image
image/jpeg 18.172.112.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.spokesman.com/photos/2024/11/27/6747b1e3b504e.hires.jpg
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fda57daaad4d2b9c702a539fb00ecb22a3f0e33a3974ab311b82f78a39ae35b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.spokesman.com/

Response headers

x-amz-version-id: mgaC_wXpM2JRLvyoa8VKXhdI1PPE2zIV
etag: "7deadde1193df883b663791e60cc235a"
age: 3028
x-cache: Hit from cloudfront
x-amz-cf-id: OFyQmmn-6Fi3MxYo1gVhsDI0YO84tB6L9y8KYvPrp4Zs5nPxe4dLgw==
date: Tue, 10 Dec 2024 22:22:06 GMT
content-type: image/jpeg
vary: accept-encoding
last-modified: Thu, 28 Nov 2024 00:50:44 GMT
x-amz-replication-status: COMPLETED
via: 1.1 37dd0feed3e180cbd05080c74e7a5a42.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 4270976
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 6747b2d86b1dd.hires.jpg
media.spokesman.com/photos/2024/11/27/ 4 MB
4 MB 800ms
151ms Image
image/jpeg 18.172.112.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.spokesman.com/photos/2024/11/27/6747b2d86b1dd.hires.jpg
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b6324f82aba114fcb438572beb59398c777f43fa14445f1e713bc0dd2b10770b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.spokesman.com/

Response headers

x-amz-version-id: 1Sd.jW9gbVoDCc9CoIMhnvjkRxJQQalf
etag: "3746fd25dc4594799f06ac362f36a9a4"
age: 3028
x-cache: Hit from cloudfront
x-amz-cf-id: kK8ROmQZjIKxGRF8kfPVgs797Naxp-2S3jDBeriHBCB4aauI1_VDQQ==
date: Tue, 10 Dec 2024 22:22:06 GMT
content-type: image/jpeg
vary: accept-encoding
last-modified: Thu, 28 Nov 2024 00:46:37 GMT
x-amz-replication-status: COMPLETED
via: 1.1 37dd0feed3e180cbd05080c74e7a5a42.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 4108912
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 674024ece2eaf.hires.jpg
media.spokesman.com/photos/2024/11/21/ 2 MB
2 MB 813ms
165ms Image
image/jpeg 18.172.112.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.spokesman.com/photos/2024/11/21/674024ece2eaf.hires.jpg
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9c16a11cd9efe5dcd162fe2cee3e3237225eb228c6114abf5ae77c5081b9b554

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.spokesman.com/

Response headers

x-amz-version-id: qLJVgYVVe_efrGauv8TDH8_c4r0POYsR
etag: "dc5a008b6abe53e40fdbfc2531fbd22d"
age: 3028
x-cache: Hit from cloudfront
x-amz-cf-id: AnouFb73a-0UtyvhGIoBDA7ciRiQMlAU9IGUYqvHMlu-YyYVNYrZ0g==
date: Tue, 10 Dec 2024 23:12:33 GMT
content-type: image/jpeg
vary: accept-encoding
last-modified: Fri, 22 Nov 2024 06:38:55 GMT
x-amz-replication-status: COMPLETED
via: 1.1 37dd0feed3e180cbd05080c74e7a5a42.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2297983
x-amz-cf-pop: FRA60-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 673ec133bb3f3.hires.jpg
media.spokesman.com/photos/2024/11/20/ 1 MB
1 MB 1726ms
1078ms Image
image/jpeg 18.172.112.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.spokesman.com/photos/2024/11/20/673ec133bb3f3.hires.jpg
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 349bc21b11a196482a8abd60c39b5b5e044be28a87d2b1f46cc37726cba1c18d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.spokesman.com/

Response headers

vary: accept-encoding
x-amz-replication-status: COMPLETED
x-amz-version-id: YlTO5GNRtt3vpY3Cz5irMAW2MbdgVDQV
etag: "a7be0cf82065706ef54e2f007ef55c44"
via: 1.1 37dd0feed3e180cbd05080c74e7a5a42.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 1510097
x-amz-cf-id: 4I6x2pu67CmbfxRdsSFJPpaYKoYJpW23w-rbYIOuthj5jYuG3sLGuA==
date: Tue, 10 Dec 2024 23:12:35 GMT
content-type: image/jpeg
last-modified: Thu, 21 Nov 2024 05:20:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 673d872cea902.hires.jpg
media.spokesman.com/photos/2024/11/19/ 3 MB
3 MB 1492ms
844ms Image
image/jpeg 18.172.112.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.spokesman.com/photos/2024/11/19/673d872cea902.hires.jpg
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4e3ddd44c0cc1b869a3c9078766bdc3badfeee58fbfc302d899851285b21678d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.spokesman.com/

Response headers

vary: accept-encoding
x-amz-replication-status: COMPLETED
x-amz-version-id: .R4RIgCur0xr_G6ocu1KrQVHjUWJy625
etag: "015fb3169319e4fe2c802f31c05fa7d7"
via: 1.1 37dd0feed3e180cbd05080c74e7a5a42.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 2844910
x-amz-cf-id: PtQtLXlWeMq7X6kdO-piAKQFeBQ_Y_ohhtworUmtxNXa1HHya1mcaA==
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: image/jpeg
last-modified: Wed, 20 Nov 2024 06:53:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 673bacede3b65.hires.jpg
media.spokesman.com/photos/2024/11/18/ 425 KB
426 KB 1756ms
1108ms Image
image/jpeg 18.172.112.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.spokesman.com/photos/2024/11/18/673bacede3b65.hires.jpg
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0912207d64a7ef651b5bd8f22192d60f6ec332a2661560dea5c417ea92ad056a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.spokesman.com/

Response headers

vary: accept-encoding
x-amz-replication-status: COMPLETED
x-amz-version-id: ywVrMQ_Wgxd38IDFs_IzrpTi9x.YiXuZ
etag: "ae57e8f63c0f0debca2081ca682583c1"
via: 1.1 37dd0feed3e180cbd05080c74e7a5a42.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 435563
x-amz-cf-id: bsgP4dLp7bM2hKZpTVGeWX1i1A5VC1CtI872_XfAcefxrze21dF5RA==
date: Tue, 10 Dec 2024 23:12:35 GMT
content-type: image/jpeg
last-modified: Mon, 18 Nov 2024 21:33:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 6736cd1f397e7.hires.jpg
media.spokesman.com/photos/2024/11/14/ 788 KB
789 KB 1016ms
1016ms Image
image/jpeg 18.172.112.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.spokesman.com/photos/2024/11/14/6736cd1f397e7.hires.jpg
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-71.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f74a9b3f5ccade5f3511d93428c2418c17dd3da60a42172a25eb9ffc9a4eb0cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.spokesman.com/

Response headers

vary: accept-encoding
x-amz-replication-status: COMPLETED
x-amz-version-id: UaOzPzApXhvxe5anWG7LOptEBPp_X3KX
etag: "4883958641772b8160340e52a7c38a2d"
via: 1.1 37dd0feed3e180cbd05080c74e7a5a42.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: RefreshHit from cloudfront
content-length: 806729
x-amz-cf-id: WD9DKOqM89nTNi2p8hUxlgyGhb9eGleMgCORp1CQ8CZnxDYtXMmEBA==
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: image/jpeg
last-modified: Fri, 15 Nov 2024 04:33:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 172 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5f447a758b6d804a0ce3fedcad0d237cf8cc8310a003ee473fdff0b9b8da056

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 67589e7f7533f.hires.jpg
thumb.spokesman.com/wispcjHASteb-ZrKDAjQRciufZc=/1170x658/smart/media.spokesman.com/photos/2024/12/10/ 77 KB
77 KB 191ms
190ms Image
image/webp 18.245.31.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.spokesman.com/wispcjHASteb-ZrKDAjQRciufZc=/1170x658/smart/media.spokesman.com/photos/2024/12/10/67589e7f7533f.hires.jpg
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-35.fra56.r.cloudfront.net
Software: Thumbor/6.7.5 /
Resource Hash: 1ae88ebbcf7618efb45cf4a61410aad6ac0753f1543eacdc84607af47f6c17a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31104000,public
etag: "db81922671e6a09e670877521db080c43a9d1349"
age: 11133
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
expires: Fri, 05 Dec 2025 20:07:00 GMT
x-cache: Hit from cloudfront
content-length: 78878
x-amz-cf-id: DWA1XYealKxbNaSkT3b4ew6iEZ32YJP-XstRnw5ftRVv1KyyGJXwTw==
date: Tue, 10 Dec 2024 20:07:00 GMT
content-type: image/webp
vary: Accept
server: Thumbor/6.7.5
x-amz-cf-pop: FRA56-P8

GET
H2 200 675209a64d24e.hires.png
thumb.spokesman.com/MPXKWHQ1eWgyL9qazjJovM7-p-g=/530x298/smart/media.spokesman.com/photos/2024/12/09/ 40 KB
40 KB 65ms
65ms Image
image/webp 18.245.31.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.spokesman.com/MPXKWHQ1eWgyL9qazjJovM7-p-g=/530x298/smart/media.spokesman.com/photos/2024/12/09/675209a64d24e.hires.png
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-35.fra56.r.cloudfront.net
Software: Thumbor/6.7.5 /
Resource Hash: e9d7eaf59f8c27658d903ddaec2b0e533f89e3e6cb75a5d2347eb6c1f0d71edc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31104000,public
etag: "317934b2c1379f96304344fdd7599cc4fbd279f9"
age: 63140
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
expires: Fri, 05 Dec 2025 05:40:13 GMT
x-cache: Hit from cloudfront
content-length: 40624
x-amz-cf-id: WLuXTx72JqoyqrcKStYyKxn91lYJ_lsLcXhBhmQvAEfAQi9mT3DesQ==
date: Tue, 10 Dec 2024 05:40:13 GMT
content-type: image/webp
vary: Accept
server: Thumbor/6.7.5
x-amz-cf-pop: FRA56-P8

GET
H2 200 6742ba4d0b28b.hires.jpg
thumb.spokesman.com/BGd0U5QN5L7Bpy5byezlafIpX1Q=/530x298/smart/media.spokesman.com/photos/2024/12/09/ 24 KB
24 KB 124ms
124ms Image
image/webp 18.245.31.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.spokesman.com/BGd0U5QN5L7Bpy5byezlafIpX1Q=/530x298/smart/media.spokesman.com/photos/2024/12/09/6742ba4d0b28b.hires.jpg
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-35.fra56.r.cloudfront.net
Software: Thumbor/6.7.5 /
Resource Hash: c31124470c94efa232190d84acd9cf6a6f51c5e1aabce658a0824b1670623af2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31104000,public
etag: "c95f45d3a4619fb72e0dcdcb028331c4c679fa98"
age: 67743
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
expires: Fri, 05 Dec 2025 04:23:30 GMT
x-cache: Hit from cloudfront
content-length: 24566
x-amz-cf-id: zMAqNFFovOY0bKADQ2bM7bQp_7OpVAGO9jF92JxdPT56H02uqHmaYg==
date: Tue, 10 Dec 2024 04:23:30 GMT
content-type: image/webp
vary: Accept
server: Thumbor/6.7.5
x-amz-cf-pop: FRA56-P8

GET
H2 200 6439e0ef47a6d.hires.jpg
thumb.spokesman.com/lpk208BUxoj8u8PsVtPvh1NM7ak=/530x298/smart/media.spokesman.com/photos/2024/12/09/ 35 KB
35 KB 105ms
104ms Image
image/webp 18.245.31.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thumb.spokesman.com/lpk208BUxoj8u8PsVtPvh1NM7ak=/530x298/smart/media.spokesman.com/photos/2024/12/09/6439e0ef47a6d.hires.jpg
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-35.fra56.r.cloudfront.net
Software: Thumbor/6.7.5 /
Resource Hash: a01ac3e20aa80ae7198be926cd8b9809b0ebea8e75938fe18c9cde53fdd30612

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31104000,public
etag: "1c65c8a1d6a738ff965555febf3cadfb6cba2d83"
age: 62773
via: 1.1 851fdca2e1873274a995295ecd94732e.cloudfront.net (CloudFront)
expires: Fri, 05 Dec 2025 05:46:20 GMT
x-cache: Hit from cloudfront
content-length: 35618
x-amz-cf-id: -QRDZHYqphacn2iv-Kbu_FiUSzFiK31nC27moBTXnajxcJ4CkcNIoQ==
date: Tue, 10 Dec 2024 05:46:20 GMT
content-type: image/webp
vary: Accept
server: Thumbor/6.7.5
x-amz-cf-pop: FRA56-P8

POST
H2 204 beacons
p.flipp.com/ 0
0 684ms
319ms Fetch 3.161.82.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1194406
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-72.fra56.r.cloudfront.net
Software: istio-envoy /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer

Response headers

x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
via: 1.1 9ceaac5e4cbf8702556b2c925b200af8.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.spokesman.com
x-cache: Miss from cloudfront
x-amz-cf-id: JBVbeD0p2ttqUkDxUL2WCjnrRVkXWnv8DGnGC4nIO8PKkR1CdmTf3g==
date: Tue, 10 Dec 2024 23:12:33 GMT
x-amz-cf-pop: FRA56-P10
vary: Origin
server: istio-envoy

GET
H2 451 712559.gif
idsync.rlcdn.com/ 0
98 B 431ms
68ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/712559.gif?partner_uid=3eeead1c-e7ee-4a87-894f-425abbbb8023
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 10 Dec 2024 23:12:33 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/ 497 KB
154 KB 34ms
34ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 6831530709922679929
age: 268
x-content-type-options: nosniff
expires: Wed, 10 Dec 2025 23:08:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 10 Dec 2024 23:08:05 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 157012
x-xss-protection: 0
server: cafe

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 293 B
671 B 483ms
51ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.spokesman.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

72080ae1b29421ce899301ae8a5d6559258abd9961f47937a0b0a186be9d5ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Tue, 10 Dec 2024 23:12:34 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 129
date: Tue, 10 Dec 2024 23:12:34 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 noncritical.min.83cc2d95af74.js Show response
static.spokesman.com/sites/spokesman/js/ 2 MB
564 KB 52ms
52ms Script
application/javascript 18.173.205.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.spokesman.com/sites/spokesman/js/noncritical.min.83cc2d95af74.js
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73b2d8feb70fd308893d2dd534d608bd0fa3717562a714728fae5cf5a65746ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary: accept-encoding
cache-control: max-age=31536000,public
content-encoding: gzip
etag: W/"83cc2d95af74e7d09b6aa65cfb7e080a"
age: 422723
via: 1.1 8c1c3a8ed856f5c19ce3b4158bff94a8.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ad3fjQa1-sJhh6aqLClwythiHOLZxAdRczF4Nax_dbZeAYOcDr3IeA==
date: Fri, 06 Dec 2024 01:47:11 GMT
content-type: application/javascript
last-modified: Fri, 06 Dec 2024 01:33:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 165 B
908 B 327ms
78ms Fetch
application/json 91.134.35.216
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=6814
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.134.35.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy05.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: gzip
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.spokesman.com
content-length: 120
date: Tue, 10 Dec 2024 23:12:33 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK adb.4364783.cr.js Show response
prod.adspsp.com/ 149 KB
54 KB 47ms
47ms Script
text/javascript 13.35.58.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.adspsp.com/adb.4364783.cr.js?c=Cxfc9b472:m2joy4sv:16
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4093dbd9aaa443b093b0c1642b97137193b2ef75b3cd5f483462a289f78755f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Encoding: gzip
ETag: W/"1b2360676bdf57c5a7846a2e96f907dc"
Age: 1724158
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: rCg69w45WtH2lNcAr_1-S1_NSdK_R_wJqeKAY-wYs7xtSPOfxAOyog==
Date: Thu, 21 Nov 2024 00:16:36 GMT
Content-Type: text/javascript
Vary: accept-encoding
Last-Modified: Tue, 22 Oct 2024 00:13:11 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=2592000
Connection: keep-alive
Via: 1.1 f1b6636265d2ca44d8a0ca5488a5ec0c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P10
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK adb.4364783.pb.js Show response
prod.adspsp.com/ 239 KB
83 KB 151ms
52ms Script
text/javascript 13.35.58.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-5.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f63b401d2b6dd15bd6eafc2cb56f0cf2ac605ad61f2c3579ded49776918ef186

