santamariatimes.com Open in urlscan Pro
192.104.182.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/articl...
Submission: On December 03 via api (December 3rd 2024, 12:06:46 am UTC) from US — Scanned from DE

Summary HTTP 98 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 38 IPs in 8 countries across 37 domains to perform 98 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is santamariatimes.com.
TLS certificate: Issued by WR1 on October 15th 2024. Valid for: 3 months.

This is the only time santamariatimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	192.104.182.209 192.104.182.209	10668 (LEE-ASN) (LEE-ASN)
31	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	23.53.42.121 23.53.42.121	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.191.117.1 54.191.117.1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
2	162.19.138.117 162.19.138.117	16276 (OVH OVH SAS) (OVH OVH SAS)
2	108.128.75.152 108.128.75.152	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
5	13.35.58.148 13.35.58.148	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.82 185.64.190.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
3	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
1	162.19.138.83 162.19.138.83	16276 (OVH OVH SAS) (OVH OVH SAS)
1	52.36.224.135 52.36.224.135	16509 (AMAZON-02) (AMAZON-02)
16 21	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:a00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (Amobee NE...) (Amobee NEXXEN GROUP LTD)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:1096:6c9a:d23d:5db6	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.16.237.161 52.16.237.161	16509 (AMAZON-02) (AMAZON-02)
1 1	3.67.22.240 3.67.22.240	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	81.17.55.97 81.17.55.97	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V.)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	3.219.153.34 3.219.153.34	14618 (AMAZON-AES) (AMAZON-AES)
1	52.31.142.223 52.31.142.223	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
98	38

9 192.104.182.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.us-midwest-1.vip.tn-cloud.net

santamariatimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.53.42.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-53-42-121.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.191.117.1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-191-117-1.us-west-2.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533568.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.75.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-75-152.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.35.58.148 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-148.fra60.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

t.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532338.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.224.135 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-224-135.us-west-2.compute.amazonaws.com

postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 35.204.74.118 (Groningen, Netherlands) 16 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:a00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (Amobee NEXXEN GROUP LTD, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:1096:6c9a:d23d:5db6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.237.161 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-237-161.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.22.240 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-22-240.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.17.55.97 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.153.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-153-34.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.142.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-142-223.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.100 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.153 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 26052	587 KB
23	simpli.fi 16 redirects tag.simpli.fi — Cisco Umbrella Rank: 5206 i.simpli.fi — Cisco Umbrella Rank: 4244 um.simpli.fi — Cisco Umbrella Rank: 878	13 KB
9	santamariatimes.com santamariatimes.com	93 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	547 KB
5	segment.com cdn.segment.com — Cisco Umbrella Rank: 1935	43 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 135 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 10745	190 B
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4108 www.google.com — Cisco Umbrella Rank: 3	24 B
3	gstatic.com www.gstatic.com fonts.gstatic.com	59 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 281	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 2185	2 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1526	315 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2363	934 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 550 d.agkn.com — Cisco Umbrella Rank: 758	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 470	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 513	730 B
2	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 2708 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	583 B
2	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 533	1 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 450	378 B
2	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1040 postrelease.com — Cisco Umbrella Rank: 922	674 B
2	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 570 t.pubmatic.com — Cisco Umbrella Rank: 3005	87 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 525	286 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 419	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 96	23 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 476	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 973	223 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1532	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6784	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 429	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 574	236 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946	302 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 377	424 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 4120	186 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
0	bluekai.com Failed stags.bluekai.com Failed
0	intentiq.com Failed sync.intentiq.com Failed
98	37

	Domain	Requested by
31	bloximages.chicago2.vip.townnews.com	santamariatimes.com
21	um.simpli.fi	16 redirects
9	santamariatimes.com	santamariatimes.com
6	www.googletagmanager.com	santamariatimes.com www.googletagmanager.com
5	cdn.segment.com	santamariatimes.com cdn.segment.com
3	www.google.de	santamariatimes.com
2	ib.adnxs.com	1 redirects
2	loadm.exelator.com	1 redirects
2	sync.smartadserver.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	stats.g.doubleclick.net	www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	id5-sync.com	ads.pubmatic.com
2	gum.criteo.com	ads.pubmatic.com
2	www.gstatic.com	santamariatimes.com
1	cm.g.doubleclick.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	sync.bfmio.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	postrelease.com	s.ntv.io
1	lb.eu-1-id5-sync.com	ads.pubmatic.com
1	t.pubmatic.com	ads.pubmatic.com
1	match.adsrvr.org	ads.pubmatic.com
1	id.crwdcntrl.net	ads.pubmatic.com
1	jadserve.postrelease.com	s.ntv.io
1	ads.pubmatic.com	s.ntv.io
1	fonts.gstatic.com	fonts.googleapis.com
1	tag.simpli.fi	santamariatimes.com
1	s.ntv.io	santamariatimes.com
1	fonts.googleapis.com	santamariatimes.com
0	stags.bluekai.com Failed
0	sync.intentiq.com Failed
98	47

This site contains links to these domains. Also see Links.

Domain
www.legacy.com
instagram.com
new.evvnt.com
www.microsoft.com
www.google.com
www.mozilla.org
bloxcms.com
bloxdigital.com

Subject Issuer	Validity	Valid
santamariatimes.com WR1	`2024-10-15` - `2025-01-13`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1	`2024-03-12` - `2025-04-12`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2024-07-31` - `2025-07-31`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-13` - `2025-12-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2024-11-27` - `2025-11-30`	a year	crt.sh
*.postrelease.com Amazon RSA 2048 M03	`2024-07-31` - `2025-08-30`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
id5-sync.com E6	`2024-11-11` - `2025-02-09`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M03	`2024-09-08` - `2025-10-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.segment.com Amazon RSA 2048 M02	`2024-10-15` - `2025-11-14`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
eu-1-id5-sync.com R11	`2024-11-11` - `2025-02-09`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html
Frame ID: 7D6152E710225E0406D08FAD4F4DE829
Requests: 97 HTTP requests in this frame

Frame: https://postrelease.com/iframes/topics.html
Frame ID: 3A1A01E3B4FFE7D0C535163D95C73EAA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Entertainment | santamariatimes.com

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

98
Requests

82 %
HTTPS

19 %
IPv6

37
Domains

47
Subdomains

38
IPs

8
Countries

1619 kB
Transfer

4162 kB
Size

31
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.legacy.com/obituaries/santamariatimes/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/santamariatimes/browse
Title: Recent Obituaries

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/santamariatimes/obituary-search.aspx?isnew=1&affiliateId=1747&stateid=7
Title: Find an Obituary

Search URL Search Domain Scan URL

URL: https://instagram.com/santa_maria_times/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://new.evvnt.com/?with_navbar&force_snap_sell&partner=SANTAMARIATIMES&publisher_url:santamariatimes.com#/quick
Title: Promote Your Event

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/santamariatimes/today
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/edge
Title: Microsoft Edge

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/en-US/firefox/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://bloxdigital.com/
Title: BLOX Digital

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=50558CA1EDA2468E93FDC34C4D882898

Request Chain 76

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/50558CA1EDA2468E93FDC34C4D882898 HTTP 302
https://sync.1rx.io/usersync/simplifi/50558CA1EDA2468E93FDC34C4D882898?zcc=1&cb=1733184403659 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3827a26a-6839-4254-9d97-0f6579edf016-003

Request Chain 77

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=50558CA1EDA2468E93FDC34C4D882898&dongle=yf3

Request Chain 78

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=50558CA1EDA2468E93FDC34C4D882898

Request Chain 79

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=50558CA1EDA2468E93FDC34C4D882898 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=50558CA1EDA2468E93FDC34C4D882898

Request Chain 80

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=50558CA1EDA2468E93FDC34C4D882898 HTTP 302
https://d.agkn.com/pixel/10751/?che=1733184403628&ip=81.95.5.39&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219583205085000008855 HTTP 302
https://um.simpli.fi/aa_px?sk=219583205085000008855 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 81

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=50558CA1EDA2468E93FDC34C4D882898

Request Chain 84

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=50558CA1EDA2468E93FDC34C4D882898;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=50558CA1EDA2468E93FDC34C4D882898;mimetype=img;sr HTTP 302
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid] HTTP 302
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1

Request Chain 85

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=50558CA1EDA2468E93FDC34C4D882898&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=50558CA1EDA2468E93FDC34C4D882898&j=0&xl8blockcheck=1

Request Chain 87

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=50558CA1EDA2468E93FDC34C4D882898

Request Chain 88

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=50558CA1EDA2468E93FDC34C4D882898

Request Chain 89

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=50558CA1EDA2468E93FDC34C4D882898

Request Chain 90

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=50558CA1EDA2468E93FDC34C4D882898

Request Chain 91

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=50558CA1EDA2468E93FDC34C4D882898

Request Chain 92

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1733184403342&cv=7&fst=1733184403342&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1912408135&cv=7&fst=1733184403342&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMI4YbQhaeKigMVILD9Bx3DIxBDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3NhbnRhbWFyaWF0aW1lcy5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1912408135&cv=7&fst=1733184403342&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMI4YbQhaeKigMVILD9Bx3DIxBDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3NhbnRhbWFyaWF0aW1lcy5jb20v&is_vtc=1&cid=CAQSGwCa7L7d3Tcdg2oy4TACch_fKWJssj2u-BkjNA&random=350656056 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1912408135&cv=7&fst=1733184403342&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMI4YbQhaeKigMVILD9Bx3DIxBDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3NhbnRhbWFyaWF0aW1lcy5jb20v&is_vtc=1&cid=CAQSGwCa7L7d3Tcdg2oy4TACch_fKWJssj2u-BkjNA&random=350656056&ipr=y

Request Chain 94

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=50558CA1EDA2468E93FDC34C4D882898 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D50558CA1EDA2468E93FDC34C4D882898

Request Chain 95

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=50558CA1EDA2468E93FDC34C4D882898&expires=365

Request Chain 96

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=50558CA1EDA2468E93FDC34C4D882898

98 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html Show response
santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/ 143 KB
29 KB 872ms
600ms Document
text/html 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.us-midwest-1.vip.tn-cloud.net

Software

Resource Hash

a60186cc7771c2e4172960196eee53d0ff7464fb813539486122bb113743f7dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 0
cache-control: public, max-age=300
content-encoding: gzip
content-length: 28028
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 03 Dec 2024 00:06:39 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000
vary: X-IPCountry, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.83.3; app2; 0.23s; 2.9M
x-ua-compatible: IE=edge
x-vcache: MISS
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
38 KB 167ms
92ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"60e609f2-1882c"
age: 5417376
expires: Wed, 01 Oct 2025 06:05:13 GMT
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: application/x-javascript
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3d800dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38456
server: cloudflare

GET
H2 200 user.js Show response
santamariatimes.com/shared-content/art/tncms/user/ 4 KB
2 KB 215ms
213ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://santamariatimes.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: 8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"67462159-ee3"
age: 34
accept-ranges: bytes
content-length: 1658
date: Tue, 03 Dec 2024 00:06:04 GMT
last-modified: Tue, 26 Nov 2024 19:28:25 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
13 KB 169ms
95ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"5d726a23-9bd8"
age: 7821226
expires: Wed, 09 Jul 2025 15:38:02 GMT
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: application/x-javascript
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3d801dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 12719
server: cloudflare

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 33 KB
14 KB 169ms
94ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66922-841f"
age: 22831937
expires: Thu, 13 Mar 2025 15:38:38 GMT
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:34 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3dfffdbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14189
server: cloudflare

GET
H2 200 tnt.ee95c0b6f1daceb31bf5ef84353968c6.js Show response
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 11 KB
4 KB 169ms
95ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.ee95c0b6f1daceb31bf5ef84353968c6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-2d77"
age: 5406513
expires: Thu, 13 Mar 2025 19:26:17 GMT
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: HIT
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3d802dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4260
server: cloudflare

GET
H2 200 application.0758030105fdd3a70dff03f4da4530e2.js Show response
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 165ms
91ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.0758030105fdd3a70dff03f4da4530e2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6707d183-1166"
age: 339116
expires: Wed, 15 Oct 2025 19:01:08 GMT
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: application/x-javascript
last-modified: Thu, 10 Oct 2024 13:07:15 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3afc3dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1636
server: cloudflare

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
1 KB 140ms
65ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-9b8"
age: 5417376
expires: Thu, 13 Mar 2025 18:05:01 GMT
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3afc4dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 910
server: cloudflare

GET
H2 200 bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
21 KB 140ms
66ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css

Requested by

Host: santamariatimes.com
URL: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66920-1ac2e"
age: 22839603
expires: Thu, 13 Mar 2025 15:38:37 GMT
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:32 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3afbedbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21439
server: cloudflare

GET
H2 200 layout.4f2008879f13ddd758050a76c1e8672c.css
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 155 KB
34 KB 139ms
65ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.4f2008879f13ddd758050a76c1e8672c.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66f1b7c5-26de1"
age: 5374281
expires: Wed, 01 Oct 2025 19:01:08 GMT
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: text/css
last-modified: Mon, 23 Sep 2024 18:47:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3afbadbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34470
server: cloudflare

GET
H2 200 theme-basic.7fe92e6efd905ab9f8cd307568b298f3.css
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/ 41 KB
9 KB 164ms
90ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.7fe92e6efd905ab9f8cd307568b298f3.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b8506928501a437418ca18498b5fcbd474b0c4bfc96b438bc9e09baa53adce5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66be51f7-a358"
age: 9000283
expires: Wed, 20 Aug 2025 19:01:55 GMT
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: text/css
last-modified: Thu, 15 Aug 2024 19:07:35 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3afc0dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9533
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 13 KB
2 KB 113ms
41ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97210a6f3bb5fd736f839127b138eb7a7786cde64d5983b53743cb6816d7079e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 00:06:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 03 Dec 2024 00:06:39 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 142ms
68ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66925-183e"
age: 8444414
expires: Thu, 13 Mar 2025 18:05:01 GMT
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3afc1dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1979
server: cloudflare

GET
H2 200 flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 928 B
583 B 141ms
68ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-promo-button.52347555fbb6668223efabadb9c9d111.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a69ce83f86f2e80772d4e867c6d46d9aac905c7554a9300222eefa80e34c24bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66925-3a0"
age: 3572623
expires: Thu, 13 Mar 2025 16:44:46 GMT
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: text/css
last-modified: Wed, 21 Feb 2024 21:20:37 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3afbfdbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 448
server: cloudflare

GET
H2 200 csrf.js Show response
santamariatimes.com/shared-content/art/tncms/api/ 940 B
763 B 214ms
213ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://santamariatimes.com/shared-content/art/tncms/api/csrf.js
Requested by: Host: santamariatimes.com
URL: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: 9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://santamariatimes.com
Referer: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"67462159-3ac"
age: 190
accept-ranges: bytes
content-length: 537
date: Tue, 03 Dec 2024 00:03:29 GMT
last-modified: Tue, 26 Nov 2024 19:28:25 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 access.3e0b8030b6000aa9a609.js Show response
santamariatimes.com/shared-content/art/tncms/api/ 71 KB
29 KB 565ms
565ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://santamariatimes.com/shared-content/art/tncms/api/access.3e0b8030b6000aa9a609.js
Requested by: Host: santamariatimes.com
URL: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://santamariatimes.com
Referer: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"67214290-11c3d"
age: 190
accept-ranges: bytes
content-length: 29787
date: Tue, 03 Dec 2024 00:03:29 GMT
last-modified: Tue, 29 Oct 2024 20:16:16 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 user-controls.578df3df79d812af55ab13bae47f9857.js Show response
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 533 B
518 B 35ms
34ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-215"
age: 3002274
expires: Thu, 13 Mar 2025 18:05:04 GMT
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe78c5edbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 355
server: cloudflare

GET
H2 200 tnt.dynamic.navigation.2c31f97f685c80e6b8dde49bcd628fd6.js Show response
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
884 B 44ms
44ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7136c66ee0037c19d886ae33c804a00e61ea5f4a8850cff98c88c54e4263fa51

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-6d1"
age: 22103606
expires: Thu, 13 Mar 2025 15:38:38 GMT
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe7bca1dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 771
server: cloudflare