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Encoding: gzip
ETag: W/"966346b08963d858c4f2a6e7d744d883"
Age: 1724158
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 8v1iPvvcVcOKwQVi-7NQ37NTR4HSoxEtiz6zSBHF564ar-_8HszRWg==
Date: Thu, 21 Nov 2024 00:16:36 GMT
Content-Type: text/javascript
Vary: accept-encoding
Last-Modified: Tue, 22 Oct 2024 00:13:20 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=2592000
Connection: keep-alive
Via: 1.1 f1b6636265d2ca44d8a0ca5488a5ec0c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P10
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 63 KB
23 KB 463ms
58ms Other
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt

Requested by

Host: www.spokesman.com
URL: https://www.spokesman.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
etag: 4443559573512225521
age: 25299
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 16:10:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 10 Dec 2024 16:10:55 GMT
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 22952
x-xss-protection: 0
server: cafe
use-as-dictionary: match="/gampad/ads", id="m202412050101"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 410 KB
132 KB 68ms
67ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c&gtm=45He4c90v71896582za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1b2043e8ed99c373ffb1c64c2a9227db7ebf28c6d4cf9c89c61c017279b9b4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 10 Dec 2024 23:12:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 23:12:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134975
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 511ms
57ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 5334
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Tue, 10 Dec 2024 23:43:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 21:43:40 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma20153/575681700/20/
Redirect Chain

https://js.matheranalytics.com/s/ma20153/575681700/ml.js?cb3=1672
https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js

148 KB
43 KB

41ms
41ms

Script
application/x-javascript

107.178.250.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: a77ccf47a61b8eb1d83a4101826726c3b2b0e5b34eb9f2601785b4d1e513932c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public,max-age=3600
content-encoding: br
etag: "0033e6720ea8d009cad21d1cffea7a41"
age: 54582
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cache: HIT Sun, 18 Dec 2022 07:13:38 GMT
content-length: 43903
date: Tue, 10 Dec 2024 08:02:52 GMT
last-modified: Fri, 05 Aug 2022 08:39:28 GMT
content-type: application/x-javascript
server: nginx
vary: Accept-Encoding

Redirect headers

cache-control: public, max-age=269200
location: https://js.matheranalytics.com/static/ltm/ma20153/575681700/20/ml.br.js
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 10 Dec 2024 23:12:33 GMT
x-served-by: 4-gc-euwest1-xgfw1038
server: nginx
vary: Accept-Encoding

GET
H2 200 homepage.34bd6ced845e.json Show response
static.spokesman.com/sites/spokesman/marketing/ads/data/ 4 KB
896 B 496ms
42ms XHR
application/json 18.173.205.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.spokesman.com/sites/spokesman/marketing/ads/data/homepage.34bd6ced845e.json
Requested by: Host: static.spokesman.com
URL: https://static.spokesman.com/sites/spokesman/marketing/ads/data/base_ads.3d7203f56dfe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b975eac6985743fac96aafb6be109c9b51547302ebd1475970df1e54818ffb8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
content-encoding: gzip
etag: W/"34bd6ced845e676e134e4cce0673a496"
age: 7160368
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: L0IAzSQoNx93KZ5UjmF4aBXngAAojFyelMUuj8VffL4z7ccgHIUVLQ==
date: Thu, 19 Sep 2024 02:13:07 GMT
content-type: application/json
vary: Accept-Encoding,Origin
last-modified: Tue, 17 Sep 2024 17:27:28 GMT
cache-control: max-age=31536000,public
access-control-allow-credentials: true
via: 1.1 58afb490a7c8c45de5813dbf9e713c0c.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.spokesman.com
x-amz-cf-pop: FRA56-P12
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 loader.min.js Show response
loader-cdn.azureedge.net/prod/spokesman/ 38 KB
11 KB 540ms
37ms Script
application/javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Requested by: Host: static.spokesman.com
URL: https://static.spokesman.com/sites/spokesman/js/noncritical.min.83cc2d95af74.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6BB6) /
Resource Hash: d2852b40bedb9cfa6197a83c88e75e977e7a9fecb7b9de992d74ff2fa829fd7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: j7UiDE2bT/0ztVb+L6oPyQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DCB5E58ABFBF3E
age: 7784
x-ms-version: 2009-09-19
x-cache: HIT
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/javascript
last-modified: Tue, 06 Aug 2024 07:01:05 GMT
vary: Accept-Encoding
cache-control: max-age=43200
x-ms-request-id: 55d7bc0d-d01e-009b-0e46-4b36bb000000
access-control-allow-origin: *
content-length: 10928
x-ms-blob-type: BlockBlob
server: ECAcc (mil/6BB6)

POST
H2 204 collect
analytics.google.com/g/ 0
0 516ms
56ms Fetch
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-G3BY0LGVDL&gtm=45je4c90v869949972z871896582za200zb71896582&_p=1733872352931&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1298053471.1733872354&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sid=1733872353&sct=1&seg=0&dl=https%3A%2F%2Fwww.spokesman.com%2F&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=homepage&tfd=5926
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c&gtm=45He4c90v71896582za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.spokesman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
260 B 495ms
53ms Ping
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G3BY0LGVDL&cid=1298053471.1733872354&gtm=45je4c90v869949972z871896582za200zb71896582&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c&gtm=45He4c90v71896582za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.76.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ws-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.spokesman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 9973 0
0 477ms
52ms Document
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-G3BY0LGVDL&gacid=1298053471.1733872354&gtm=45je4c90v869949972z871896582za200zb71896582&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485&z=865894191

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c&gtm=45He4c90v71896582za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 23:12:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 rfv.php Show response
events.newsroom.bi/data/ 27 B
472 B 60ms
58ms Fetch
application/json 91.134.35.216
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/data/rfv.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=6814
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.134.35.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy05.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
content-encoding: gzip
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.spokesman.com
content-length: 42
date: Tue, 10 Dec 2024 23:12:33 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

POST
H2 200 recirculation.php Show response
events.newsroom.bi/recirculation/ 12 B
718 B 103ms
100ms Fetch
application/json 91.134.35.216
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=6814
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.134.35.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy05.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.spokesman.com
content-length: 12
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 1009641 Show response
fundingchoicesmessages.google.com/i/ 25 KB
11 KB 536ms
61ms Script
application/javascript 142.250.184.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/1009641?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f14.1e100.net

Software

ESF /

Resource Hash

f95980d70b0539b4cbc5a4518e2e1c26f0cd879d975b6d7a1b8d6645f5747288

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zGqeUKRgu88FpgMrANCIZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmLw0JBiOHHrNtMFIJb4-pJJA4id0mewBgFx681zrFOB2GjteVYnIE76d561CIgNFS6xOoJw0SVWTyBW7bnEagrE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrE1AzPD1CisHEAvxcDya-ngXm0DDi7_LmJQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MLPUMjOMLDAHukksR"
content-security-policy: script-src 'report-sample' 'nonce-zGqeUKRgu88FpgMrANCIZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 557ms
115ms Image
image/gif 54.173.215.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&hier=Homepage&ptype=homepage&pubname=The%20Spokesman-Review&sec=Homepage&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Europe%2FRome&tzoff=-60&lang=it-IT&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=75f9e7d8-0a06-48e0-a3a9-5dec9334d024&pid=5e5121c7-c738-445e-a2e3-6095f9fdd77a&dtm=1733872354127&qnm=_matherq&visible=1&tabid=ac062c78-74e5-4061-89e9-7135d873891c&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9483&tofa=1733872354&vid=1&lvidt=1733872354&duid=73247b06-f214-412e-bef6-9a26ca227eeb&fp=1909642807&cid=ma20153&mrk=575681700&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTczMzg3MjM0ODAwNyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxOS4xNDc2MjNtYiIsImhlYXBUIjoiMjQuNDIyNTM5bWIiLCJmc3RQYWludCI6IjQ5NzciLCJmZXRjaFMiOiIzNzEyIiwiZG9tYWluUyI6IjM3MTIiLCJkb21haW5FIjoiMzc1NCIsImNvbm5TIjoiMzc1NCIsImNvbm5FIjoiNDE2MyIsInNzbFMiOiI0MDYxIiwicmVxdVMiOiI0MTYzIiwicmVzcFMiOiI0MjQyIiwicmVzcEUiOiI0MjY5IiwiZG9tTG9hZCI6IjQyNDgiLCJkb21JbnRlciI6IjQ5NTkiLCJkb21Mb2FkUyI6IjU1OTciLCJkb21Mb2FkRSI6IjU1OTcifSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiIxMjk4MDUzNDcxIiwicmVmVGltZSI6IjE3MzM4NzIzNTQxMjcifV19
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-37.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 10 Dec 2024 23:12:34 GMT
Content-Type: image/gif
Connection: keep-alive

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
423 B 51ms
50ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=416925448&t=pageview&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=it-it&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACACI~&jid=1275749687&gjid=595731421&cid=1298053471.1733872354&tid=UA-230256-14&_gid=1338740073.1733872354&_slc=1&gtm=45He4c90n715P9SH6v71896582za200&cd7=Homepage&cd9=homepage&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&z=921507502

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 23:12:34 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.spokesman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
648 B 103ms
51ms XHR
text/plain 173.194.76.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-230256-14&cid=1298053471.1733872354&jid=1275749687&gjid=595731421&_gid=1338740073.1733872354&_u=YCDAiEABBAAAAGACIAC~&z=1412355191

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 23:12:34 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin: https://www.spokesman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 1
server: Golfe2

POST
H2 204 request Show response
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
487 B 571ms
94ms Fetch 178.250.1.4
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.4.1&cb=34887916592&lsavail=1&networkId=12005

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.4 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://www.spokesman.com
date: Tue, 10 Dec 2024 23:12:34 GMT
vary: Origin
server: Kestrel

POST
H2 200 v1 Show response
prg.smartadserver.com/prebid/ 0
241 B 415ms
183ms Fetch
application/json 81.17.55.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.spokesman.com
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json; charset=UTF-8
vary: Origin

POST
H2 200 v1 Show response
prg.smartadserver.com/prebid/ 0
241 B 297ms
66ms Fetch
application/json 81.17.55.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.spokesman.com
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json; charset=UTF-8
vary: Origin

POST
H2 200 v1 Show response
prg.smartadserver.com/prebid/ 0
241 B 321ms
92ms Fetch
application/json 81.17.55.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.spokesman.com
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json; charset=UTF-8
vary: Origin

POST
H2 200 v1 Show response
prg.smartadserver.com/prebid/ 0
241 B 293ms
62ms Fetch
application/json 81.17.55.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.spokesman.com
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json; charset=UTF-8
vary: Origin

POST
H2 200 v1 Show response
prg.smartadserver.com/prebid/ 0
241 B 297ms
67ms Fetch
application/json 81.17.55.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.spokesman.com
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json; charset=UTF-8
vary: Origin

POST
H2 200 v1 Show response
prg.smartadserver.com/prebid/ 0
242 B 292ms
62ms Fetch
application/json 81.17.55.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.spokesman.com
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json; charset=UTF-8
vary: Origin

POST
H2 200 v1 Show response
prg.smartadserver.com/prebid/ 0
241 B 296ms
65ms Fetch
application/json 81.17.55.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.spokesman.com
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 10 Dec 2024 23:12:33 GMT
content-type: application/json; charset=UTF-8
vary: Origin

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 995 B
1 KB 300ms
143ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU57RW71
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 1f701190dd51132cf72f60e553431bd747b237db10c0e80c7bfb3cb8abd431fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time: 61
access-control-allow-credentials: true
via: 1.1 google
expires: Tue, 10 Dec 2024 23:12:34 GMT
access-control-allow-origin: https://www.spokesman.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json;charset=utf-8
server: envoy

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 735 B
988 B 567ms
70ms Fetch
application/json 63.215.202.146
VCLK-EU-SE Conver...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.215.202.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE Conversant LLC, US),
Reverse DNS: ams01-convex-float1.dotomi.com
Software: nginx /
Resource Hash: 2ca90e027c0d297f25a421b5d6e19cc1308d0d3903d0d62e6e603550c5cf2ecc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: no-cache
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.spokesman.com
content-length: 735
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json
server: nginx

POST
H2 200 adreq Show response
ads.servenobid.com/ 616 B
711 B 385ms
176ms Fetch
application/json 143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.servenobid.com/adreq?cb=7054

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

8cc754aacdee74f05b21a28d08874f29c0406aeb5bfc9b67e37bdf4b8cc2e3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: https://www.spokesman.com
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json
vary: accept-encoding

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
177 B 316ms
176ms Fetch 163.5.194.36
SECUREDSERVERS-EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.36 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://www.spokesman.com
date: Tue, 10 Dec 2024 23:12:34 GMT
x-envoy-upstream-service-time: 99
vary: origin, accept-encoding, Accept-Encoding
server: envoy
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
123 B 238ms
56ms Fetch 52.59.238.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.59.238.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-238-109.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.spokesman.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
123 B 245ms
62ms Fetch 52.59.238.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.59.238.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-238-109.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.spokesman.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
123 B 243ms
61ms Fetch 52.59.238.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.59.238.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-238-109.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.spokesman.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
123 B 239ms
56ms Fetch 52.59.238.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.59.238.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-238-109.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.spokesman.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
124 B 235ms
53ms Fetch 52.59.238.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.59.238.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-238-109.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.spokesman.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
123 B 246ms
63ms Fetch 52.59.238.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.59.238.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-238-109.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.spokesman.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
123 B 257ms
74ms Fetch 52.59.238.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.59.238.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-238-109.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.spokesman.com
access-control-allow-credentials: true

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
123 B 236ms
53ms Fetch 52.59.238.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.59.238.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-238-109.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.spokesman.com
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
711 B 237ms
72ms Fetch
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.198.62.232; 185.198.62.232; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://www.spokesman.com
an-x-request-uuid: 6832b2c2-0023-40ac-acd9-4d5408c833c4
content-length: 19
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 10 Dec 2024 23:12:34 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 83 B
483 B 377ms
120ms Fetch
application/json 34.247.103.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.247.103.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-103-188.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: bc5554eaa8460b63284f11fe95f50e83648d82bb10ac1969399418c53e49f650

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 28
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.spokesman.com
content-length: 108
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json
server: istio-envoy
x-reason: blocked by Human IVT
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 1 KB
2 KB 288ms
137ms Fetch
application/json 185.255.84.150
IGUANE-FR Iguane ...