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 74ms
74ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"667d97d2-dbe"
age: 3534695
expires: Wed, 09 Jul 2025 10:17:09 GMT
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: application/x-javascript
last-modified: Thu, 27 Jun 2024 16:48:18 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe95e9adbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1322
server: cloudflare

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 91ms
90ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66921-1baf"
age: 22828228
expires: Thu, 13 Mar 2025 18:05:04 GMT
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:33 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe9beebdbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2388
server: cloudflare

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 198ms
29ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

content-encoding: gzip
age: 462244
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 15:42:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 15:42:37 GMT
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3945
x-xss-protection: 0
server: sffe

GET
H3 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
8 KB 197ms
27ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

content-encoding: gzip
age: 481466
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 10:22:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 27 Nov 2024 10:22:15 GMT
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8653
x-xss-protection: 0
server: sffe

GET
H2 200 messaging662.js Show response
santamariatimes.com/shared-content/art/tncms/api/ 2 KB
1 KB 295ms
294ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://santamariatimes.com/shared-content/art/tncms/api/messaging662.js
Requested by: Host: santamariatimes.com
URL: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: fe9d3c399cfab2beae377ccb7ebd0e90cc65bd98aa0172e82e21e4cdb57ef597

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"67462159-9ce"
age: 13
accept-ranges: bytes
content-length: 891
date: Tue, 03 Dec 2024 00:06:28 GMT
last-modified: Tue, 26 Nov 2024 19:28:25 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 207 B
311 B 164ms
91ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"65d66924-cf"
age: 3388104
expires: Thu, 13 Mar 2025 15:38:38 GMT
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: application/x-javascript
last-modified: Wed, 21 Feb 2024 21:20:36 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=604800
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3afc6dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 176
server: cloudflare

GET
H2 200 tracking.js Show response
santamariatimes.com/shared-content/art/tncms/ 3 KB
1 KB 563ms
563ms Script
application/x-javascript 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://santamariatimes.com/shared-content/art/tncms/tracking.js
Requested by: Host: santamariatimes.com
URL: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
content-encoding: gzip
service-worker-allowed: /
etag: W/"67462159-a3a"
age: 11
accept-ranges: bytes
content-length: 1157
date: Tue, 03 Dec 2024 00:06:28 GMT
last-modified: Tue, 26 Nov 2024 19:28:25 GMT
content-type: application/x-javascript
vary: Accept-Encoding

GET
H2 200 fontawesome.48f6e778a25162f5c4a6977fb556155b.js Show response
bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 277 KB
115 KB 162ms
161ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.48f6e778a25162f5c4a6977fb556155b.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66e19e2e-45518"
age: 2054342
expires: Wed, 17 Sep 2025 19:01:16 GMT
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: application/x-javascript
last-modified: Wed, 11 Sep 2024 13:42:06 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe9beeedbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 117608
server: cloudflare

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 596 KB
186 KB 238ms
38ms Script
application/x-javascript 23.53.42.121
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: santamariatimes.com
URL: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.53.42.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a23-53-42-121.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 421944cfcb82db447af1669be631f6e474df45749095e807d518e69e56d329cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

Content-Encoding: gzip
ETag: "975526d94364cba29bc2a1f22c83a9cb"
Access-Control-Allow-Methods: GET
Date: Tue, 03 Dec 2024 00:06:41 GMT
Last-Modified: Mon, 25 Nov 2024 18:26:21 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
x-amz-id-2: ztTRW2wgesVTkAJyiTRSAK5cFo+zXnP4NwyVLv4mQfYiJecQvBEJAGZnYx80cBBRBq+9UyjhtX0=
Transfer-Encoding: chunked
Access-Control-Allow-Headers: *
Cache-Control: public, max-age=3600
Connection: keep-alive, Transfer-Encoding
x-amz-request-id: B9MV63HGJ70ZHAV5
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 fa36e680-7b0f-013a-530b-06abc14c0bc6 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 2463ms
40ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/fa36e680-7b0f-013a-530b-06abc14c0bc6?referer=
Requested by: Host: santamariatimes.com
URL: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 2486d5b616e01f356bef8a774debcbcd71a02fd4d4de8b2d44ed211b7f3cfa1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-request-id: GA2CCDBtCY72Q0uoPFjB
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 0f2d8944-087c-11ed-b0ec-67c16ac35017.jpg
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/custom/image/ 38 KB
38 KB 48ms
46ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/custom/image/0f2d8944-087c-11ed-b0ec-67c16ac35017.jpg?resize=2008%2C379

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1986648968954951ce23dc928777cbc984269c9a5755331bca30beb037a65e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "a7fa3825b40b9fa5982fa0bc6d6b28d9"
age: 114181
cf-cache-status: HIT
expires: Thu, 27 Nov 2025 19:02:05 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=64384
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: image/webp
content-disposition: inline; filename="0f2d8944-087c-11ed-b0ec-67c16ac35017.webp"
vary: Accept
last-modified: Wed, 20 Jul 2022 22:34:04 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe40846dbc7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 64d2e0ce-cbc3-11ec-be6c-eb2541a8ca8b.png
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/custom/image/ 18 KB
18 KB 42ms
42ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/custom/image/64d2e0ce-cbc3-11ec-be6c-eb2541a8ca8b.png?resize=2008%2C379

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75a07c671a2085f4454f3bcb08880e0b7adbd4555690d6e68b7d08f493154c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "d85ea4a1603e4b62f0fcf68bee33386b"
age: 114180
cf-cache-status: HIT
expires: Sun, 30 Nov 2025 12:05:22 GMT
cf-polished: origFmt=png, origSize=30202
date: Tue, 03 Dec 2024 00:06:39 GMT
content-type: image/webp
content-disposition: inline; filename="64d2e0ce-cbc3-11ec-be6c-eb2541a8ca8b.webp"
vary: Accept
last-modified: Wed, 04 May 2022 16:01:01 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe3f828dbc7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 58b7ffb8-cbc3-11ec-8f11-2b46b50a1da3.png
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/custom/image/ 6 KB
7 KB 36ms
36ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/custom/image/58b7ffb8-cbc3-11ec-8f11-2b46b50a1da3.png?resize=750%2C141

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3ef95248567c05a78a15257e76376b8d8e19ebf6be2ccae6abdb66c05d21a85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "d57ac1514a5190e45acd14c68d0d2d27"
age: 98077
cf-cache-status: HIT
expires: Thu, 20 Nov 2025 19:09:29 GMT
cf-polished: origFmt=png, origSize=9638
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: image/webp
content-disposition: inline; filename="58b7ffb8-cbc3-11ec-8f11-2b46b50a1da3.webp"
vary: Accept
last-modified: Wed, 04 May 2022 16:00:41 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe4588cdbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6488
server: cloudflare

GET
H2 200 14fcb69c-59a5-11eb-a31e-af41575a5c07.png
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/custom/image/ 4 KB
4 KB 36ms
36ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/custom/image/14fcb69c-59a5-11eb-a31e-af41575a5c07.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

518bc5ed35ae6c4865ac2144dfb2170377f5032f3fab1379a5979fbcd91700d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "6005ae98-100f"
age: 438756
cf-cache-status: HIT
expires: Thu, 27 Nov 2025 20:36:20 GMT
cf-polished: origFmt=png, origSize=4111
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: image/webp
content-disposition: inline; filename="14fcb69c-59a5-11eb-a31e-af41575a5c07.webp"
vary: Accept
last-modified: Mon, 18 Jan 2021 15:51:52 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe46890dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3722
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 226 KB
78 KB 339ms
32ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9976a4b90d3ae8d4b59ad7370bf572d8c7a3faa28844a7bceec55693fa01d3e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 03 Dec 2024 00:06:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 79605
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 176ms
26ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400|PT+Serif&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://santamariatimes.com
Referer: https://fonts.googleapis.com/

Response headers

age: 7638
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 21:59:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 21:59:23 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H2 200 serif-ds.woff2
santamariatimes.com/content/tncms/live/global/resources/images/ 26 KB
26 KB 666ms
666ms Font
application/font-woff2 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://santamariatimes.com/content/tncms/live/global/resources/images/serif-ds.woff2
Requested by: Host: santamariatimes.com
URL: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://santamariatimes.com
Referer: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html

Response headers

x-vcache: HIT
cache-control: public, max-age=600
etag: "6005aa80-6634"
age: 298
accept-ranges: bytes
content-length: 26164
date: Tue, 03 Dec 2024 00:01:43 GMT
last-modified: Mon, 18 Jan 2021 15:34:24 GMT
content-type: application/font-woff2

GET
H2 200 674a85b53399a.preview-699.jpg
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/eedition/3/2d/32db2a63-a5cc-5f65-9f1d-67399534bec7/ 6 KB
6 KB 136ms
134ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/eedition/3/2d/32db2a63-a5cc-5f65-9f1d-67399534bec7/674a85b53399a.preview-699.jpg?resize=98%2C200

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db089ca07d362f1b397ad52d9eea9d8d3d13d20b2d557339e8bc9ac2a499de4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "1f793573901fce5e84e540878e3baf12"
age: 214599
cf-cache-status: HIT
expires: Sun, 30 Nov 2025 08:02:21 GMT
cf-polished: qual=85, origFmt=jpeg, origSize=6204
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: image/webp
content-disposition: inline; filename="674a85b53399a.webp"
vary: Accept
last-modified: Sat, 30 Nov 2024 03:25:44 GMT
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe9bef2dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6134
server: cloudflare

GET
H2 200 674a85b53399a.preview-699.jpg
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/eedition/3/2d/32db2a63-a5cc-5f65-9f1d-67399534bec7/ 207 KB
208 KB 74ms
72ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/eedition/3/2d/32db2a63-a5cc-5f65-9f1d-67399534bec7/674a85b53399a.preview-699.jpg?resize=699%2C1430

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2755ec9fa95ecb139c45f161caea1ad36c722715f625cd5e3151a26c9426cc61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "94b84f8c836e038b376d750892d39368"
age: 216057
cf-cache-status: HIT
expires: Sun, 30 Nov 2025 08:02:21 GMT
cf-polished: degrade=85, origSize=215263, status=webp_bigger
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: image/jpeg
last-modified: Sat, 30 Nov 2024 03:25:44 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe9bef3dbc7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 674e029ec0698.image.jpg
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/f/e5/fe532666-b0de-11ef-a76d-77e70bd88e25/ 8 KB
8 KB 73ms
72ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/f/e5/fe532666-b0de-11ef-a76d-77e70bd88e25/674e029ec0698.image.jpg?resize=200%2C133

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faefa9845ae6dd39ac95ce3cade71c8fedb24e9453a820b4a348293a4b254cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "724201b4c9a61246573bac328a9b1a00"
age: 13666
cf-cache-status: HIT
expires: Tue, 02 Dec 2025 19:13:19 GMT
cf-polished: degrade=85, origSize=10977, status=webp_bigger
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: image/jpeg
last-modified: Mon, 02 Dec 2024 18:55:27 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe9bef4dbc7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 674dc91a83d7d.preview.jpg
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/d/a1/da1db8f0-ad15-11ef-8b3b-1babebcda56b/ 8 KB
8 KB 71ms
70ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/d/a1/da1db8f0-ad15-11ef-8b3b-1babebcda56b/674dc91a83d7d.preview.jpg?resize=200%2C133

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2965f6d0a1abdf4fb1ec9feac1c95d0930f23fa41f94bf541e412e77efa059ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "bc78d7439bb7e801bfb87d5a5142685e"
age: 28535
cf-cache-status: HIT
expires: Tue, 02 Dec 2025 14:55:11 GMT
cf-polished: degrade=85, origSize=10738, status=webp_bigger
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: image/jpeg
last-modified: Mon, 02 Dec 2024 14:50:02 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe9bef5dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7712
server: cloudflare

GET
H2 200 6744b81931188.preview.jpg
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/6/fa/6fa2d25b-2645-51c4-b99d-7468029f8b07/ 3 KB
3 KB 145ms
144ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/6/fa/6fa2d25b-2645-51c4-b99d-7468029f8b07/6744b81931188.preview.jpg?resize=200%2C35

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f15d4bd9d993862cb25dd4cff34a14b484ee80661315800bcac2a336358ce7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "106f781745bc76c1cd94b2fd109ea174"
age: 18634
cf-cache-status: HIT
expires: Tue, 02 Dec 2025 05:08:03 GMT
cf-polished: origSize=3171, status=webp_bigger
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 17:47:05 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe9bef6dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2888
server: cloudflare

GET
H2 200 668d8828b9de5.preview.jpg
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/b/e0/be007a7e-3e23-11ef-85b5-6b02b97d7599/ 8 KB
8 KB 143ms
142ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/b/e0/be007a7e-3e23-11ef-85b5-6b02b97d7599/668d8828b9de5.preview.jpg?resize=200%2C150

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74eecc45f3f5d1c8cc959ec3bcde1096786e3dc519936923af36347b952a84e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "120d21dc4dc88e5410abacc2d86a3ad7"
age: 12631307
cf-cache-status: HIT
expires: Wed, 09 Jul 2025 18:57:49 GMT
cf-polished: origSize=8740, status=webp_bigger
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: image/jpeg
last-modified: Tue, 09 Jul 2024 18:57:44 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe9bef7dbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8136
server: cloudflare

GET
H2 200 674e029ec0698.image.jpg
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/f/e5/fe532666-b0de-11ef-a76d-77e70bd88e25/ 5 KB
5 KB 163ms
163ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/f/e5/fe532666-b0de-11ef-a76d-77e70bd88e25/674e029ec0698.image.jpg?crop=1763%2C992%2C0%2C91&resize=150%2C84&order=crop%2Cresize

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa410df976d62fec8deed178e98cd85038f95232b7ff67c565e878a090f35aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "c8be7ef8bd3500f431e16a66574808de"
cf-cache-status: HIT
expires: Tue, 02 Dec 2025 19:19:13 GMT
cf-polished: degrade=85, origSize=7968, status=webp_bigger
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: image/jpeg
last-modified: Mon, 02 Dec 2024 18:55:27 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe9bef8dbc7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 674dc91a83d7d.preview.jpg
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/d/a1/da1db8f0-ad15-11ef-8b3b-1babebcda56b/ 4 KB
5 KB 383ms
383ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/d/a1/da1db8f0-ad15-11ef-8b3b-1babebcda56b/674dc91a83d7d.preview.jpg?crop=1763%2C992%2C0%2C91&resize=150%2C84&order=crop%2Cresize

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b2265e66042015eb118ebf9121747a36bd9e06e26c8ebaec2378149fbdbced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "f0586f6fb4aa12d9e41c06a2ffd85f0b"
cf-cache-status: HIT
expires: Tue, 02 Dec 2025 14:55:11 GMT
cf-polished: degrade=85, origSize=7626, status=webp_bigger
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: image/jpeg
last-modified: Mon, 02 Dec 2024 14:50:02 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe9bef9dbc7-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 6744b81931188.preview.jpg
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/6/fa/6fa2d25b-2645-51c4-b99d-7468029f8b07/ 4 KB
5 KB 135ms
134ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/6/fa/6fa2d25b-2645-51c4-b99d-7468029f8b07/6744b81931188.preview.jpg?crop=1072%2C603%2C1184%2C0&resize=150%2C84&order=crop%2Cresize

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e4ea4fe08c3e75d789d7d36e09d5af9dea53ad1769de22a7e57bdd702cad450

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "4d94cbc02caeb2581325ec76bd016f46"
age: 18632
cf-cache-status: HIT
expires: Tue, 02 Dec 2025 05:11:13 GMT
cf-polished: origSize=4884, status=webp_bigger
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: image/jpeg
last-modified: Mon, 25 Nov 2024 17:47:05 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe9befadbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4470
server: cloudflare

GET
H2 200 668d8828b9de5.preview.jpg
bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/b/e0/be007a7e-3e23-11ef-85b5-6b02b97d7599/ 5 KB
5 KB 135ms
135ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/santamariatimes.com/content/tncms/assets/v3/editorial/b/e0/be007a7e-3e23-11ef-85b5-6b02b97d7599/668d8828b9de5.preview.jpg?crop=600%2C338%2C0%2C56&resize=150%2C84&order=crop%2Cresize