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.spokesman.com%2F&PageUrl=https%3A%2F%2Fwww.spokesman.com%2F&PageReferrer=https%3A%2F%2Fwww.spokesman.com%2F

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-FR Iguane Solutions SAS, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

a0be785f74fc193277e33f5d93429ec1f4cdba4afbb26de25dfe5ed795708878

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 69
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST
x-content-type-options: nosniff
expires: 0
access-control-allow-origin: https://www.spokesman.com
content-length: 1248
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: ayl-lb-fra02
access-control-allow-headers: Accept-Encoding, Content-Type

POST
H2 200 recirculation.php Show response
events.newsroom.bi/recirculation/ 12 B
718 B 52ms
51ms Fetch
application/json 91.134.35.216
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/recirculation/recirculation.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=6814
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.134.35.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy05.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.spokesman.com
content-length: 12
date: Tue, 10 Dec 2024 23:12:34 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 9FB5 0
0 521ms
65ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29117
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 23:00:44 GMT
expires: Tue, 10 Dec 2024 23:50:44 GMT
last-modified: Mon, 09 Dec 2024 20:44:42 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 loader-config.json Show response
cdn.q0losid.com/prod/spokesman/ 3 KB
1 KB 544ms
63ms Fetch
application/json 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.q0losid.com/prod/spokesman/loader-config.json
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C5E) /
Resource Hash: 66951e217d3a7d3f4b0b3d94de73baa28a45a31f1998a1fa098fceb3ebc5035c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: CvEy5wQsqkQz4BHEx8iJPg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DCB5E61E2FDF1B
age: 7784
x-ms-version: 2009-09-19
x-cache: HIT
date: Tue, 10 Dec 2024 23:12:35 GMT
content-type: application/json
last-modified: Tue, 06 Aug 2024 07:05:13 GMT
vary: Accept-Encoding
cache-control: max-age=43200
x-ms-request-id: 414b2e1f-001e-0098-7c46-4bd7df000000
access-control-allow-origin: *
content-length: 679
x-ms-blob-type: BlockBlob
server: ECAcc (mil/6C5E)

GET
H/1.1 204
No Content /
adspsp.com/pt/4364783/23/1/ 0
110 B 897ms
193ms Image
image/png 44.236.165.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/4364783/23/1/?a=2,a2m4j2tyhbGbwiz8EbNI,207vOOfUXX&aa=a1,000GumhX.u1:1---&a2=T1.m.0.2.a.a&a3=0,zv,0,1,1,1,1,1,0,0,0,0,1,0,0,0,0,0,0,0,0&b=a0&b=vB,1&b=I1,1K,1,2,:g3,4:,:s5,6:1j,1,3,7,:s6,5:7,:r9e,:D,,,1,,8,5e,jG::,:SaW,:R3,5V,5:,:Rb,66,g:,:Rl,bT,1S:,:Rq,wC,6:,:Rq,wE,6:,:Rd,DA,x:,:Ru,QO,2Z:,:Rz,QZ,2P:,:Rp,WV,2T:,:Ro,1rf,2W:,:RJ,1NL,3e:,:D,,,1,,8,5e,jG:,:H,,,0::,:CkH,:b,:R3,5V,5:0,,3V,,0:,:b,:Rb,66,g:0,,9c,,0:,:b,:Rl,bT,1S:0,,4S,,0:,:b,:Rq,wC,6:0,,,,0:,:b,:Rq,wE,6:0,,,,0:,:b,:Rd,DA,x:0,,4b,,0:,:b,:Ru,QO,2Z:0,,4H,,0:,:b,:Rz,QZ,2P:0,,6J,,0:,:b,:Rp,WV,2T:0,,6f,,0:,:b,:Ro,1rf,2W:0,,58,,0:,:b,:RJ,1NL,3e:0,,67,,0:,:D,,,1,,8,5e,jG:,:H,,,0::&b=I9,1N,1,a,:g3,b:,:sc,d,e:8J,1,q,7,:se,d:7,:r9f,:D,1C,,1,,f,3B,0::,:SaX,:R3,1aX,5:,:Rb,1aY,g:,:Rl,1b4,1S:,:Rq,wB,6:,:Rq,Xv,6:,:Rd,1b2,x:,:Rd,1b3,x:,:Ru,1b1,2Z:,:Rz,1b0,2P:,:Rp,1aZ,2T:,:Ro,1rf,2W:,:RJ,1NL,3e:,:D,1C,,1,,f,3B,0:,:H,,,0::,:CkH,:b,:R3,1aX,5:0,,3V,,0:,:b,:Rb,1aY,g:0,,9c,,0:,:b,:Rl,1b4,1S:0,,4S,,0:,:b,:Rq,wB,6:0,,9j,,0:,:b,:Rq,Xv,6:0,,9j,,0:,:b,:Rd,1b2,x:0,,4b,,0:,:b,:Rd,1b3,x:0,,4b,,0:,:b,:Ru,1b1,2Z:0,,4H,,0:,:b,:Rz,1b0,2P:0,,6J,,0:,:b,:Rp,1aZ,2T:0,,6f,,0:,:b,:Ro,1rf,2W:0,,58,,0:,:b,:RJ,1NL,3e:0,,67,,0:,:D,1C,,1,,f,3B,0:,:H,,,0::&b=Ig,1J,1,h,:g3,i:,:s5:1k,1,5,7,,7,:r9f,:D,,,5,aq,8,tM,iu::,:SaX,:R3,5W,5:,:Rb,67,g:,:Rl,bS,1S:,:Rq,wC,6:,:Rd,DB,x:,:Ru,QP,2Z:,:Rz,R0,2P:,:Rp,WW,2T:,:Ro,1rf,2W:,:RJ,1NL,3e:,:D,,,5,aq,8,tM,iu:,:H,,,0::,:CkI,:b,:R3,5W,5:0,,3V,,0:,:b,:Rb,67,g:0,,9c,,0:,:b,:Rl,bS,1S:0,,4S,,0:,:b,:Rq,wC,6:0,,9j,,0:,:b,:Rd,DB,x:0,,4b,,0:,:b,:Ru,QP,2Z:0,,4H,,0:,:b,:Rz,R0,2P:0,,6J,,0:,:b,:Rp,WW,2T:0,,6f,,0:,:b,:Ro,1rf,2W:0,,58,,0:,:b,:RJ,1NL,3e:0,,67,,0:,:D,,,5,aq,8,tM,iu:,:H,,,0::&b=Ij,1P,1,k,:g3,l:,:se:1h,1,1,7,,7,:r9g,:D,,,5,Ug,m,1dC,12::,:SaX,:R3,5T,5:,:Rb,64,g:,:Rl,bQ,1S:,:Rq,wB,6:,:Rd,Dz,x:,:Ru,QM,2Z:,:Rz,QX,2P:,:Rp,WT,2T:,:Ro,1rf,2W:,:RJ,1NL,3e:,:D,,,5,Ug,m,1dC,12:,:H,,,0::,:CkI,:b,:R3,5T,5:0,,3V,,0:,:b,:Rb,64,g:0,,9c,,0:,:b,:Rl,bQ,1S:0,,4S,,0:,:b,:Rq,wB,6:0,,9j,,0:,:b,:Rd,Dz,x:0,,4b,,0:,:b,:Ru,QM,2Z:0,,4H,,0:,:b,:Rz,QX,2P:0,,6J,,0:,:b,:Rp,WT,2T:0,,6f,,0:,:b,:Ro,1rf,2W:0,,58,,0:,:b,:RJ,1NL,3e:0,,67,,0:,:D,,,5,Ug,m,1dC,12:,:H,,,0::&b=In,1P,1,o,:g3,p:,:se:1h,1,1,7,,7,:r9g,:D,,,5,1gC,m,1zY,12::,:SaX,:R3,5T,5:,:Rb,64,g:,:Rl,bQ,1S:,:Rq,wB,6:,:Rd,Dz,x:,:Ru,QM,2Z:,:Rz,QX,2P:,:Rp,WT,2T:,:Ro,1rf,2W:,:RJ,1NL,3e:,:D,,,5,1gC,m,1zY,12:,:H,,,0::&b=Iq,1P,1,r,:g3,s:,:se:1h,1,1,7,,7,:r9g,:D,,,5,1rV,m,1Lh,12::,:SaX,:R3,5T,5:,:Rb,64,g:,:Rl,bQ,1S:,:Rq,wB,6:,:Rd,Dz,x:,:Ru,QM,2Z:,:Rz,QX,2P:,:Rp,WT,2T:,:Ro,1rf,2W:,:RJ,1NL,3e:,:D,,,5,1rV,m,1Lh,12:,:H,,,0::&b=It,1H,1,u,:g3,v:,:se:1h,1,1,7,,7,:r9g,:D,,,5,1SY,w,2ck,0::,:SaX,:R3,5T,5:,:Rb,64,g:,:Rl,bQ,1S:,:Rq,wB,6:,:Rd,Dz,x:,:Ru,QM,2Z:,:Rz,QX,2P:,:Rp,WT,2T:,:Ro,1rf,2W:,:RJ,1NL,3e:,:D,,,5,1SY,w,2ck,0:,:H,,,0::&bi=U5d025YOAGSa1,adbridg_ad_adbdtsiderailtop_1,1009641,spokesman_homepage_top_300x250,300x250,300x600,0.05,300x0,Upo015YOAGSa2,adbridg_ad_adbdtsponsorshiplg_1,SpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100,1280x100,970x90,728x90,1600x101,Uic035YOAGSa3,adbridg_ad_adbdtsiderailmid_1,spokesmandesktop_homepage_dashboard_300x250,Upg045YOAGSa4,adbridg_ad_adbdtlb_1,spokesmandesktop_homepage_1_728x90,1088x0,Uv6055YOAGSa5,adbridg_ad_adbdtlb_2,spokesmandesktop_homepage_2_728x90,Urs065YOAGSa6,adbridg_ad_adbdtlb_3,spokesmandesktop_homepage_3_728x90,Uqq075YOAGSa7,adbridg_ad_adbdtlbtop_1,spokesman_homepage_728x90,1600x0&bt=uwB9HeR&c=https%3A%2F%2Fwww.spokesman.com%2F&d=&f=1.m4j2tu1z.2T4f2&g=2T5ey&u=Cxfc9b472:m2joy4sv:16&v=18g.xc.0.7e8.1.0&adbj=aov4m4j2tydgben&mp=0.5&adb_cm=t5a&txx=Txx1&rnd=1733872355025
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.165.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-165-148.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 0
Content-Type: image/png
Server: linux
Connection: keep-alive

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 440 KB
108 KB 721ms
721ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4242519121166838&correlator=1947957894483246&eid=83321072&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=1009641%2Cspokesman_homepage_top_300x250%2CSpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100%2Cspokesmandesktop_homepage_dashboard_300x250%2Cspokesmandesktop_homepage_1_728x90%2Cspokesmandesktop_homepage_2_728x90%2Cspokesmandesktop_homepage_3_728x90%2Cspokesman_homepage_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=300x250%7C300x600%2C1280x100%7C970x90%7C728x90%2C300x250%2C728x90%2C728x90%2C728x90%2C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1733872355054&lmt=1733872355&adxs=1220%2C160%2C1146%2C244%2C244%2C244%2C436&adys=340%2C223%2C1862%2C4704%2C6091%2C6792%2C8469&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4%7C5&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.spokesman.com%2F&vis=1&psz=300x0%7C1600x101%7C300x0%7C1088x0%7C1088x0%7C1088x0%7C1600x0&msz=300x0%7C1600x101%7C300x0%7C1088x0%7C1088x0%7C1088x0%7C1600x0&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733872352255&idt=1440&prev_scp=pos%3Dsiderail_top%26adb_imp%3DS108.2%2C1%26adb_bdr%3Dnone%7Cpos%3Dsponsorship_lg%26adb_imp%3DS111.1%2C1%26adb_bdr%3Dnone%7Cpos%3Dsiderail_middle%26adb_imp%3DS107.3%2C1%26adb_bdr%3Dnone%7Cpos%3Dlb%26adb_imp%3DS113.4%2C1%26adb_bdr%3Dnone%7Cpos%3Dlb%26adb_imp%3DS113.5%2C1%26adb_bdr%3Dnone%7Cpos%3Dlb%26adb_imp%3DS113.6%2C1%26adb_bdr%3Dnone%7Cpos%3Dlb_top%26adb_imp%3DS105.7%2C1%26adb_bdr%3Dnone&cust_params=tags%3D%26section%3DHomepage%26category%3D%26adb_pvd%3Dt5a&adks=3807960518%2C3931918710%2C3317406844%2C1956364540%2C2257727239%2C3046312524%2C607146697&frm=20&eoidce=1&td=1&egid=58150&tan=8744371d-5e68-4729-858b-04885b849a2c%2C8744371d-5e68-4729-858b-04885b849a2d%2C8744371d-5e68-4729-858b-04885b849a2e%2C8744371d-5e68-4729-858b-04885b849a2f%2C8744371d-5e68-4729-858b-04885b849a30%2C8744371d-5e68-4729-858b-04885b849a31%2C8744371d-5e68-4729-858b-04885b849a32&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6fbb7a976dc2ad51bea1a8192f67b80f9e909996811a92d2c884fd15778a6a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: dcb
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 10 Dec 2024 23:12:35 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1,-1,-1,-1,-1,-1,-1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.spokesman.com
content-length: 110047
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BA07 0
0 567ms
75ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 23:12:35 GMT
expires: Tue, 10 Dec 2024 23:12:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content /
adspsp.com/pt/4364783/23/1/ 0
110 B 805ms
202ms Image
image/png 44.236.165.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/4364783/23/1/?a=2,a2m4j2tyhbGbwiz8EbNI,207vOOfUXX&aa=a1,000GumhX.u1:1---&a2=T1.m.0.2.a.a&a3=0,12n,0,1,1,1,1,1,0,0,0,0,1,0,0,0,0,0,0,0,0&b=I1,1P,1,2,:g3,4:,:s5:1h,1,1,6,,6,:C0,:b,:R3,5T,5:0,,3V,,0:,:b,:Rb,64,g:0,,9c,,0:,:b,:Rl,bQ,1S:0,,4S,,0:,:b,:Rq,wB,6:0,,9j,,0:,:b,:Rd,Dz,x:0,,4b,,0:,:b,:Ru,QM,2Z:0,,4H,,0:,:b,:Rz,QX,2P:0,,6J,,0:,:b,:Rp,WT,2T:0,,6f,,0:,:b,:Ro,1rf,2W:0,,58,,0:,:b,:RJ,1NL,3e:0,,67,,0:,:D,,,5,1gC,7,1zY,12:,:H,,,0::,:qI,4,c,:D,,,5,1gS,7,1Ae,12::&b=I8,1P,1,9,:g3,a:,:s5:1h,1,1,6,,6,:C0,:b,:R3,5T,5:0,,3V,,0:,:b,:Rb,64,g:0,,9c,,0:,:b,:Rl,bQ,1S:0,,4S,,0:,:b,:Rq,wB,6:0,,9j,,0:,:b,:Rd,Dz,x:0,,4b,,0:,:b,:Ru,QM,2Z:0,,4H,,0:,:b,:Rz,QX,2P:0,,6J,,0:,:b,:Rp,WT,2T:0,,6f,,0:,:b,:Ro,1rf,2W:0,,58,,0:,:b,:RJ,1NL,3e:0,,67,,0:,:D,,,5,1rV,7,1Lh,12:,:H,,,0::,:qI,4,d,:D,,,5,1sb,7,1Lx,12::&b=Ib,1H,1,c,:g3,d:,:s5:1h,1,1,6,,6,:C0,:b,:R3,5T,5:0,,3V,,0:,:b,:Rb,64,g:0,,9c,,0:,:b,:Rl,bQ,1S:0,,4S,,0:,:b,:Rq,wB,6:0,,9j,,0:,:b,:Rd,Dz,x:0,,4b,,0:,:b,:Ru,QM,2Z:0,,4H,,0:,:b,:Rz,QX,2P:0,,6J,,0:,:b,:Rp,WT,2T:0,,6f,,0:,:b,:Ro,1rf,2W:0,,58,,0:,:b,:RJ,1NL,3e:0,,67,,0:,:D,,,5,1SY,e,2ck,0:,:H,,,0::,:qI,4,e,:D,,,5,1Te,e,2cA,0::&b=If,1K,1,g,:g3,h:,:si,j:1j,1,3,6,:sj,i:6,:qH,4,5,:D,,,1,,k,5u,jG::&b=GH,1,:Kl,:k:m,:kn:o,:kp::,:Lf,q,r,s,1,8,b:&b=Kt,:ku:&b=Iq,1N,1,v,:g3,w:,:sx,y,5:8J,1,q,6,:s5,y:6,:qI,4,7,:D,1C,,1,,z,3B,0::&b=Kt,:kA:&b=Ir,1J,1,B,:g3,C:,:si:1k,1,5,6,,6,:qI,4,9,:D,,,5,aG,k,u2,iu::&b=Kt,:kD:&b=Is,1P,1,E,:g3,F:,:s5:1h,1,1,6,,6,:qI,4,b,:D,,,5,Uw,7,1dS,12::&b=Kt,:kG:&b=Kt,:kG:&b=Kt,:kG:&b=Kt,:kH:&bi=Uv6055YOAGSa5,adbridg_ad_adbdtlb_2,1009641,spokesmandesktop_homepage_2_728x90,728x90,0.05,1088x0,Urs065YOAGSa6,adbridg_ad_adbdtlb_3,spokesmandesktop_homepage_3_728x90,Uqq075YOAGSa7,adbridg_ad_adbdtlbtop_1,spokesman_homepage_728x90,1600x0,U5d025YOAGSa1,adbridg_ad_adbdtsiderailtop_1,spokesman_homepage_top_300x250,300x250,300x600,300x0,tags,section,Homepage,adb_pvd,t5a,Upo015YOAGSa2,Uic035YOAGSa3,Upg045YOAGSa4,pos,siderail_top,adbridg_ad_adbdtsponsorshiplg_1,SpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100,1280x100,970x90,1600x101,sponsorship_lg,adbridg_ad_adbdtsiderailmid_1,spokesmandesktop_homepage_dashboard_300x250,siderail_middle,adbridg_ad_adbdtlb_1,spokesmandesktop_homepage_1_728x90,lb,lb_top&bt=uwB9Hzz&c=https%3A%2F%2Fwww.spokesman.com%2F&d=&f=1.m4j2tu1z.2T4f2&g=2T5hq&u=Cxfc9b472:m2joy4sv:16&v=18g.xc.0.7eo.1.0&adbj=aov4m4j2tydgben&mp=0.5&adb_cm=t5a&txx=Txx2&rnd=1733872355125
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.165.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-165-148.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 0
Content-Type: image/png
Server: linux
Connection: keep-alive