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7683d332504696a198e897fe90f3e3cdb7ef53cc8fb9389ca26954822c43b48b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

x-robots-tag: noarchive
cf-bgj: imgq:85,h2pri
etag: "3004d0f229e4de9e4ed585370706c0d4"
age: 289049
cf-cache-status: HIT
expires: Wed, 09 Jul 2025 18:58:06 GMT
cf-polished: degrade=85, origSize=4927, status=webp_bigger
date: Tue, 03 Dec 2024 00:06:40 GMT
content-type: image/jpeg
last-modified: Tue, 09 Jul 2024 18:57:44 GMT
vary: Accept-Encoding
x-vcache: MISS
strict-transport-security: max-age=31536000
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
cf-ray: 8ebf4fe9befbdbc7-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4897
server: cloudflare

GET
H2 200 /
santamariatimes.com/tncms/csrf/token/ 0
0 519ms
519ms Fetch
text/html 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://santamariatimes.com/tncms/csrf/token/

Requested by

Host: santamariatimes.com
URL: https://santamariatimes.com/shared-content/art/tncms/api/csrf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.209 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.us-midwest-1.vip.tn-cloud.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html

Response headers

x-robots-tag: noarchive
content-encoding: gzip
age: 0
x-content-type-options: nosniff
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: text/html; charset=UTF-8
vary: X-IPCountry, Accept-Encoding
x-frame-options: SAMEORIGIN
x-vcache: MISS
strict-transport-security: max-age=31536000
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
x-tncms: 1.83.3; app10; 0.01s; 1.5M
content-security-policy: upgrade-insecure-requests
cache-control: private, no-cache, no-store, max-age=0
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
accept-ranges: bytes
content-length: 20
x-xss-protection: 1; mode=block

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/156500/13793/ 274 KB
87 KB 138ms
76ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1aa84d80aba2bc14029f0e99721c199f51cdaeb06a66aa9433f2bc4977a79f67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: max-age=138383
content-encoding: gzip
expires: Wed, 04 Dec 2024 14:33:04 GMT
accept-ranges: bytes
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 88884
date: Tue, 03 Dec 2024 00:06:41 GMT
last-modified: Mon, 15 Jul 2024 19:01:17 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 219 KB
77 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer&gtm=45He4bk0v72758733za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba54afe3b878ec6fba2fac4f8c34e08af78cdcd8b59187cb9d4a7374fa5d363d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 03 Dec 2024 00:06:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 78396
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 305 KB
86 KB 117ms
117ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer&gtm=45He4bk0v72758733za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb88f50aa535351d1922e2aa8ee26eabc9a22cf5c1e95e2babe1fa76d640e090

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 03 Dec 2024 00:06:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 88020
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 t Show response
jadserve.postrelease.com/ 393 B
674 B 1005ms
593ms Script
text/javascript 54.191.117.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fsantamariatimes.com%2Fentertainment%2Fjapan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight%2Farticle_33193fce-99c9-5be0-9d68-26f25a39bbc9.html&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.191.117.1 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-191-117-1.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 648bc7fc47553f2f65c156ae90bd312ebf18c63862c7d9b27b489cdfe7101976

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
pragma: no-cache
expires: Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin: *
content-length: 263
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 03 Dec 2024 00:06:42 GMT
content-type: text/javascript;charset=UTF-8
server: nginx

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
79 KB 143ms
142ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer&gtm=45He4bk0v833576328za200zb72758733

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer&gtm=45He4bk0v72758733za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc593d1a2f82f0252ce737384c233a81252a57a2c881ae724cf32a21933d94b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 03 Dec 2024 00:06:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81195
x-xss-protection: 0
server: Google Tag Manager

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 160ms
81ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsantamariatimes.com%2F&domain=santamariatimes.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://santamariatimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://santamariatimes.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 03 Dec 2024 00:06:41 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 213580
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
378 B 457ms
72ms Fetch
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsantamariatimes.com%2F&domain=santamariatimes.com&cw=1&lsw=1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
Referer: https://santamariatimes.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 191621
expires: 0
access-control-allow-origin: https://santamariatimes.com
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 194 B
668 B 328ms
17ms Fetch
application/json 162.19.138.117
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

cfe103cb575c16171ee932e2daae7d0bd56a88838f0e29e6d549c9b1b989faf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://santamariatimes.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://santamariatimes.com
p3p: CP="CAO PSA OUR"
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
319 B 168ms
54ms Fetch
application/json 108.128.75.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?c=17207
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.128.75.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-75-152.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://santamariatimes.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://santamariatimes.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 43
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: application/json;charset=utf-8
x-server: 10.45.5.107
server: Jetty(9.4.38.v20210224)

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
424 B 219ms
101ms Fetch
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8580c1b30909dcac2d7eaffcb6c00198a23d7206fcb79874eb745dff852e76d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://santamariatimes.com/

Response headers

cache-control: private
content-encoding: gzip
access-control-allow-credentials: true
expires: Thu, 02 Jan 2025 00:06:41 GMT
access-control-allow-origin: https://santamariatimes.com
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: application/json
vary: Origin, Accept-Encoding
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
104 KB 38ms
38ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer&gtm=45He4bk0v72758733za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ea6f1b25e62a96baf760614b1066baacc3e329dd708eb16c7d2f7d7e2ebdcf53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 03 Dec 2024 00:06:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106417
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 106 KB
30 KB 291ms
9ms Script
text/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: santamariatimes.com
URL: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c61fcc1401e2278735bea5d306ca0cc32b93ccdf62ec8179ed0c999545b5502b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

access-control-max-age: 3000
content-encoding: br
x-amz-version-id: cknvhRie0d.5LSRvFhB35AONaxh2m0FR
etag: W/"ca62e8a5580d4550920a84f5b7875661"
age: 50
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: -1oRpsYZHtNtTLkIdnPZe73vSFRn1AkUpAl2aviBILgdrRUyH9wPpA==
date: Tue, 03 Dec 2024 00:05:52 GMT
content-type: text/javascript; charset=utf-8
vary: accept-encoding
last-modified: Tue, 19 Nov 2024 19:35:36 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=120
via: 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 370 KB
123 KB 112ms
112ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3L8M8QVSCM&l=dataLayer&cx=c&gtm=45He4bk0v867863675za200zb833576328

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK6P9BW&l=dataLayer&gtm=45He4bk0v833576328za200zb72758733

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8f636701ed4425a91edc6cf05fe2beb685fb5c0320193cbfb2e6e64ae29a6962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 03 Dec 2024 00:06:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 125770
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 wl Show response
t.pubmatic.com/ 17 B
184 B 277ms
22ms Fetch
text/plain 185.64.190.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://t.pubmatic.com/wl?pubid=156500
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/x-www-form-urlencoded
Referer: https://santamariatimes.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://santamariatimes.com
content-length: 17
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: text/plain; charset=utf-8

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 82ms
22ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-4T2EB147B8&gtm=45je4bk0v887101457z8861227858za200zb861227858&_p=1733184400839&_gaz=1&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1900872903.1733184402&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=404%20Error&dl=https%3A%2F%2Fsantamariatimes.com%2Fentertainment%2Fjapan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight%2Farticle_33193fce-99c9-5be0-9d68-26f25a39bbc9.html&sid=1733184401&sct=1&seg=0&en=exception&_fv=1&_nsi=1&_ss=1&ep.content_type=article&ep.canonical_url=https%3A%2F%2Fsantamariatimes.com%2Fentertainment%2Fjapan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight%2Farticle_33193fce-99c9-5be0-9d68-26f25a39bbc9.html&ep.canonical_content_id=33193fce-99c9-5be0-9d68-26f25a39bbc9&ep.content_group=%2Fentertainment&epn.townnews_crm_group_id=370&ep.generator=BLOX&ep.generator_version=1.83.3&ep.description=404%3A%20404%20Error&ep.fatal=true&tfd=2747
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://santamariatimes.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
556 B 100ms
26ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4T2EB147B8&cid=1900872903.1733184402&gtm=45je4bk0v887101457z8861227858za200zb861227858&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c&gtm=45He4bk0v861227858za200zb72758733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://santamariatimes.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 66ms
30ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4T2EB147B8&cid=1900872903.1733184402&gtm=45je4bk0v887101457z8861227858za200zb861227858&aip=1&dma=1&dma_cps=syphamo&gcd=13l3lPl2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=305759698