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 472ms
34ms Script
application/x-javascript 152.199.19.161
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.161 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C34) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: HdY95yzx9wIyQkVEGES+Ew==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8D8E461DA1A5889
age: 671
x-ms-version: 2009-09-19
expires: Tue, 10 Dec 2024 23:42:35 GMT
x-cache: HIT
date: Tue, 10 Dec 2024 23:12:35 GMT
content-type: application/x-javascript
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
vary: Accept-Encoding
cache-control: public, max-age=1800
x-ms-meta-lastmodified: 2020-10-01 19:31:04
x-ms-request-id: 54346e67-401e-001a-4257-4b4c9e000000
access-control-allow-origin: *
content-length: 22495
x-ms-blob-type: BlockBlob
server: ECAcc (mil/6C34)

GET
H2 200 fp.min.js Show response
cdn.mbmgivexdvpajr.com/prod/spokesman/ 66 KB
23 KB 552ms
38ms Script
application/javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mbmgivexdvpajr.com/prod/spokesman/fp.min.js?20241111
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C35) /
Resource Hash: eab6233096b857ecda13c7f64b1cee3378457faa09df4db474f765029f2fe921

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.spokesman.com
Referer

Response headers

content-md5: uNbNlIeYZ9WdMaBieS7wbw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DC5851DD8F1922
age: 6338
x-ms-version: 2009-09-19
x-cache: HIT
date: Tue, 10 Dec 2024 23:12:35 GMT
content-type: application/javascript
last-modified: Tue, 09 Apr 2024 04:59:41 GMT
vary: Accept-Encoding
cache-control: max-age=43200
x-ms-request-id: 4e6ae36a-501e-002c-784a-4b1b11000000
access-control-allow-origin: *
content-length: 23529
x-ms-blob-type: BlockBlob
server: ECAcc (mil/6C35)

GET
H2 200 g2i.min.js Show response
cdn.dmepyodjotcuks.com/prod/spokesman/ 220 KB
48 KB 547ms
36ms Script
application/x-javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.dmepyodjotcuks.com/prod/spokesman/g2i.min.js?20241111
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C13) /
Resource Hash: 784a1ac4d8ce645fdb028ae1dd9ac1a4f51701735ac742eb9311d713c7b9500c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.spokesman.com
Referer

Response headers

content-md5: +luPbKYzg50CkH72OqP1XA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DC585202D59F8F
age: 7783
x-ms-version: 2009-09-19
x-cache: HIT
date: Tue, 10 Dec 2024 23:12:35 GMT
content-type: application/x-javascript
last-modified: Tue, 09 Apr 2024 05:00:43 GMT
vary: Accept-Encoding
cache-control: max-age=43200
x-ms-request-id: 1688f840-901e-009a-3f46-4b6967000000
access-control-allow-origin: *
content-length: 49067
x-ms-blob-type: BlockBlob
server: ECAcc (mil/6C13)

GET
H2 200 t8y9347t.min.js Show response
cdn.vmzqqmlpwwmazjnio.com/prod/spokesman/ 1 MB
1 MB 964ms
452ms Script
application/javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/spokesman/t8y9347t.min.js?20241111
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ef1c45980dc2c58d637e4c716191dccc7e594d9ef80f8e41328c15615fd12b18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.spokesman.com
Referer

Response headers

content-md5: pSMiqQ4dzXhi5IpFfqaXVg==
cache-control: max-age=43200
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8DC58519A3EEE2E
x-ms-request-id: b8798fab-301e-0077-4d59-4b222a000000
access-control-allow-origin: *
content-length: 1543705
date: Tue, 10 Dec 2024 23:12:35 GMT
content-type: application/javascript
last-modified: Tue, 09 Apr 2024 04:57:48 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob

GET
H2 200 t8y9347t.min.css
cdn.vmzqqmlpwwmazjnio.com/prod/spokesman/ 396 KB
397 KB 1015ms
452ms Stylesheet
text/css 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/spokesman/t8y9347t.min.css?20241111
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/spokesman/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2daf4f648f61913798a435e8a7de48bc507cef6d1beef4a05e314dad8db6f4bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: KGAI+MIxF0Nl5uOt1Fi9/Q==
cache-control: max-age=43200
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
x-ms-version: 2009-09-19
etag: 0x8DC58519A3E03EA
x-ms-request-id: 656766d4-301e-0067-1559-4be742000000
access-control-allow-origin: *
content-length: 405473
date: Tue, 10 Dec 2024 23:12:36 GMT
content-type: text/css
last-modified: Tue, 09 Apr 2024 04:57:48 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob

GET
H2 200 container.html
c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CA5D 0
0 0ms
0ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 23:12:35 GMT
expires: Tue, 10 Dec 2024 23:12:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A444 0
0 0ms
0ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 23:12:35 GMT
expires: Tue, 10 Dec 2024 23:12:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FBAB 0
0 0ms
0ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 23:12:35 GMT
expires: Tue, 10 Dec 2024 23:12:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 115ms
114ms Image
image/gif 54.173.215.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMzI1Mzc4MDcxNyIsImVhZHYiOiI1MzUzNzY5MjUzIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvc3Bva2VzbWFuX2hvbWVwYWdlX3RvcF8zMDB4MjUwIiwic2l6ZSI6IjMwMHg2MDAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Europe%2FRome&tzoff=-60&lang=it-IT&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=753d2a8b-1540-40dd-bf78-d71435f70a01&pid=5e5121c7-c738-445e-a2e3-6095f9fdd77a&dtm=1733872355822&qnm=_matherq&visible=1&tabid=ac062c78-74e5-4061-89e9-7135d873891c&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9600&tofa=1733872354&vid=1&lvidt=1733872354&duid=73247b06-f214-412e-bef6-9a26ca227eeb&fp=1909642807&cid=ma20153&mrk=575681700
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-37.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 10 Dec 2024 23:12:35 GMT
Content-Type: image/gif
Connection: keep-alive

GET
H2 200 container.html
c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 563B 0
0 0ms
0ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 23:12:35 GMT
expires: Tue, 10 Dec 2024 23:12:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3E78 0
0 0ms
0ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 23:12:35 GMT
expires: Tue, 10 Dec 2024 23:12:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 85C8 0
0 0ms
0ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 23:12:35 GMT
expires: Tue, 10 Dec 2024 23:12:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E65B 0
0 0ms
0ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 23:12:35 GMT
expires: Tue, 10 Dec 2024 23:12:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 130ms
130ms Image
image/gif 54.173.215.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMzI1Mzc4MDcxNyIsImVhZHYiOiI1MzUzNzY5MjUzIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvU3Bva2VzbWFuRGVza3RvcF9TdXBlckxlYWRlckJvYXJkX0hvbWVQYWdlXzEyODB4MTAwIiwic2l6ZSI6IjcyOHg5MCIsInJlbmRlcmVkIjoiMSJ9&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Europe%2FRome&tzoff=-60&lang=it-IT&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=8d93712a-c7fd-47e0-97b9-eb9830b101d7&pid=5e5121c7-c738-445e-a2e3-6095f9fdd77a&dtm=1733872355876&qnm=_matherq&visible=1&tabid=ac062c78-74e5-4061-89e9-7135d873891c&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9960&tofa=1733872354&vid=1&lvidt=1733872354&duid=73247b06-f214-412e-bef6-9a26ca227eeb&fp=1909642807&cid=ma20153&mrk=575681700
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-37.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 10 Dec 2024 23:12:36 GMT
Content-Type: image/gif
Connection: keep-alive

GET
H/1.1 204
No Content /
adspsp.com/pt/4364783/23/1/ 0
110 B 201ms
201ms Image
image/png 44.236.165.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/4364783/23/1/?a=2,a2m4j2tyhbGbwiz8EbNI,207vOOfUXX&aa=a1,000GumhX.u1:1---&a2=T1.m.0.2.a.a&a3=0,1qw,0,1,1,1,1,1,7,7,7,7,1,0,0,0,0,0,0,0,0&b=I1,1K,1,2,:g3,4:,:s5,6:1j,1,3,7,:s6,5:7,:Qd8,1,2,6,8,9,,,a,b,:D,1C,,1,,6,5u,jG::&b=G0,1,:Kc,:k:d,:ke:f,:kg::,:L1,h,i,j,k,l,m:&b=Kn,:ko:&b=Ih,1N,1,p,:g3,q:,:sr,s,t:8J,1,q,7,:st,s:7,:Qdn,1,4,t,8,9,,,a,b,:D,1C,,1,,u,3B,0::&b=Kn,:kv:&b=Ii,1J,1,w,:g3,x:,:s5:1k,1,5,7,,7,:Qdn,1,6,5,8,9,,,a,b,:D,,,5,8F,5,s1,iu::&b=Kn,:ky:&b=Ij,1P,1,z,:g3,A:,:st:1h,1,1,7,,7,:Qdn,1,8,t,8,9,,,a,b,:D,,,5,Uw,B,1dS,12::&b=Kn,:kC:&b=Ik,1P,1,D,:g3,E:,:st:1h,1,1,7,,7,:Qdn,1,a,t,8,9,,,a,b,:D,,,5,1ik,B,1BG,12::&b=Kn,:kC:&b=Il,1P,1,F,:g3,G:,:st:1h,1,1,7,,7,:Qdo,1,c,t,8,9,,,a,b,:D,,,5,1v5,B,1Or,12::&b=Kn,:kC:&b=Im,1H,1,H,:g3,I:,:st:1h,1,1,7,,7,:Qdo,1,e,t,8,9,,,a,b,:D,,,5,1XA,J,2gW,0::&b=Kn,:kK:&bi=U5d025YOAGSa1,adbridg_ad_adbdtsiderailtop_1,1009641,spokesman_homepage_top_300x250,300x250,300x600,0.05,5QjRWZ,3ycx09,2r8YJ5z,6Y2zL5,tags,section,Homepage,adb_pvd,t5a,Upo015YOAGSa2,Uic035YOAGSa3,Upg045YOAGSa4,Uv6055YOAGSa5,Urs065YOAGSa6,Uqq075YOAGSa7,pos,siderail_top,adbridg_ad_adbdtsponsorshiplg_1,SpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100,1280x100,970x90,728x90,1600x101,sponsorship_lg,adbridg_ad_adbdtsiderailmid_1,spokesmandesktop_homepage_dashboard_300x250,siderail_middle,adbridg_ad_adbdtlb_1,spokesmandesktop_homepage_1_728x90,1088x90,lb,adbridg_ad_adbdtlb_2,spokesmandesktop_homepage_2_728x90,adbridg_ad_adbdtlb_3,spokesmandesktop_homepage_3_728x90,adbridg_ad_adbdtlbtop_1,spokesman_homepage_728x90,1600x90,lb_top&bt=uwB9HAg&c=https%3A%2F%2Fwww.spokesman.com%2F&d=&f=1.m4j2tu1z.2T4f2&g=2T660&u=Cxfc9b472:m2joy4sv:16&v=18g.xc.0.7oo.1.0&adbj=aov4m4j2tydgben&mp=0.7&adb_cm=t5a&txx=Txx3&rnd=1733872355999
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.165.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-165-148.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 0
Content-Type: image/png
Server: linux
Connection: keep-alive

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 2 B
781 B 53ms
51ms Fetch
application/json 91.134.35.216
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=6814
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.134.35.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy05.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.spokesman.com
content-length: 2
date: Tue, 10 Dec 2024 23:12:36 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 115ms
115ms Image
image/gif 54.173.215.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMzI1Mzc4MDcxNyIsImVhZHYiOiI1MzUzNzY5MjUzIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvc3Bva2VzbWFuZGVza3RvcF9ob21lcGFnZV9kYXNoYm9hcmRfMzAweDI1MCIsInNpemUiOiIzMDB4MjUwIiwicmVuZGVyZWQiOiIxIn0&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Europe%2FRome&tzoff=-60&lang=it-IT&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=0236da21-0d75-43d6-99ed-53785866d52d&pid=5e5121c7-c738-445e-a2e3-6095f9fdd77a&dtm=1733872355880&qnm=_matherq&visible=1&tabid=ac062c78-74e5-4061-89e9-7135d873891c&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9960&tofa=1733872354&vid=1&lvidt=1733872354&duid=73247b06-f214-412e-bef6-9a26ca227eeb&fp=1909642807&cid=ma20153&mrk=575681700
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-37.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 10 Dec 2024 23:12:36 GMT
Content-Type: image/gif
Connection: keep-alive

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 119ms
119ms Image
image/gif 54.173.215.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMzI1Mzc4MDcxNyIsImVhZHYiOiI1MzUzNzY5MjUzIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvc3Bva2VzbWFuZGVza3RvcF9ob21lcGFnZV8xXzcyOHg5MCIsInNpemUiOiI3Mjh4OTAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Europe%2FRome&tzoff=-60&lang=it-IT&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=f6c9fcde-b695-432d-b288-a3149d1b9b7a&pid=5e5121c7-c738-445e-a2e3-6095f9fdd77a&dtm=1733872355883&qnm=_matherq&visible=1&tabid=ac062c78-74e5-4061-89e9-7135d873891c&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9960&tofa=1733872354&vid=1&lvidt=1733872354&duid=73247b06-f214-412e-bef6-9a26ca227eeb&fp=1909642807&cid=ma20153&mrk=575681700
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-37.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 10 Dec 2024 23:12:36 GMT
Content-Type: image/gif
Connection: keep-alive

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 119ms
116ms Image
image/gif 54.173.215.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMzI1Mzc4MDcxNyIsImVhZHYiOiI1MzUzNzY5MjUzIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvc3Bva2VzbWFuZGVza3RvcF9ob21lcGFnZV8yXzcyOHg5MCIsInNpemUiOiI3Mjh4OTAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Europe%2FRome&tzoff=-60&lang=it-IT&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=5ea4fa10-5349-4362-a050-66917196db4e&pid=5e5121c7-c738-445e-a2e3-6095f9fdd77a&dtm=1733872355884&qnm=_matherq&visible=1&tabid=ac062c78-74e5-4061-89e9-7135d873891c&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9960&tofa=1733872354&vid=1&lvidt=1733872354&duid=73247b06-f214-412e-bef6-9a26ca227eeb&fp=1909642807&cid=ma20153&mrk=575681700
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-37.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 10 Dec 2024 23:12:36 GMT
Content-Type: image/gif
Connection: keep-alive

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 132ms
132ms Image
image/gif 54.173.215.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMzI1Mzc4MDcxNyIsImVhZHYiOiI1MzUzNzY5MjUzIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvc3Bva2VzbWFuZGVza3RvcF9ob21lcGFnZV8zXzcyOHg5MCIsInNpemUiOiI3Mjh4OTAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Europe%2FRome&tzoff=-60&lang=it-IT&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=cdc4405b-116c-46f8-82b3-b8a2a0fbca0d&pid=5e5121c7-c738-445e-a2e3-6095f9fdd77a&dtm=1733872355893&qnm=_matherq&visible=1&tabid=ac062c78-74e5-4061-89e9-7135d873891c&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9960&tofa=1733872354&vid=1&lvidt=1733872354&duid=73247b06-f214-412e-bef6-9a26ca227eeb&fp=1909642807&cid=ma20153&mrk=575681700
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-37.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 10 Dec 2024 23:12:36 GMT
Content-Type: image/gif
Connection: keep-alive

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 123ms
122ms Image
image/gif 54.173.215.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMzI1Mzc4MDcxNyIsImVhZHYiOiI1MzUzNzY5MjUzIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvc3Bva2VzbWFuX2hvbWVwYWdlXzcyOHg5MCIsInNpemUiOiI3Mjh4OTAiLCJyZW5kZXJlZCI6IjEifQ&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Europe%2FRome&tzoff=-60&lang=it-IT&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=7f4da298-4234-4436-a30c-d78fcd30609d&pid=5e5121c7-c738-445e-a2e3-6095f9fdd77a&dtm=1733872355893&qnm=_matherq&visible=1&tabid=ac062c78-74e5-4061-89e9-7135d873891c&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=1600x9960&tofa=1733872354&vid=1&lvidt=1733872354&duid=73247b06-f214-412e-bef6-9a26ca227eeb&fp=1909642807&cid=ma20153&mrk=575681700
Requested by: Host: www.spokesman.com
URL: https://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-37.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 10 Dec 2024 23:12:36 GMT
Content-Type: image/gif
Connection: keep-alive

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 643 B
938 B 480ms
271ms XHR
application/json 104.26.5.15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1733872357073
Requested by: Host: cdn.mbmgivexdvpajr.com
URL: https://cdn.mbmgivexdvpajr.com/prod/spokesman/fp.min.js?20241111
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.5.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c5caa4e0da4a1def24f497d668ee79ea1c3ef00050d089b6f337a0e783be4e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=1800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LPEgpd%2BJR75o5QjLdkEkGJWwO%2FMV%2B7BaT6z1AJ9oscNGsADtlcqlKfKVDOTW0sJrxWcmBEhW4DTjTchMpIr4K6XqgFgMXnLIf7eFhFhB4RVkbWCLusTWAh5psuJ9iktrculb"}],"group":"cf-nel","max_age":604800}
cf-ray: 8f00ebb93df8974d-FRA
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=26195&min_rtt=25742&rtt_var=6091&sent=7&recv=9&lost=0&retrans=0&sent_bytes=4005&recv_bytes=2259&delivery_rate=140218&cwnd=252&unsent_bytes=0&cid=1f386d8aee7c5f31&ts=336&x=0"
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/json
last-modified: Tue, 10 Dec 2024 23:12:37 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 468ms
47ms XHR
application/json 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f2.1e100.net

Software

cafe /

Resource Hash

85b88c01c459f4bda559a17612d648dc08f5cc5aba857631d0c28063fe00db20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13015
date: Tue, 10 Dec 2024 23:12:37 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET atrk.js
d31qbv1cthcecs.cloudfront.net/ 0
0

GET aam.js
aamcftag.aamsitecertifier.com/ 0
0

GET
H2 200 load_tags.js Show response
pymx5.com/scripts/ 9 KB
9 KB 239ms
48ms Script
application/javascript 35.227.203.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pymx5.com/scripts/load_tags.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.203.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.203.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Type
x-goog-hash: crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
etag: "f6b06694767e707999eecbe9538b403a"
age: 3019
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 8946
date: Tue, 10 Dec 2024 22:22:18 GMT
last-modified: Fri, 15 Jul 2022 06:19:11 GMT
content-type: application/javascript
x-guploader-uploadid: AFiumC7GrC1D4J9-OGuwX599OoNZ1PoXvnuMPaqNmV1zZS5-qhhHQaKdY88sP65zvSzO-lNDy9YHnAA
cache-control: public,max-age=3600
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1657865951655064
content-length: 8946
server: UploadServer

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
63 KB 482ms
55ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.spokesman.com
URL: https://www.spokesman.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-sMSdZVxO' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-sMSdZVxO' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=13, mss=1288, tbw=2999, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: Q1Wdmh7PupvkKv+k2c0x0DR2XlY0AYazjugwwBynBtvtiwbN2rgkIY5JDTMqkyayKV9udHubb82p8MlQBX9KKg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62212
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 collect
www.google-analytics.com/ 35 B
345 B 42ms
41ms Image
image/gif 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=416925448&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.spokesman.com%2F&ul=it-it&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=10%25&_u=aCDAiEABBAAAAGACIAC~&jid=&gjid=&cid=1298053471.1733872354&tid=UA-230256-14&_gid=1338740073.1733872354&gtm=45He4c90n715P9SH6v71896582za200&cd7=Homepage&cd9=homepage&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485&z=629081339

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age: 48868
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 09:38:09 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H2 200 favicon.09caecb42e62.ico
static.spokesman.com/sites/spokesman/img/favicons/ 15 KB
15 KB 50ms
50ms Other
image/vnd.microsoft.icon 18.173.205.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.spokesman.com/sites/spokesman/img/favicons/favicon.09caecb42e62.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.205.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-205-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c78493afeeaa3ff629bf1327b46b6432e8e3bb1c8e05f7c890cb486fca7d5538

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=31536000,public
etag: "09caecb42e620f10cd466b59cca951de"
age: 4143677
via: 1.1 8c1c3a8ed856f5c19ce3b4158bff94a8.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 15086
x-amz-cf-id: QMZJZ8FD0VeaYPyVSihQ4TKIuA-uGSfnM5fpyIBPsetP1n--MBKD3A==
date: Thu, 24 Oct 2024 00:11:21 GMT
content-type: image/vnd.microsoft.icon
last-modified: Mon, 21 Oct 2024 23:52:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
x-amz-server-side-encryption: AES256

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ 0
123 B 52ms
51ms Fetch 52.59.238.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.59.238.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-238-109.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://www.spokesman.com
access-control-allow-credentials: true

POST
H2 204 request Show response
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 0
496 B 56ms
56ms Fetch 178.250.1.4
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.4.1&cb=8419350186&lsavail=1&networkId=12005

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.4 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://www.spokesman.com
date: Tue, 10 Dec 2024 23:12:36 GMT
vary: Origin
server: Kestrel

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 83 B
482 B 168ms
168ms Fetch
application/json 34.247.103.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.247.103.188 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-103-188.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 01f52b334e31893f06e5a886701332da0a9092991e8d109d53cb4bef81d5f0ab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 87
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.spokesman.com
content-length: 108
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/json
server: istio-envoy
x-reason: blocked by Human IVT
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 995 B
719 B 136ms
135ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU57RW71
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: e88fa924cad40ce7c0bc60f1b0b88f0e65d9e2cb447e9380f129c4b67ec0fd73

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time: 64
access-control-allow-credentials: true
via: 1.1 google
expires: Tue, 10 Dec 2024 23:12:37 GMT
access-control-allow-origin: https://www.spokesman.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/json;charset=utf-8
server: envoy

POST
H2 200 v1 Show response
prg.smartadserver.com/prebid/ 0
241 B 58ms
57ms Fetch
application/json 81.17.55.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.17.55.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: no-cache,no-store
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.spokesman.com
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/json; charset=UTF-8
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 139 B
831 B 61ms
60ms Fetch
application/json 185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e4768f70ea92ca1943a93f71c36a65068f90bbdc795156c23e322acb6bf70c4d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.198.62.232; 185.198.62.232; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://www.spokesman.com
an-x-request-uuid: 29ea822a-4b0d-42b2-99d8-4078eaf8e828
content-length: 139
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 10 Dec 2024 23:12:37 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 180 B
254 B 80ms
79ms Fetch
application/json 185.255.84.150
IGUANE-FR Iguane ...

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.spokesman.com%2F&PageUrl=https%3A%2F%2Fwww.spokesman.com%2F&PageReferrer=https%3A%2F%2Fwww.spokesman.com%2F

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-FR Iguane Solutions SAS, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

180f77d77b22cb605b196ec8a84d0ee9e6d0eaabe11fd4d6e7905705c0f5c08f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 27
access-control-allow-credentials: true
access-control-allow-methods: OPTIONS, POST
x-content-type-options: nosniff
expires: 0
access-control-allow-origin: https://www.spokesman.com
content-length: 180
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: ayl-lb-fra02
access-control-allow-headers: Accept-Encoding, Content-Type

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
44 B 113ms
111ms Fetch 163.5.194.36
SECUREDSERVERS-EU...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 163.5.194.36 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: max-age=0, private, must-revalidate
access-control-allow-origin: https://www.spokesman.com
date: Tue, 10 Dec 2024 23:12:37 GMT
x-envoy-upstream-service-time: 57
vary: origin, accept-encoding, Accept-Encoding
server: envoy
access-control-allow-credentials: true

POST
H2 200 adreq Show response
ads.servenobid.com/ 616 B
710 B 74ms
73ms Fetch
application/json 143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.servenobid.com/adreq?cb=4925

Requested by

Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

8cc754aacdee74f05b21a28d08874f29c0406aeb5bfc9b67e37bdf4b8cc2e3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: https://www.spokesman.com
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/json
vary: accept-encoding

POST
H2 200 25 Show response
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 214 B
466 B 63ms
62ms Fetch
application/json 63.215.202.146
VCLK-EU-SE Conver...

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by: Host: prod.adspsp.com
URL: https://prod.adspsp.com/adb.4364783.pb.js?c=Cxfc9b472:m2joy4sv:16
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.215.202.146 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE Conversant LLC, US),
Reverse DNS: ams01-convex-float1.dotomi.com
Software: nginx /
Resource Hash: b5a158962e5f0e384d70e6e109389c04a89fba090d8f960360d187cb1aa92130

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer

Response headers

cache-control: no-cache
pragma: no-cache
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://www.spokesman.com
content-length: 214
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/json
server: nginx

GET
H2 200 load_optional_tags Show response
api.pymx5.com/v1/sites/ 0
749 B 359ms
161ms Script
text/html 34.96.74.203
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pymx5.com/v1/sites/load_optional_tags

Requested by

Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.74.203 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

203.74.96.34.bc.googleusercontent.com

Software

nginx/1.13.7 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

allow: GET, HEAD, OPTIONS
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: text/html; charset=utf-8
server: nginx/1.13.7
x-frame-options: SAMEORIGIN

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
6 KB 353ms
353ms Fetch
text/plain 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4242519121166838&correlator=25559904237726&eid=83321072&output=ldjh&gdfp_req=1&vrg=202412030101&ptt=17&impl=fifs&iu_parts=1009641%2Cspokesmandesktop_homepage_anchor_729x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D4a63009b981712d1%3AT%3D1733872355%3ART%3D1733872355%3AS%3DALNI_MZVTdBbZictBT9To_gKMzVzIAbRPA&gpic=UID%3D00000f6adb050a41%3AT%3D1733872355%3ART%3D1733872355%3AS%3DALNI_MahHZ9_kagmJw8EEt5lSbPcha6psA&abxe=1&dt=1733872357413&lmt=1733872357&adxs=436&adys=2110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=8&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.spokesman.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733872352255&idt=1440&prev_scp=pos%3Dsticky_footer%26adb_imp%3DS88.8%2C1%26adb_bdr%3Dnone&cust_params=tags%3D%26section%3DHomepage%26category%3D%26adb_pvd%3Dt5a&adks=1559385166&frm=20&eo_id_str=ID%3D480427b8776c89ee%3AT%3D1733872355%3ART%3D1733872355%3AS%3DAA-AfjZbxvBHbs2OpjKWXfkqBEa_&td=1&egid=58150&tan=8744371d-5e68-4729-858b-04885b849a33&tdf=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ffc831ca338cfc02c6fa2ea36272bf2f60c307c777f94335be4f3eed19956a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: dcb
google-lineitem-id: -1
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: -1
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.spokesman.com
content-length: 6413
x-xss-protection: 0
server: cafe

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 468ms
50ms Script
text/javascript 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 10 Dec 2024 23:12:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 23:12:38 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
91 KB 60ms
60ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WQTQTTW&l=MG2DL

Requested by

Host: cdn.dmepyodjotcuks.com
URL: https://cdn.dmepyodjotcuks.com/prod/spokesman/g2i.min.js?20241111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2453e1931149531f3378545a752d84d07aca49fe639d36733d738aaece8a38a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 10 Dec 2024 23:12:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 10 Dec 2024 21:45:58 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92804
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 index.js Show response
cdn.pranmcpkx.com/ 7 KB
3 KB 487ms
34ms Script
text/javascript 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pranmcpkx.com/index.js
Requested by: Host: cdn.vmzqqmlpwwmazjnio.com
URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/spokesman/t8y9347t.min.js?20241111
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C0B) /
Resource Hash: 6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5: nynBpfvYghYqzIzsvfssRw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DA5083F65AD9E0
age: 471429
x-ms-version: 2009-09-19
x-cache: HIT
date: Tue, 10 Dec 2024 23:12:38 GMT
content-type: text/javascript
last-modified: Fri, 17 Jun 2022 17:08:13 GMT
vary: Accept-Encoding
x-ms-request-id: 06d91b14-101e-0084-560f-4785bf000000
access-control-allow-origin: *
content-length: 2382
x-ms-blob-type: BlockBlob
server: ECAcc (mil/6C0B)