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 03 Dec 2024 00:06:41 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 34ms
23ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3L8M8QVSCM&gtm=45je4bk0v9115082338z8867863675za200zb867863675&_p=1733184400839&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1900872903.1733184402&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dt=404%20Error&sid=1733184401&sct=1&seg=0&dl=https%3A%2F%2Fsantamariatimes.com%2Fentertainment%2Fjapan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight%2Farticle_33193fce-99c9-5be0-9d68-26f25a39bbc9.html&en=exception&_fv=1&_ss=1&ep.content_group=%2Fentertainment&ep.generator=BLOX&ep.generator_version=1.83.3&ep.fatal=true&ep.description=404%3A%20404%20Error&tfd=2796
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3L8M8QVSCM&l=dataLayer&cx=c&gtm=45He4bk0v867863675za200zb833576328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://santamariatimes.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
48 B 52ms
27ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3L8M8QVSCM&cid=1900872903.1733184402&gtm=45je4bk0v9115082338z8867863675za200zb867863675&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3L8M8QVSCM&l=dataLayer&cx=c&gtm=45He4bk0v867863675za200zb833576328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://santamariatimes.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
48ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3L8M8QVSCM&cid=1900872903.1733184402&gtm=45je4bk0v9115082338z8867863675za200zb867863675&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1316611653

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 03 Dec 2024 00:06:41 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 56 B
302 B 40ms
10ms Fetch
application/json 162.19.138.83
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

4e12de60ae02f84e71b5b05c2ca62ce6b1304c1dcda8d2d1e267283b3564b090

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://santamariatimes.com
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 429.json Show response
id5-sync.com/g/v2/ 251 B
450 B 15ms
14ms Fetch
application/json 162.19.138.117
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/429.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

6382a4c817467257f894643efe063d589126fb64cb86ca2b779504c2fd0b0af3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://santamariatimes.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://santamariatimes.com
date: Tue, 03 Dec 2024 00:06:41 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 10 KB
2 KB 38ms
16ms Fetch
application/json 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46311b08c6775f4a3598bec2532b2767d4c9ef866b8af6399e6cfa57079c4c38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: J6xG0q7LpAN08sdn9Kl4P8QPe085plre
etag: W/"9a459088a5d6405a19f4614acfb211d0"
age: 7033
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: oFOGqcpTplRit0SZLZBXz6toXbXcj0rRRYgyCIVj0AyFqb1PpdwiTw==
date: Mon, 02 Dec 2024 22:17:45 GMT
content-type: application/json; charset=utf-8
vary: accept-encoding
last-modified: Tue, 19 Nov 2024 19:35:38 GMT
x-amz-replication-status: COMPLETED
cache-control: public, max-age=10800
via: 1.1 e53a38d449135904e00f29f17c559950.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 tsub-middleware.bundle.c0f5511a001f780f591f.js Show response
cdn.segment.com/analytics-next/bundles/ 18 KB
6 KB 18ms
18ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/tsub-middleware.bundle.c0f5511a001f780f591f.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"f7b3d2021df83853b191aefa39a74b15"
x-amz-version-id: ot1syIPz_4SEEXctAcFzoJMAfu_hQEig
age: 11256142
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: gL7g1MNBms9sCXcf6MwCPmH9Yap7HqfqZ9kKvlQzb7xXYKdpDpbYoQ==
date: Thu, 25 Jul 2024 17:24:20 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 23 Jul 2024 22:02:58 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response
cdn.segment.com/analytics-next/bundles/ 9 KB
3 KB 16ms
16ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
x-amz-version-id: 7HrcoEDii4CJjqNCahwryaG4L.vk9kns
age: 6484750
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 3OfYap6JSFa7_ZcH3lWuuhJlem6u9aNOLnBlpfjrmnTfGUGSzfeS5g==
date: Wed, 18 Sep 2024 22:47:32 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Sep 2024 22:21:40 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 15ms
15ms Script
application/javascript 13.35.58.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.148 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-148.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

access-control-max-age: 3000
content-encoding: br
etag: W/"3867b2388b619ff7fddc29ef359fc9aa"
x-amz-version-id: u16VcQlfwBtHRZyWZ3J5lA.kF3ts0Fc8
age: 6648911
access-control-allow-methods: GET, HEAD
x-cache: Hit from cloudfront
x-amz-cf-id: 5HY0djkMNFNRA11CRvLU4NPbJfOIGstECUZrsM6MGMy6P_ulFIBXUQ==
date: Tue, 17 Sep 2024 01:11:31 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 16 Sep 2024 16:03:18 GMT
x-amz-replication-status: COMPLETED
cache-control: public,max-age=31536000,immutable
via: 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 topics.html
postrelease.com/iframes/ Frame 3A1A 0
0 626ms
225ms Document
text/html 52.36.224.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postrelease.com/iframes/topics.html
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.36.224.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-36-224-135.us-west-2.compute.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://santamariatimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 582
content-type: text/html
date: Tue, 03 Dec 2024 00:06:42 GMT
etag: "ec22fdd2cd0ccf11c7761864efa96c06"
last-modified: Fri, 15 Mar 2024 21:34:47 GMT
server: AmazonS3
x-amz-id-2: yAGudPO327H1M8+O+XmCtZaft9WmpP5QD4efqPHA5hABmKKhQ3oE1S+ei8IakCiqCHgixUVE3KU=
x-amz-request-id: X0RERDERAPPA2MQJ
x-amz-server-side-encryption: AES256

GET
H2 200 p Show response
i.simpli.fi/ 809 B
771 B 46ms
38ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=361747&cb=sifi_att_2873756030367682._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/fa36e680-7b0f-013a-530b-06abc14c0bc6?referer=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 0089f5a1b7eed8fb3cebedb532a14a6be84e3c9625f4bd92f404b14526bf0cc1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: openresty

GET
H2 200 icon.ico
santamariatimes.com/content/tncms/site/ 4 KB
4 KB 132ms
131ms Other
image/x-icon 192.104.182.209
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://santamariatimes.com/content/tncms/site/icon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.us-midwest-1.vip.tn-cloud.net
Software: /
Resource Hash: a50b662f2edb1a3a83262d38ec53d67b401eb01623cfa667a329c56e1276a07a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html

Response headers

x-vcache: HIT
cache-control: public, max-age=43200
etag: "51f13399-e36"
age: 36936
accept-ranges: bytes
content-length: 3638
date: Mon, 02 Dec 2024 13:51:07 GMT
last-modified: Thu, 25 Jul 2013 14:18:01 GMT
content-type: image/x-icon

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=50558CA1EDA2468E93FDC34C4D882898

0
236 B

116ms
43ms

Image
text/plain

2600:9000:211e:a00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=50558CA1EDA2468E93FDC34C4D882898
Protocol: H2
Server: 2600:9000:211e:a00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
cache-control: no-cache, must-revalidate
x-cache: Miss from cloudfront
x-amz-cf-id: PfX6OoM8vIL5JfyXm3uO4yAyAOgE18ZoajBTZUaLT8mhDol3uvuV9g==
date: Tue, 03 Dec 2024 00:06:43 GMT
x-amz-cf-pop: FRA56-C2
server: CloudFront

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=50558CA1EDA2468E93FDC34C4D882898
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 02 Dec 2024 00:06:43 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

RX-3827a26a-6839-4254-9d97-0f6579edf016-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/50558CA1EDA2468E93FDC34C4D882898
https://sync.1rx.io/usersync/simplifi/50558CA1EDA2468E93FDC34C4D882898?zcc=1&cb=1733184403659
https://sync.targeting.unrulymedia.com/csync/RX-3827a26a-6839-4254-9d97-0f6579edf016-003

43 B
378 B

125ms
34ms

Image
image/gif

46.228.174.117
Amobee NEXXEN GRO...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-3827a26a-6839-4254-9d97-0f6579edf016-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Tue, 03 Dec 2024 00:06:44 GMT
content-length: 43

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-3827a26a-6839-4254-9d97-0f6579edf016-003
date: Tue, 03 Dec 2024 00:06:44 GMT
pragma: no-cache
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=50558CA1EDA2468E93FDC34C4D882898&dongle=yf3

37 B
140 B

169ms
70ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=50558CA1EDA2468E93FDC34C4D882898&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://eb2.3lift.com/xuid?mid=7969&xuid=50558CA1EDA2468E93FDC34C4D882898&dongle=yf3
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 02 Dec 2024 00:06:43 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=50558CA1EDA2468E93FDC34C4D882898