GET
H2 200 SR__SPOKESMAN.json Show response
cdn.vmzqqmlpwwmazjnio.com/prod/data/spokesman/ 1 MB
77 KB 406ms
405ms Fetch
application/json 152.199.21.175
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/data/spokesman/SR__SPOKESMAN.json?_=1733872357600
Requested by: Host: cdn.vmzqqmlpwwmazjnio.com
URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/spokesman/t8y9347t.min.js?20241111
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.175 , Germany, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: cbcb2bb9a8a401c9fbec5e448549b80629f9ea7272b4504fa441c3898df6b015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-ms-blob-committed-block-count: 1
cache-control: no-cache
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-lease-status: unlocked
etag: 0x8DD0E3A1450BCBE
x-ms-version: 2009-09-19
x-ms-request-id: b4b595d6-401e-000f-3559-4b81d2000000
access-control-allow-origin: *
content-length: 78283
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/json
last-modified: Tue, 26 Nov 2024 16:47:56 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: AppendBlob

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 457ms
137ms Image
image/jpeg 3.5.27.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.27.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-amz-meta-s3b-last-modified: 20191015T134358Z
ETag: "ef2cc7f55b7ab677b023e36033e26471"
x-amz-request-id: ZYT67HM9PHZ18CND
Accept-Ranges: bytes
Content-Length: 631
Date: Tue, 10 Dec 2024 23:12:38 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Content-Type: image/jpeg
Server: AmazonS3
x-amz-id-2: SNlZrwEQGYtGHt/FLl529GIzAsSheHXmxJhROP/PMcMDxcCf3cl6X0VHMitH8S599v9wD3ccPVAXdOgZd0GhlQfnfJ1pT/TSew7rBiQ6ASw=

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 2 B
781 B 52ms
51ms Fetch
application/json 91.134.35.216
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=6814
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.134.35.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy05.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.spokesman.com
content-length: 2
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2 200 260139058256176 Show response
connect.facebook.net/signals/config/ 78 KB
16 KB 121ms
120ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/260139058256176?v=2.9.178&r=stable&domain=www.spokesman.com&hme=28abfdc7e582ae2a8fdd6ac5ebb406923cf601dc2ee488049b0628e75e0f6b36&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

9f09c9a36884525865d012b229cd6fdfe38a1f04d9eff430833fd1040ff8ef61

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-5arY8lQX' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-5arY8lQX' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=69, mss=1288, tbw=67910, tp=-1, tpl=-1, uplat=74, ullat=0
pragma: public
x-fb-debug: obTpC/Z6wP3Q4tjPGZgGcd8amCe4FX5oeKStpUbyQ8DwZtth9YvzIBUYpftErHLFLnVrx8+dY3PvU7yeWe1O5Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ Frame 0
0 551ms
62ms Preflight 20.50.88.245
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://www.spokesman.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context,X-Set-Cross-Origin-Resource-Policy
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Tue, 10 Dec 2024 23:12:37 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 189 B
293 B 63ms
62ms XHR
application/json 20.50.88.245
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

a0b5013409a4dd0a10edb90daa4c92c08dd5277ece8ef414ea7288352bad7bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Sdk-Context: appId

Response headers

strict-transport-security: max-age=31536000
access-control-allow-origin: *
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
x-content-type-options: nosniff

GET
H2 200 container.html
c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A62B 0
0 0ms
0ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 23:12:35 GMT
expires: Tue, 10 Dec 2024 23:12:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 115ms
115ms Image
image/gif 54.173.215.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjpudWxsLCJlYnV5IjoiMzI1Mzc4MDcxNyIsImVhZHYiOiI1MzUzNzY5MjUzIiwiZWNpZCI6bnVsbCwiZWVudiI6ImoiLCJlcGlkIjoiLzEwMDk2NDEvc3Bva2VzbWFuZGVza3RvcF9ob21lcGFnZV9hbmNob3JfNzI5eDkwIiwic2l6ZSI6IjcyOHg5MCIsInJlbmRlcmVkIjoiMSJ9&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Europe%2FRome&tzoff=-60&lang=it-IT&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&tid=3d56f601-67d2-452f-9e1e-61e8793148ff&pid=5e5121c7-c738-445e-a2e3-6095f9fdd77a&dtm=1733872357781&qnm=_matherq&visible=1&tabid=ac062c78-74e5-4061-89e9-7135d873891c&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=4000x10147&tofa=1733872354&vid=1&lvidt=1733872354&duid=73247b06-f214-412e-bef6-9a26ca227eeb&fp=1909642807&cid=ma20153&mrk=575681700
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-37.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 10 Dec 2024 23:12:37 GMT
Content-Type: image/gif
Connection: keep-alive

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 470ms
53ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=260139058256176&ev=PageView&dl=https%3A%2F%2Fwww.spokesman.com%2F&rl=&if=false&ts=1733872357789&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=12318&fbp=fb.1.1733872357788.738050885843678217&cs_est=true&ler=empty&cdl=API_unavailable&it=1733872357641&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1288, tbw=3004, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 10 Dec 2024 23:12:38 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 652ms
234ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=260139058256176&ev=PageView&dl=https%3A%2F%2Fwww.spokesman.com%2F&rl=&if=false&ts=1733872357789&sw=1600&sh=1200&v=2.9.178&r=stable&ec=0&o=12318&fbp=fb.1.1733872357788.738050885843678217&cs_est=true&ler=empty&cdl=API_unavailable&it=1733872357641&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7446925074222751686"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 10 Dec 2024 23:12:38 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: BhWCV5cGWeNApj7OYiLuSeanIDoFBcX8yfzuRHUvjo3pr5PN6mxGN0rUJORKEfEI9QJwVkji3zTLVgzqSpE6VA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7446925074222751686", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1288, tbw=3322, tp=-1, tpl=-1, uplat=192, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 204
No Content /
adspsp.com/pt/4364783/23/1/ 0
110 B 200ms
200ms Image
image/png 44.236.165.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/4364783/23/1/?a=2,a2m4j2tyhbGbwiz8EbNI,207vOOfUXX&aa=a1,000GumhX.u1:1---&a2=T1.m.0.2.a.a&a3=0,37i,0,1,1,1,1,1,8,8,8,8,1,0,0,0,0,0,0,0,0&b=I1,1H,1,2,:g3,4:,:s5:1h,1,1,6,,6,:c0,:D,,,5,1XA,7,2gW,0::&b=I8,1N,1,9,:g3,a:,:sb,c,5:8J,1,q,6,:s5,c:6,:c1,:D,1C,,1,,d,3B,0::&b=Ie,1P,1,f,:g3,g:,:s5:1h,1,1,6,,6,:c1,:D,,,5,1ik,h,1BG,12::&b=Ii,1P,1,j,:g3,k:,:s5:1h,1,1,6,,6,:c2,:D,,,5,1v5,h,1Or,12::&b=Il,1P,1,m,:g3,n:,:s5:1h,1,1,6,,6,:c2,:D,,,5,Uw,h,1dS,12::&b=Io,1K,1,p,:g3,q:,:sr,s:1j,1,3,6,:ss,r:6,:c3,:D,1C,,1,,s,5u,jG::&b=It,1J,1,u,:g3,v:,:sr:1k,1,5,6,,6,:cI,:D,,,5,8F,r,s1,iu::&b=Iw,1q,1,x,:g3,y:,:s5:1n,2,8,6,,6,:r78,:D,,,5,g8,z,zu,cU::,:S8P,:R3,5Z,5:,:Rb,6a,g:,:Rl,bU,1S:,:Rq,wB,6:,:Rd,Dz,x:,:Ru,QS,2Z:,:Rz,R3,2P:,:Rp,WZ,2T:,:Ro,1rf,2W:,:RJ,1NL,3e:,:D,,,5,g8,z,zu,cU:,:H,,,0::,:CbN,:b,:R3,5Z,5:0,,12,,0:,:b,:Rb,6a,g:0,,14,,0:,:b,:Rl,bU,1S:0,,2f,,0:,:b,:Rq,wB,6:0,,X,,0:,:b,:Rd,Dz,x:0,,S,,0:,:b,:Ru,QS,2Z:0,,1l,,0:,:b,:Rz,R3,2P:0,,X,,0:,:b,:Rp,WZ,2T:0,,1f,,0:,:b,:Ro,1rf,2W:0,,1Q,,0:,:b,:RJ,1NL,3e:0,,,,0:,:D,,,5,eG,5,y2,72:,:H,,,0::,:qbN,8,9,:D,,,5,eG,5,y2,72::,:QhT,8,9,5,H,I,,,J,K,:D,,,5,eG,5,y2,72::&b=GbN,2,:KA,:k:B,:kC:D,:kE::,:Lw:&b=KF,:kG:&bi=Uqq075YOAGSa7,adbridg_ad_adbdtlbtop_1,1009641,spokesman_homepage_728x90,728x90,0.05,1600x90,Upo015YOAGSa2,adbridg_ad_adbdtsponsorshiplg_1,SpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100,1280x100,970x90,1600x101,Uv6055YOAGSa5,adbridg_ad_adbdtlb_2,spokesmandesktop_homepage_2_728x90,1088x90,Urs065YOAGSa6,adbridg_ad_adbdtlb_3,spokesmandesktop_homepage_3_728x90,Upg045YOAGSa4,adbridg_ad_adbdtlb_1,spokesmandesktop_homepage_1_728x90,U5d025YOAGSa1,adbridg_ad_adbdtsiderailtop_1,spokesman_homepage_top_300x250,300x250,300x600,Uic035YOAGSa3,adbridg_ad_adbdtsiderailmid_1,spokesmandesktop_homepage_dashboard_300x250,Uff085YOAJSa8,adb-dt-anchor-slot,spokesmandesktop_homepage_anchor_729x90,0x0,tags,section,Homepage,adb_pvd,t5a,pos,sticky_footer,5QjRWZ,3ycx09,2r8VLS6,6Y2zL5&bt=uwB9I0j&c=https%3A%2F%2Fwww.spokesman.com%2F&d=&f=1.m4j2tu1z.2T4f2.3T70c&g=3T7ml&u=Cxfc9b472:m2joy4sv:16&v=18g.xc.0.7wc.1.0&adbj=aov4m4j2tydgben&mp=0.9&adb_cm=t5a&txx=Txx4&rnd=1733872357892
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.165.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-165-148.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 0
Content-Type: image/png
Server: linux
Connection: keep-alive

POST
H2 200 ingest.php Show response
events.newsroom.bi/ 2 B
781 B 53ms
51ms Fetch
application/json 91.134.35.216
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://events.newsroom.bi/ingest.php
Requested by: Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=6814
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 91.134.35.216 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: haproxy05.cl13.ovh.mrf.io
Software: istio-envoy /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer

Response headers

access-control-expose-headers: Content-Length,Content-Range
cache-control: private,no-store
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.spokesman.com
content-length: 2
date: Tue, 10 Dec 2024 23:12:38 GMT
content-type: application/json
server: istio-envoy
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET

sync
ads.servenobid.com/
Redirect Chain

https://ads.servenobid.com/getsync?redirect=chrome%3A%2F%2Fversion%2F
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D1%2526redirect%253Dchrome%2...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID%2526redirect%253Dhttps%25253A%25252F%25252Fads.servenobid.com%25252Fgets...
https://ads.servenobid.com/sync?pid=312&uid=5838192549754625660&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D1%26redirect%3Dchrome%253A%252F%252Fversion%252F
https://ads.servenobid.com/getsync?jp=1&redirect=chrome%3A%2F%2Fversion%2F
https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253...
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsy...
https://ad.turn.com/r/cs?pid=45&id=RX-b38af3c5-7b66-4a7f-a65f-069eb8c488bf-003&rndcb=5440523030
https://sync.1rx.io/usersync/turn/3161815625539214200?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-b38af3c5-7b66-4a7f-a65f-069eb8c488bf-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-b38af3c5-7b66-4a7f-a65f-069eb8c488bf-00...
https://ads.servenobid.com/sync?pid=321&uid=RX-b38af3c5-7b66-4a7f-a65f-069eb8c488bf-003&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D2%26redirect%3Dchrome%253A%252F%252Fversion%252F
https://ads.servenobid.com/getsync?jp=2&redirect=chrome%3A%2F%2Fversion%2F
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%5Bssb_sync_pid%5D%26redire...
https://ads.servenobid.com/sync?pid=317&uid=4985336732052262992&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D3%26redirect%3Dchrome%253A%252F%252Fversion%252F
https://ads.servenobid.com/getsync?jp=3&redirect=chrome%3A%2F%2Fversion%2F
https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%...
https://ads.servenobid.com/sync?pid=353&uid=3768739607719256000V10&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D4%26redirect%3Dchrome%253A%252F%252Fversion%252F
https://ads.servenobid.com/getsync?jp=4&redirect=chrome%3A%2F%2Fversion%2F
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%25...
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D%26redirect%3Dhttps%253A%252...
https://ads.servenobid.com/sync?pid=310&uid=Jz4QARZHcLBiCeI9RoOgDWQJ&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dchrome%253A%252F%252Fversion%252F

0
0

GET
H2 200 sync
x.bidswitch.net/ 43 B
183 B 295ms
48ms Image
image/gif 35.214.136.108
GOOGLE-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=&gdpr_pd=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2, US),
Reverse DNS: 108.136.214.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Tue, 10 Dec 2024 23:12:38 GMT
content-type: image/gif

GET
H2 204 redirectuser
ssp.disqus.com/ 0
76 B 400ms
114ms Image
text/plain 34.225.153.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.153.120 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-153-120.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

expires: 0
cache-control: no-store
date: Tue, 10 Dec 2024 23:12:38 GMT
pragma: no-cache

GET
H2 200 cm
us-u.openx.net/w/1.0/ 43 B
295 B 241ms
65ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcs.media.net%2Fcksync.html%3Fcs%3D8%26type%3Dopx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control: private, max-age=0, no-cache
content-encoding: gzip
pragma: no-cache
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 56
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: image/gif
vary: Accept, Accept-Encoding
server: OXGW/0.0.0

GET
H/1.1 200
OK cksync.php
cs.media.net/ 57 B
423 B 256ms
92ms Image
image/gif 23.32.100.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.100.25 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-100-25.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control: max-age=0, no-cache, no-store
Timing-Allow-Origin: *
Pragma: no-cache
Connection: keep-alive
Expires: Tue, 10 Dec 2024 23:12:38 GMT
x-mnet-hl2: E
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Length: 57
Date: Tue, 10 Dec 2024 23:12:38 GMT
Content-Type: image/gif
Server: Apache

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ 0
239 B 293ms
42ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=24298
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
Pragma: no-cache
Content-Type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ 43 B
363 B 258ms
49ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&gdpr=1&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 736372
expires: Tue, 10 Dec 2024 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Tue, 10 Dec 2024 23:12:38 GMT
content-type: image/gif
server: Kestrel

GET
H2

200

sync
ads.servenobid.com/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=&gdpr=0

0
298 B

56ms
56ms

Image
image/avif

143.244.197.139
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.servenobid.com/sync?pid=327&uid=&gdpr=0

Protocol

Server

143.244.197.139 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: *
content-length: 0
date: Tue, 10 Dec 2024 23:12:38 GMT
content-type: image/avif;charset=ISO-8859-1

Redirect headers

cache-control: max-age=0, private, must-revalidate
location: https://ads.servenobid.com/sync?pid=327&uid=&gdpr=0
content-length: 0
date: Tue, 10 Dec 2024 23:12:37 GMT
x-envoy-upstream-service-time: 0
vary: accept-encoding
server: envoy

GET
H2 204 pixel
ap.lijit.com/ 0
193 B 308ms
67ms Image
text/plain 52.31.168.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.31.168.245 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-168-245.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-origin: *
date: Tue, 10 Dec 2024 23:12:38 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2

200

usersync.aspx
dis.criteo.com/dis/
Redirect Chain

https://ssp-sync.criteo.com/user-sync/redirect?profile=207&gpp=
https://dis.criteo.com/dis/usersync.aspx?r=73&p=207&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFal...