43 B
175 B

475ms
227ms

Image
image/gif

2600:1f18:612b:4216:1096:6c9a:d23d:5db6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=50558CA1EDA2468E93FDC34C4D882898
Protocol: H2
Server: 2600:1f18:612b:4216:1096:6c9a:d23d:5db6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: image/gif
server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://simplifi.partners.tremorhub.com/sync?UISF=50558CA1EDA2468E93FDC34C4D882898
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 02 Dec 2024 00:06:43 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=50558CA1EDA2468E93FDC34C4D882898
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=50558CA1EDA2468E93FDC34C4D882898

95 B
427 B

42ms
41ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=50558CA1EDA2468E93FDC34C4D882898

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

strict-transport-security: max-age=31536000
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=50558CA1EDA2468E93FDC34C4D882898
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Tue, 03 Dec 2024 00:06:43 GMT
server: Jetty(11.0.13)

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=50558CA1EDA2468E93FDC34C4D882898
https://d.agkn.com/pixel/10751/?che=1733184403628&ip=81.95.5.39&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219583205085000008855
https://um.simpli.fi/aa_px?sk=219583205085000008855
https://um.simpli.fi/empty.gif

43 B
361 B

270ms
270ms

Image
image/gif

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 43
date: Tue, 03 Dec 2024 00:06:44 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
location: /empty.gif
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 142
date: Tue, 03 Dec 2024 00:06:44 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=50558CA1EDA2468E93FDC34C4D882898

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 101ms
100ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 02 Dec 2024 00:06:43 GMT
access-control-allow-origin: *
content-length: 43
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 100ms
99ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 02 Dec 2024 00:06:43 GMT
access-control-allow-origin: *
content-length: 43
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

getuid
sync.smartadserver.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=50558CA1EDA2468E93FDC34C4D882898;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=50558CA1EDA2468E93FDC34C4D882898;mimetype=img;sr
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid]
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1

0
44 B

35ms
35ms

Image
text/plain

81.17.55.97
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Protocol: H2
Server: 81.17.55.97 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 LeaseWeb Netherlands B.V., NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

date: Tue, 03 Dec 2024 00:06:42 GMT
content-length: 0

Redirect headers

cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Tue, 03 Dec 2024 00:06:43 GMT
pragma: no-cache

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=50558CA1EDA2468E93FDC34C4D882898&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=50558CA1EDA2468E93FDC34C4D882898&j=0&xl8blockcheck=1

0
767 B

52ms
52ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=50558CA1EDA2468E93FDC34C4D882898&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: no-cache
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Tue, 03 Dec 2024 00:06:43 GMT
x-powered-by: Undertow/1
server: nginx
access-control-allow-credentials: true

Redirect headers

cache-control: no-cache
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=50558CA1EDA2468E93FDC34C4D882898&j=0&xl8blockcheck=1
access-control-allow-credentials: true
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: image/gif
x-powered-by: Undertow/1
server: nginx

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 103ms
102ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 02 Dec 2024 00:06:43 GMT
access-control-allow-origin: *
content-length: 43
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=50558CA1EDA2468E93FDC34C4D882898

0
421 B

468ms
115ms

Image
text/plain

3.219.153.34
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=50558CA1EDA2468E93FDC34C4D882898
Protocol: HTTP/1.1
Server: 3.219.153.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-153-34.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

Date: Tue, 03 Dec 2024 00:06:43 GMT
Connection: keep-alive

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://sync.bfmio.com/sync?pid=141&uid=50558CA1EDA2468E93FDC34C4D882898
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 02 Dec 2024 00:06:43 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=50558CA1EDA2468E93FDC34C4D882898

0
0

GET
H2

404

tpid=50558CA1EDA2468E93FDC34C4D882898
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=50558CA1EDA2468E93FDC34C4D882898

49 B
264 B

59ms
51ms

Image
image/gif

108.128.75.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=50558CA1EDA2468E93FDC34C4D882898
Protocol: H2
Server: 108.128.75.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-75-152.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: image/gif
x-server: 10.45.26.14
server: Jetty(9.4.38.v20210224)

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=50558CA1EDA2468E93FDC34C4D882898
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 02 Dec 2024 00:06:43 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=50558CA1EDA2468E93FDC34C4D882898

0
223 B

173ms
54ms

Image
text/plain

52.31.142.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=50558CA1EDA2468E93FDC34C4D882898
Protocol: H2
Server: 52.31.142.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-142-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 03 Dec 2024 00:06:43 GMT
pragma: no-cache
vary: Accept-Encoding
x-merge: GDPR Optout true

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://ce.lijit.com/merge?pid=2&3pid=50558CA1EDA2468E93FDC34C4D882898
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 02 Dec 2024 00:06:43 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=50558CA1EDA2468E93FDC34C4D882898

0
98 B

222ms
39ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=50558CA1EDA2468E93FDC34C4D882898
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 03 Dec 2024 00:06:43 GMT

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://idsync.rlcdn.com/419566.gif?partner_uid=50558CA1EDA2468E93FDC34C4D882898
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 02 Dec 2024 00:06:43 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1733184403342&cv=7&fst=1733184403342&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1912408135&cv=7&fst=1733184403342&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1912408135&cv=7&fst=1733184403342&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHD...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1912408135&cv=7&fst=1733184403342&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDs...

42 B
64 B

41ms
41ms

Image
image/gif

142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1912408135&cv=7&fst=1733184403342&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMI4YbQhaeKigMVILD9Bx3DIxBDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3NhbnRhbWFyaWF0aW1lcy5jb20v&is_vtc=1&cid=CAQSGwCa7L7d3Tcdg2oy4TACch_fKWJssj2u-BkjNA&random=350656056&ipr=y

Protocol

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 03 Dec 2024 00:06:43 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1912408135&cv=7&fst=1733184403342&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAg&pscrd=IhMI4YbQhaeKigMVILD9Bx3DIxBDMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3NhbnRhbWFyaWF0aW1lcy5jb20v&is_vtc=1&cid=CAQSGwCa7L7d3Tcdg2oy4TACch_fKWJssj2u-BkjNA&random=350656056&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 03 Dec 2024 00:06:43 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 139ms
138ms Image
text/plain 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:06:43 GMT
x-content-type-options: nosniff

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=50558CA1EDA2468E93FDC34C4D882898
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D50558CA1EDA2468E93FDC34C4D882898

43 B
1 KB

290ms
290ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D50558CA1EDA2468E93FDC34C4D882898

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.39; 81.95.5.39; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: e0007bb3-e267-4632-8a35-b28bd633b7af
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 03 Dec 2024 00:06:43 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D50558CA1EDA2468E93FDC34C4D882898
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 81.95.5.39; 81.95.5.39; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: b3f89a0e-eb73-4af3-a55e-e0ff64ce3ffe
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Tue, 03 Dec 2024 00:06:43 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=50558CA1EDA2468E93FDC34C4D882898&expires=365

0
239 B

325ms
232ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=50558CA1EDA2468E93FDC34C4D882898&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 579d6dd278f76ae39d067788043e4297
Pragma: no-cache
Content-Type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=50558CA1EDA2468E93FDC34C4D882898&expires=365
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 02 Dec 2024 00:06:43 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=50558CA1EDA2468E93FDC34C4D882898

43 B
286 B

338ms
188ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=50558CA1EDA2468E93FDC34C4D882898
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 81.95.5.39
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 03 Dec 2024 00:06:42 GMT
content-type: image/gif
vary: Accept
server: OXGW/0.0.0

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=50558CA1EDA2468E93FDC34C4D882898
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Mon, 02 Dec 2024 00:06:43 GMT
access-control-allow-origin: *
content-length: 142
date: Tue, 03 Dec 2024 00:06:43 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 141ms
68ms Image
image/png 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://santamariatimes.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Tue, 03 Dec 2024 00:06:43 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=50558CA1EDA2468E93FDC34C4D882898

Domain: stags.bluekai.com
URL: https://stags.bluekai.com/site/29931?id=50558CA1EDA2468E93FDC34C4D882898