43 B
362 B

49ms
49ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=73&p=207&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFalse%26ccpa%3d%26gpp%3d%26gpp_sid%3d%26profile%3d207%26redir%3d&gdpr=&gdpr_consent=&gpp=&gpp_sid=

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache
pragma: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 246312
expires: Tue, 10 Dec 2024 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date: Tue, 10 Dec 2024 23:12:37 GMT
content-type: image/gif
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store,max-age=0
location: https://dis.criteo.com/dis/usersync.aspx?r=73&p=207&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFalse%26ccpa%3d%26gpp%3d%26gpp_sid%3d%26profile%3d207%26redir%3d&gdpr=&gdpr_consent=&gpp=&gpp_sid=
content-length: 0
date: Tue, 10 Dec 2024 23:12:38 GMT
server: Kestrel
cross-origin-resource-policy: cross-origin

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 58A8 0
0 483ms
57ms Document
text/html 216.58.206.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1731
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 22:43:47 GMT
expires: Tue, 10 Dec 2024 23:33:47 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe
www.google.com/recaptcha/api2/ Frame 6EC0 0
0 49ms
48ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ks98WJyvwMe_F9QHjZHLRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ks98WJyvwMe_F9QHjZHLRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 10 Dec 2024 23:12:38 GMT
expires: Tue, 10 Dec 2024 23:12:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

GET
H/1.1 200
OK views Show response
prod-spokesman-proxy-connext.azurewebsites.net/api/ 90 B
1 KB 261ms
260ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-spokesman-proxy-connext.azurewebsites.net/api/views?UserId=0d2e736365bda3f16466b5a0fe226535&ConfigCode=SPOKESMAN&SiteCode=SR
Requested by: Host: cdn.vmzqqmlpwwmazjnio.com
URL: https://cdn.vmzqqmlpwwmazjnio.com/prod/spokesman/t8y9347t.min.js?20241111
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9

Request headers

authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE4MDU4NzIzNTd9.UkXTVUrfKgjiH-k29qnIkrQO-XR8DgK--2XqdRmXxLQ
location: System
Referer
config-code: SPOKESMAN
site-code: SR
autoqa: false
settingskey: null
access-control-allow-origin: *
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
content-type: application/json
environment: prod
version: Version: 2.8.6.1
source-system: Plugin
ssid: ab7ccdf217a307541baaf251d1eaede4

Response headers

Access-Control-Expose-Headers: X-Server-Time,Request-Context
Content-Encoding: gzip
Expires: -1
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000, 00000000-0000-0000-0000-000000000000
Date: Tue, 10 Dec 2024 23:12:40 GMT
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Cache-Control: no-cache
X-AspNet-Version: 4.0.30319
Pragma: no-cache
Request-Context: appId=cid-v1:94ae5057-927d-4045-bf63-1b3776adbf9e
Access-Control-Allow-Origin: *
Content-Length: 193
X-Server-Time: 12/10/2024 11:12:41 PM
X-Powered-By: ASP.NET, ASP.NET
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0

OPTIONS
H/1.1 200
OK views
prod-spokesman-proxy-connext.azurewebsites.net/api/ Frame 0
0 651ms
146ms Preflight 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-spokesman-proxy-connext.azurewebsites.net/api/views?UserId=0d2e736365bda3f16466b5a0fe226535&ConfigCode=SPOKESMAN&SiteCode=SR
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method: GET
Origin: https://www.spokesman.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin: *
Content-Length: 0
Date: Tue, 10 Dec 2024 23:12:40 GMT
X-Powered-By: ASP.NET
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000

POST
H2 204 collect
analytics.google.com/g/ 0
0 57ms
55ms Fetch
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-G3BY0LGVDL&gtm=45je4c90v869949972za200zb71896582&_p=1733872352931&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485&cid=1298053471.1733872354&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sid=1733872353&sct=1&seg=0&dl=https%3A%2F%2Fwww.spokesman.com%2F&_s=2&tfd=12811
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G3BY0LGVDL&l=dataLayer&cx=c&gtm=45He4c90v71896582za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.spokesman.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 10 Dec 2024 23:12:40 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 204
No Content /
adspsp.com/pt/4364783/23/1/ 0
110 B 201ms
201ms Image
image/png 44.236.165.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adspsp.com/pt/4364783/23/1/?a=2,a2m4j2tyhbGbwiz8EbNI,207vOOfUXX&aa=a1,000GumhX.u1:1---&a2=T1.m.0.2.a.a&a3=0,74r,0,1,1,1,1,1,8,8,8,8,1,0,0,0,0,0,0,0,0&b=I1,1q,1,2,:g3,4:,:s5:1n,2,8,6,,6,:c0,:D,16,,4,,5,im,72::,:Vgb,:D,1C,,1,,5,hU,72::&bi=Uff085YOAJSa8,adb-dt-anchor-slot,1009641,spokesmandesktop_homepage_anchor_729x90,728x90,0.05&bt=uwB9Ilb&c=https%3A%2F%2Fwww.spokesman.com%2F&d=&f=1.m4j2tu1z.2T4f2.3T70c&g=3Tbju&u=Cxfc9b472:m2joy4sv:16&v=18g.xc.0.7wc.1.0&adbj=aov4m4j2tydgben&mp=1.3&adb_cm=t5a&txx=Txx5&rnd=1733872362977
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.165.148 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-165-148.us-west-2.compute.amazonaws.com
Software: linux /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 0
Content-Type: image/png
Server: linux
Connection: keep-alive

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 121ms
120ms Image
image/gif 54.173.215.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.155&tna=Mather&aid=v1&p=web&tz=Europe%2FRome&tzoff=-60&lang=it-IT&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=20&f_privb=0&tid=3d7c4984-7faa-49a5-a90b-43c0d5640aea&pid=5e5121c7-c738-445e-a2e3-6095f9fdd77a&dtm=1733872364127&qnm=_matherq&visible=1&tabid=ac062c78-74e5-4061-89e9-7135d873891c&url=https%3A%2F%2Fwww.spokesman.com%2F&vp=1600x1200&ds=4000x10236&tofa=1733872354&vid=1&lvidt=1733872354&duid=73247b06-f214-412e-bef6-9a26ca227eeb&fp=1909642807&cid=ma20153&mrk=575681700&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTczMzg3MjM0ODAwNyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI1NC45MTUyOTJtYiIsImhlYXBUIjoiODAuMjMwMzI4bWIiLCJmc3RQYWludCI6IjQ5NzciLCJmZXRjaFMiOiIzNzEyIiwiZG9tYWluUyI6IjM3MTIiLCJkb21haW5FIjoiMzc1NCIsImNvbm5TIjoiMzc1NCIsImNvbm5FIjoiNDE2MyIsInNzbFMiOiI0MDYxIiwicmVxdVMiOiI0MTYzIiwicmVzcFMiOiI0MjQyIiwicmVzcEUiOiI0MjY5IiwiZG9tTG9hZCI6IjQyNDgiLCJkb21JbnRlciI6IjQ5NTkiLCJkb21Mb2FkUyI6IjU1OTciLCJkb21Mb2FkRSI6IjU1OTciLCJkb21DbXBsdCI6IjkwODQiLCJsb2FkUyI6IjkwODQiLCJsb2FkRSI6IjkwODQifX0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.173.215.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-215-37.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 10 Dec 2024 23:12:44 GMT
Content-Type: image/gif
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d31qbv1cthcecs.cloudfront.net
URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js

Domain: aamcftag.aamsitecertifier.com
URL: https://aamcftag.aamsitecertifier.com/aam.js

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=310&uid=Jz4QARZHcLBiCeI9RoOgDWQJ&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dchrome%253A%252F%252Fversion%252F

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412030101&jk=4242519121166838&bg=!BgWlBUrNAAbFeMsx5Xg7ADQBe5WfOG131YUeHZuyiGQmr4_QruZbCOURqI2cRFJxq7YDSupLP_kPfpEqoOwBB9Zx93ZoAgAAACJSAAAAAWgBB34ANhahKGDwMLayQk9-KCHMizrmBmAT8pObmIMT3EIvMCHNFP3KJVVun-iKSEispvDDKjHYncK_UQoAlBCBRVfI0z3HY0zFONDRxFyfidFFMcpcantreA8JMRZkvSdBjwp6JeKht9ddDsF4buf5Bd5YklEUtotAGFCyzneECAnEbGFuqR2EHeTffCIkhGeKjDzCufpC-A5sCVreD7kJ6br8VIsVKNudUUcKXPpR8bab5zC_8aKrnb7kKHycYB9CRf6BfXreiJHzDAXRqOIiQLyZAqugjNNbbC3XvoNrXsWOsV3p4TWhLCUhYheiceaIz0T_eoh-_C4cH9rfTuSsb5-Ar6QTNlnR3ClfjiMehhIaTimMJSAU7tPowJcaisfgJEn7wVefD1BwZmyZxB6l2doRJFhjGSEZpFzHZBtQzfHEYirAXg_cmpumUhSNAECov8vavpL82eZKC3NOPZjQ4ydFZxW3CxzP96xyhUGnU3n0ldc2ymuxQ75qHU7tDizFi81VxZ8JSZ9Bv4gdM9tmGrDe9j_7fzvL7nhpxK8-SPbZcYpm-JTjXBSQkD4TpiyzYHuy2WBMlEZa9XzgxkX3gkaXFtPEzcFukpF4V2bc98HDpoLCydidAEJrLR21fMYBHzwvE2rPcWJy0CxLm9TQAfhd0NDwdhFAEwXJXG-Rnhc6Qt9jcs_mIuQTDKe_0fKnEBmoCVnMWhzERDerOP4_-d-_KVJnho1vXF6ePvHgZCDGlRun3mYj4zQ9kfyW5M_PBeGgegGvGg8xAsN-TImp1ICFRfpPqxQWjMgdL34k8ENL0yhlrbYIAXQQZr7xgJ_FmhmjKpYM4S3PcALocEgozAHoV_sIT04Ozr5X_82ktA7zkMIBk4U7rJ9gXYfArIr9xlfflpHL26s5QVCLjcfgFWdBRBjafCWSAj8M3dNDfSTwyKXphuV4jcW7AeXbQTswQZb8bTGckgcwM1PpZHLSFYEqYnqGfAZdOwHqk3LaRf7UNL2gjxx6Mvc3oS7HV8U2ZTuKFep0rtuiIp947N5WhI_YUWej97WpgsJKaA1R5vDdhZIxqiQtvL2htRbizYYTtgqcAYEacTG-1z6jz1Q-ylxSWcilWX5SGPniHZIIED0kXudOUTu4KKSdFp6Xgf83T_cCeZfsuDEEgTD9RXLIxtzgVXO0kmpatQTPR_KJ0Q

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.criteo.com/openrtb_2_5/pbjs/auction	1970-01-21 10:59:28	Name: cto_bundle Value: fDJ-K19PUVFKMGJFJTJCZSUyQmoxcURwdUx5bHRnNFlJVmt3QU1jbjVySnFyN1FvN1FZOTBNVXFiZVU0VlRsVG1QOVJwa0k0czFLQUNDZ1ZnaHQyNjFZNTV0UGFuaSUyRjBBZWVwZWVEcU1lUnolMkJJbDRpVlRJJTNE
.smartadserver.com/api	1970-01-21 03:47:28	Name: pid Value: 4985336732052262992
xfinity-billpay-alerts.50-6-168-50.cprapid.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 72956400c07eaf616011f51647cc1505
www.spokesman.com/	1970-01-21 10:23:28	Name: flipp-uid Value: 3eeead1c-e7ee-4a87-894f-425abbbb8023
.spokesman.com/	1970-01-21 05:59:53	Name: ___nrbic Value: %7B%22isNewUser%22%3Atrue%2C%22previousVisit%22%3A1733872353%2C%22currentVisitStarted%22%3A1733872353%2C%22sessionId%22%3A%222378cc04-3a53-4935-8325-b93ac2e414ec%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//www.spokesman.com/%22%2C%22referrer%22%3A%22%22%2C%22lpti%22%3Anull%7D
.spokesman.com/	1970-01-21 05:59:53	Name: ___nrbi Value: %7B%22firstVisit%22%3A1733872353%2C%22userId%22%3A%229044661f-7c09-47a5-a3bf-fa78ae610f7b%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1733872353%2C%22timesVisited%22%3A1%7D
.spokesman.com/	1970-01-21 05:59:53	Name: compass_uid Value: 9044661f-7c09-47a5-a3bf-fa78ae610f7b
.p.flipp.com/	1970-01-21 11:13:52	Name: gid Value: "qWlIHwAEmhs21NYWJ/7EvQ=="
events.newsroom.bi/	1970-01-21 05:57:04	Name: 6814_u Value: 9044661f-7c09-47a5-a3bf-fa78ae610f7b
events.newsroom.bi/	1970-01-21 02:21:04	Name: 6814_lv Value: null
events.newsroom.bi/	1970-01-21 02:21:04	Name: 6814_ut Value: 0
.spokesman.com/	1970-01-21 01:37:54	Name: _sp_ses.53c5 Value: *
.spokesman.com/	1970-01-21 11:13:52	Name: _ga Value: GA1.2.1298053471.1733872354
.spokesman.com/	1970-01-21 01:39:18	Name: _gid Value: GA1.2.1338740073.1733872354
.spokesman.com/	1970-01-21 01:37:52	Name: _dc_gtm_UA-230256-14 Value: 1
.adnxs.com/	1970-01-21 11:13:52	Name: receive-cookie-deprecation Value: 1
prebid.media.net/	1970-01-21 05:57:04	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 11:13:52	Name: IDE Value: AHWqTUleUdJeM1jEoaNxw1-cgnAlhDwhq06DZj8f4vSWfcHcLBiVJbQqxoN1vq1hx2o
.spokesman.com/	1970-01-21 10:59:28	Name: __gads Value: ID=4a63009b981712d1:T=1733872355:RT=1733872355:S=ALNI_MZVTdBbZictBT9To_gKMzVzIAbRPA
.spokesman.com/	1970-01-21 10:59:28	Name: __gpi Value: UID=00000f6adb050a41:T=1733872355:RT=1733872355:S=ALNI_MahHZ9_kagmJw8EEt5lSbPcha6psA
.spokesman.com/	1970-01-21 05:57:04	Name: __eoi Value: ID=480427b8776c89ee:T=1733872355:RT=1733872355:S=AA-AfjZbxvBHbs2OpjKWXfkqBEa_
www.spokesman.com/	1970-01-21 10:23:28	Name: ai_user Value: Wg8Zx\|2024-12-10T23:12:35.959Z
.doubleclick.net/	1970-01-21 02:21:04	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 05:57:04	Name: receive-cookie-deprecation Value: 1
events.newsroom.bi/	1969-12-31 23:59:59	Name: 6814_s Value: 2378cc04-3a53-4935-8325-b93ac2e414ec
.doubleclick.net/	1970-01-21 05:57:04	Name: APC Value: AfxxVi6DMD_Q5QfrBsNjcWaJ5DjY6qQzSVxz9McrzRiwNnOXVfgFCg
.spokesman.com/	1970-01-21 10:23:28	Name: anonDeviceId Value: 0d2e736365bda3f16466b5a0fe226535
.spokesman.com/	1970-01-21 10:23:28	Name: nxt_last_visit Value: 1733872357599
www.spokesman.com/	1970-01-21 01:37:54	Name: ai_session Value: 1bbLW\|1733872357706.9\|1733872357706.9
.pymx5.com/	1970-01-21 05:57:04	Name: _ia_uid Value: eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2R0NNIn0.xRv_yb_GZelswOBgZ5c7T3O_s7hxMEvUx8rOquzN9i6XfeiDEoFVNQ.Ve7DioHz4nFGdPTw.rdTZ-Ng52jrudY4Pc9EyoUU3wTisQfiN--bn1Q0LW8pYmJHBbD-jZyNDdOleUMgylRQGBerWA2GkA5FKaM6M49olyaVTqb9p7NGClNEDBq1EJ7fhuwYmerCRa4m6hVELsdqd3tkfb7SIBvhAUiCcQG72WNZ9bgocdzbK4NZyj814GVqOQrttdMqDxv37VX0yjnbo2U9--YR0ROASUshcdNVO7R9MYirlFoMDF7MnNTnuvZrhyjQBDGZ0hVd045f0-gX5JAqv-mCNAb6ULkqume3R1qCx_XbsrNroWDV2dQ6UOuuCjmI7FDHTulaPD4BEhBBCbsQFJmAd7pbFW228jcRrAOlBxFJ_LYc5i7SXToc.8weLnIdTVCQIzqjC27LLrw
.pymx5.com/	1970-01-21 05:57:04	Name: _ia_version Value: 2
.spokesman.com/	1970-01-21 11:13:52	Name: _ga_G3BY0LGVDL Value: GS1.1.1733872353.1.0.1733872357.56.0.0
.spokesman.com/	1970-01-21 03:47:28	Name: _fbp Value: fb.1.1733872357788.738050885843678217
.adnxs.com/	1970-01-21 03:47:28	Name: XANDR_PANID Value: jdsF2dJu7vuPF0iggdUBwlqIV7rrbb9kCNNThKj9gkHprpec9RYjk7wL4v6wQ_sOnfqSqtIQTA4estz4AORPrn_0XvF6nYZiBwesnOc__b8.
.adnxs.com/	1970-01-21 03:47:28	Name: uuid2 Value: 5838192549754625660
.servenobid.com/	1970-01-21 01:47:57	Name: pid_312 Value: 5838192549754625660
.turn.com/	1970-01-21 05:57:04	Name: uid Value: 3161815625539214200
.1rx.io/	1970-01-21 10:23:28	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b38af3c5-7b66-4a7f-a65f-069eb8c488bf-003%22%7D
.targeting.unrulymedia.com/	1970-01-21 10:23:28	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-b38af3c5-7b66-4a7f-a65f-069eb8c488bf-003%22%7D
.servenobid.com/	1970-01-21 01:47:57	Name: pid_321 Value: RX-b38af3c5-7b66-4a7f-a65f-069eb8c488bf-003
.servenobid.com/	1970-01-21 01:47:57	Name: pid_317 Value: 4985336732052262992
.media.net/	1970-01-21 10:23:28	Name: visitor-id Value: 3768739607719256000V10
.media.net/	1970-01-21 10:23:28	Name: data-pbs Value: setstatuscode~~1
.servenobid.com/	1970-01-21 01:47:57	Name: pid_353 Value: 3768739607719256000V10
.lijit.com/	1970-01-21 10:23:28	Name: ljt_reader Value: Jz4QARZHcLBiCeI9RoOgDWQJ
.lijit.com/	1970-01-21 10:23:28	Name: _ljtrtb_273657 Value: 273657
.servenobid.com/	1970-01-21 01:47:57	Name: pid_310 Value: Jz4QARZHcLBiCeI9RoOgDWQJ
.spokesman.com/	1970-01-21 10:23:28	Name: nxt_upd_ac_SR_SPOKESMAN_PROD Value: 1
.spokesman.com/	1970-01-21 10:23:28	Name: nxt_SR_SPOKESMAN_PROD Value: {%221%22:{%22100132%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:1733872361346%2C%22far%22:0%2C%22frp%22:[]}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:%22100132%22}}
.spokesman.com/	1970-01-21 11:13:52	Name: _sp_id.53c5 Value: 73247b06-f214-412e-bef6-9a26ca227eeb.1733872354.1.1733872364.1733872354

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 10) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://idsync.rlcdn.com/712559.gif?partner_uid=3eeead1c-e7ee-4a87-894f-425abbbb8023 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://aamcftag.aamsitecertifier.com/aam.js Message: Failed to load resource: net::ERR_SSL_UNRECOGNIZED_NAME_ALERT
network	error	URL: https://ads.servenobid.com/sync?pid=310&uid=Jz4QARZHcLBiCeI9RoOgDWQJ&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D5%26redirect%3Dchrome%253A%252F%252Fversion%252F Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aamcftag.aamsitecertifier.com
ads.servenobid.com
adspsp.com
analytics.google.com
ap.lijit.com
api-mg2.db-ip.com
api.pymx5.com
az416426.vo.msecnd.net
btlr.sharethrough.com
c17d7f31d25cb5aa8de658cf01161a45.safeframe.googlesyndication.com
cdn-gateflipp.flippback.com
cdn.dmepyodjotcuks.com
cdn.mbmgivexdvpajr.com
cdn.pranmcpkx.com
cdn.q0losid.com
cdn.vmzqqmlpwwmazjnio.com
connect.facebook.net
cs.media.net
d31qbv1cthcecs.cloudfront.net
dc.services.visualstudio.com
dis.criteo.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
events.newsroom.bi
fundingchoicesmessages.google.com
grid-bidder.criteo.com
hb-api.omnitagjs.com
hb.minutemedia-prebid.com
ib.adnxs.com
idsync.rlcdn.com
js.matheranalytics.com
loader-cdn.azureedge.net
media.spokesman.com
p.flipp.com
paywall-ad-bucket.s3.amazonaws.com
pixel.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
prod-spokesman-proxy-connext.azurewebsites.net
prod.adspsp.com
pymx5.com
sacbee.com
sdk.mrf.io
securepubads.g.doubleclick.net
spokesman.com
ssp-sync.criteo.com
ssp.disqus.com
static.spokesman.com
stats.g.doubleclick.net
td.doubleclick.net
thumb.spokesman.com
us-u.openx.net
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.i.matheranalytics.com
www.spokesman.com
x.bidswitch.net
xfinity-billpay-alerts.50-6-168-50.cprapid.com
aamcftag.aamsitecertifier.com
ads.servenobid.com
d31qbv1cthcecs.cloudfront.net
ep1.adtrafficquality.google
104.26.5.15
107.178.250.234
13.35.58.32
13.35.58.5
13.85.16.224
142.250.181.225
142.250.181.238
142.250.184.238
142.250.186.68
142.250.186.72
143.244.197.139
152.199.19.161
152.199.21.175
157.240.251.9
157.240.253.35
163.5.194.36
166.108.36.33
172.217.16.194
172.217.18.2
172.67.159.162
173.194.76.155
178.250.1.4
178.250.1.57
178.250.1.9
18.172.112.71
18.173.205.30
18.245.31.35
18.245.46.41
18.245.86.94
185.255.84.150
185.89.210.82
20.50.88.245
216.239.32.181
216.58.206.33
216.58.206.34
23.32.100.25
3.161.82.72
3.5.27.201
34.120.63.153
34.225.153.120
34.247.103.188
34.96.74.203
35.214.136.108
35.227.203.93
35.244.159.8
35.244.174.68
44.236.165.148
50.6.168.50
52.31.168.245
52.59.238.109
54.173.215.37
63.215.202.146
69.173.144.138
81.17.55.113
91.134.35.216
01f52b334e31893f06e5a886701332da0a9092991e8d109d53cb4bef81d5f0ab
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
0912207d64a7ef651b5bd8f22192d60f6ec332a2661560dea5c417ea92ad056a
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
180f77d77b22cb605b196ec8a84d0ee9e6d0eaabe11fd4d6e7905705c0f5c08f
1ae88ebbcf7618efb45cf4a61410aad6ac0753f1543eacdc84607af47f6c17a7
1b2043e8ed99c373ffb1c64c2a9227db7ebf28c6d4cf9c89c61c017279b9b4ae
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f701190dd51132cf72f60e553431bd747b237db10c0e80c7bfb3cb8abd431fb
2453e1931149531f3378545a752d84d07aca49fe639d36733d738aaece8a38a5
28f6ada997873a7e073fc506b93f86b6d2be7de4cc6ae085557bc322cc6df331
2ca90e027c0d297f25a421b5d6e19cc1308d0d3903d0d62e6e603550c5cf2ecc
2daf4f648f61913798a435e8a7de48bc507cef6d1beef4a05e314dad8db6f4bf
349bc21b11a196482a8abd60c39b5b5e044be28a87d2b1f46cc37726cba1c18d
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3b5325c8198b46a1f04b64e166cfd31781b2b397f503bea8aed9356e6426b09b
40111aaccf53faf38d9e7e9650c11d21adec56c369fd20a5c22878a8edbb104f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459ad44dd647d3544551e4ab7848cbfdd29799adac87a8a7e9767acb66e8fa79
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3ddd44c0cc1b869a3c9078766bdc3badfeee58fbfc302d899851285b21678d
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c79a0a3f151f18d18af836c6efe9b7131aaadb6154ebd4a9fcbb12e916f55a7
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
61e9c99c3d1a3c80754204c77d410083272b168856dde95da325297182e0c63a
66951e217d3a7d3f4b0b3d94de73baa28a45a31f1998a1fa098fceb3ebc5035c
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f2a4c20e0c0ecea553428a17fa567ad691d9f490fa3469da05631d48e2f4e43
6fbb7a976dc2ad51bea1a8192f67b80f9e909996811a92d2c884fd15778a6a21
72080ae1b29421ce899301ae8a5d6559258abd9961f47937a0b0a186be9d5ca1
73b2d8feb70fd308893d2dd534d608bd0fa3717562a714728fae5cf5a65746ef
784a1ac4d8ce645fdb028ae1dd9ac1a4f51701735ac742eb9311d713c7b9500c
79df73fd1377483384f7b7565e98c4a430889f0388db05634271f9f302faeac7
7c5caa4e0da4a1def24f497d668ee79ea1c3ef00050d089b6f337a0e783be4e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b88c01c459f4bda559a17612d648dc08f5cc5aba857631d0c28063fe00db20
8cc754aacdee74f05b21a28d08874f29c0406aeb5bfc9b67e37bdf4b8cc2e3c0
9c16a11cd9efe5dcd162fe2cee3e3237225eb228c6114abf5ae77c5081b9b554
9ef22c9cf20460bbc639afd09b42f03a4e91db23bf8d774280653a7845b157de
9f09c9a36884525865d012b229cd6fdfe38a1f04d9eff430833fd1040ff8ef61
a01ac3e20aa80ae7198be926cd8b9809b0ebea8e75938fe18c9cde53fdd30612
a0b5013409a4dd0a10edb90daa4c92c08dd5277ece8ef414ea7288352bad7bd2
a0be785f74fc193277e33f5d93429ec1f4cdba4afbb26de25dfe5ed795708878
a120a51667f8a7d4c6202c1ca0df9a2a458633a96f2c1c57116434887a5d3565
a2702f6a67d243b8c2451ed8022b8fd0a6701cd104781ad922dc25fc6aa6fc3b
a4093dbd9aaa443b093b0c1642b97137193b2ef75b3cd5f483462a289f78755f
a77ccf47a61b8eb1d83a4101826726c3b2b0e5b34eb9f2601785b4d1e513932c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab2e65cd767ab27b65e3bd2f97ffa0163af196c8a0eceb292f5d57527c9adce8
b5a158962e5f0e384d70e6e109389c04a89fba090d8f960360d187cb1aa92130
b6324f82aba114fcb438572beb59398c777f43fa14445f1e713bc0dd2b10770b
b975eac6985743fac96aafb6be109c9b51547302ebd1475970df1e54818ffb8d
bc5554eaa8460b63284f11fe95f50e83648d82bb10ac1969399418c53e49f650
bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9
c31124470c94efa232190d84acd9cf6a6f51c5e1aabce658a0824b1670623af2
c4eb49795f7a703429e7012cec0a556e6faf6f551f07cd337f66c5a1ec3a5847
c5f447a758b6d804a0ce3fedcad0d237cf8cc8310a003ee473fdff0b9b8da056
c78493afeeaa3ff629bf1327b46b6432e8e3bb1c8e05f7c890cb486fca7d5538
cbcb2bb9a8a401c9fbec5e448549b80629f9ea7272b4504fa441c3898df6b015
d2852b40bedb9cfa6197a83c88e75e977e7a9fecb7b9de992d74ff2fa829fd7d
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
db385577bac1b959fe09ffc6eb61d8bda5e1708dda30d7e1e5101d86738007ff
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4768f70ea92ca1943a93f71c36a65068f90bbdc795156c23e322acb6bf70c4d
e513e6b2f6da64ff85814a1b518933236358d67bde6cb4c090873f1abfbfd48b
e88fa924cad40ce7c0bc60f1b0b88f0e65d9e2cb447e9380f129c4b67ec0fd73
e9d7eaf59f8c27658d903ddaec2b0e533f89e3e6cb75a5d2347eb6c1f0d71edc
eab6233096b857ecda13c7f64b1cee3378457faa09df4db474f765029f2fe921
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ee1130dfd93a76fc0d5b1b89a7d9c3b04c9c370edc440c95325cbd921fa6bf61
ef1c45980dc2c58d637e4c716191dccc7e594d9ef80f8e41328c15615fd12b18
f17201679520bca7d98fe09515b49314d7bdf24047383587b2f3204fbb5cd7e4
f63b401d2b6dd15bd6eafc2cb56f0cf2ac605ad61f2c3579ded49776918ef186
f74a9b3f5ccade5f3511d93428c2418c17dd3da60a42172a25eb9ffc9a4eb0cb
f95980d70b0539b4cbc5a4518e2e1c26f0cd879d975b6d7a1b8d6645f5747288
fda57daaad4d2b9c702a539fb00ecb22a3f0e33a3974ab311b82f78a39ae35b7
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
ffc831ca338cfc02c6fa2ea36272bf2f60c307c777f94335be4f3eed19956a7a

www.spokesman.com Open in urlscan Pro 18.245.86.94 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

150 Requests

95 %HTTPS

0 %IPv6

47 Domains

62 Subdomains

52 IPs

7 Countries

20120 kBTransfer

25885 kBSize

50 Cookies

19 Outgoing links

Page URL History

Redirected requests

150 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.spokesman.com Open in urlscan Pro
18.245.86.94 Public Scan

Screenshot
Live screenshot

Full Image

150
Requests

95 %
HTTPS

0 %
IPv6

47
Domains

62
Subdomains

52
IPs

7
Countries

20120 kB
Transfer

25885 kB
Size

50
Cookies

150 HTTP transactions
2 data transactions