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.santamariatimes.com/	1970-01-21 05:45:36	Name: _pubcid Value: 42439854-0ae4-41ff-9d1d-ed37b90939fc
.santamariatimes.com/	1970-01-21 05:45:36	Name: _pubcid_cst Value: zix7LPQsHA%3D%3D
.santamariatimes.com/	1969-12-31 23:59:59	Name: tncms_csrf_token Value: b57bd464a0ae286a9b7b6c81a26f5f6b210d5e12e22ceeb4cc648d56b77c4b5e.859cb271db7777ef7902
santamariatimes.com/	1970-01-21 02:52:48	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-12-03T00%3A06%3A41%22%7D
santamariatimes.com/	1970-01-21 02:52:48	Name: pbjs-unifiedid_cst Value: zix7LPQsHA%3D%3D
.santamariatimes.com/	1970-01-21 11:02:24	Name: _ga_4T2EB147B8 Value: GS1.1.1733184401.1.0.1733184401.60.0.0
.santamariatimes.com/	1970-01-21 11:02:24	Name: _ga Value: GA1.1.1900872903.1733184402
.santamariatimes.com/	1970-01-21 11:02:24	Name: _ga_3L8M8QVSCM Value: GS1.1.1733184401.1.0.1733184401.60.0.0
.id5-sync.com/	1970-01-21 03:36:00	Name: id5 Value: d7a5982c-e69d-7dc3-936d-18b1fb3806ea#1733184401783#1
.santamariatimes.com/	1970-01-21 10:12:00	Name: ajs_anonymous_id Value: 417d7076-1b0c-43f4-bb04-02c10d8ecb30
.postrelease.com/	1970-01-21 10:12:00	Name: opt_out Value: 1
.simpli.fi/	1970-01-21 10:13:26	Name: suid Value: 50558CA1EDA2468E93FDC34C4D882898
.simpli.fi/	1970-01-21 01:36:29	Name: uid_syncd_secure Value: true
.tapad.com/	1970-01-21 02:52:48	Name: TapAd_TS Value: 1733184403575
.tapad.com/	1970-01-21 02:52:48	Name: TapAd_DID Value: 8bddaf69-b70c-47e2-871d-6d278edba029
.tapad.com/	1970-01-21 02:52:48	Name: TapAd_3WAY_SYNCS Value:
.1rx.io/	1970-01-21 10:12:00	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3827a26a-6839-4254-9d97-0f6579edf016-003%22%7D
.doubleclick.net/	1970-01-21 01:26:25	Name: test_cookie Value: CheckForPermission
.pro-market.net/	1970-01-21 05:45:36	Name: anProfile Value: "-1nm50uhobji9z+1+1f=1+1g=1+1j=41+rs=s+rt=2A0104A0002B00000000000000000010+s2=(snw5n7)+vm=24-50558CA1EDA2468E93FDC34C4D882898"
.pro-market.net/	1970-01-21 02:09:36	Name: anHistory Value: "-1nm50uhobji9z+2+!#6wM%k!bLQ"
.adnxs.com/	1970-01-21 03:36:00	Name: XANDR_PANID Value: iDbiEjW0oLEZde-Iq5fMCEvw43qhKTZOtJwPBWs3kIh5YUgFzzHFk10WOqU6GOgnlAYfaBjaHTXwpNBjoq5wRoCvg3PtNlAvAg5kRpISqVg.
.adnxs.com/	1970-01-21 11:02:24	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:36:00	Name: uuid2 Value: 15133764450890732
.exelator.com/	1970-01-21 04:19:12	Name: EE Value: "578ae6c329aa1b3d54408419f3444351"
.agkn.com/	1970-01-21 10:12:00	Name: ab Value: 0001%3A0M6lsvmTXlBRWIkH1bpmx%2B%2F7iKKohPqW
.exelator.com/	1970-01-21 04:19:12	Name: ud Value: "eJxrXxzq6XKLQcHU3CIx1SzZ2MgyMdEwyTjF1MTEwMLE0DLN2MTExNjUcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYcEl%252BUWb6IhfXxUUpaQyLSopPBZ888gYAZ8IqSQ%253D%253D"
.bfmio.com/	1970-01-21 10:12:00	Name: __141_cid Value: 50558CA1EDA2468E93FDC34C4D882898
.bfmio.com/	1970-01-21 10:12:00	Name: __io_cid Value: ebd4630f9e620dba98bc795e6aa503886a12d6a9
.adnxs.com/	1970-01-21 03:36:00	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2GU%m8?sl!]tbPl1N!7On*M$=BX/sjG?DliIuJdiI)<QdY`+jh/NEle:e+NdW]G5iV'D7tY[ZL/X%W#.wL4W1Qw2$7Z_nX
.targeting.unrulymedia.com/	1970-01-21 10:12:00	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3827a26a-6839-4254-9d97-0f6579edf016-003%22%7D
.agkn.com/	1970-01-21 10:12:00	Name: u Value: C\|0AAAAAAAALuEIFAAAAAAA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://santamariatimes.com/entertainment/japan-is-rich-but-many-of-its-children-are-poor-a-film-documents-the-plight/article_33193fce-99c9-5be0-9d68-26f25a39bbc9.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://stags.bluekai.com/site/29931?id=50558CA1EDA2468E93FDC34C4D882898 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=50558CA1EDA2468E93FDC34C4D882898 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=50558CA1EDA2468E93FDC34C4D882898 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.pubmatic.com
bcp.crwdcntrl.net
bloximages.chicago2.vip.townnews.com
cdn.segment.com
ce.lijit.com
cm.g.doubleclick.net
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.simpli.fi
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
loadm.exelator.com
match.adsrvr.org
pixel.rubiconproject.com
pixel.tapad.com
postrelease.com
region1.analytics.google.com
s.ad.smaato.net
s.ntv.io
santamariatimes.com
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
t.pubmatic.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
stags.bluekai.com
sync.intentiq.com
104.16.133.24
108.128.75.152
13.248.245.213
13.35.58.148
142.250.181.226
142.250.181.227
142.250.185.131
142.250.185.163
142.250.185.226
142.250.186.100
142.250.186.34
142.250.186.40
162.19.138.117
162.19.138.83
185.64.190.82
185.89.210.153
192.104.182.209
2001:4860:4802:34::36
23.35.236.201
23.53.42.121
2600:1901:0:8eee::
2600:1f18:612b:4216:1096:6c9a:d23d:5db6
2600:9000:211e:a00:1b:5138:8a40:93a1
2a00:1450:4001:80e::200a
2a00:1450:4001:828::2008
2a00:1450:400c:c0a::9b
2a02:2638:3::c
3.219.153.34
3.67.22.240
34.111.113.62
35.204.74.118
35.204.89.238
35.244.159.8
35.244.174.68
35.71.131.137
46.228.174.117
52.16.237.161
52.31.142.223
52.36.224.135
54.191.117.1
54.78.254.47
69.173.144.138
81.17.55.97
0089f5a1b7eed8fb3cebedb532a14a6be84e3c9625f4bd92f404b14526bf0cc1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
1a77010a20c4a6611c4230df5afe003914255a35909daabaaa5a8f0427c73eec
1aa84d80aba2bc14029f0e99721c199f51cdaeb06a66aa9433f2bc4977a79f67
2486d5b616e01f356bef8a774debcbcd71a02fd4d4de8b2d44ed211b7f3cfa1d
252904bb838e1fb52a44c23792b4f5395783fae0ce1e9fa1d02f307c7657d1b6
2755ec9fa95ecb139c45f161caea1ad36c722715f625cd5e3151a26c9426cc61
2965f6d0a1abdf4fb1ec9feac1c95d0930f23fa41f94bf541e412e77efa059ab
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
421944cfcb82db447af1669be631f6e474df45749095e807d518e69e56d329cc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448e1a4179ffa476609ed1e8909867082486239c06fb2e277f7843e3269d427b
46311b08c6775f4a3598bec2532b2767d4c9ef866b8af6399e6cfa57079c4c38
4908103eb097a575d25aecab0b105c51313e35ce211bb70d82ea0ce6e75ed2b3
4b093bf8fe11ce768e5543697030a064da71b347431594daf7efb86f94a201c0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4dc723b7dd6602e39eb50fa74c7df276cb468805f5fae7450b00b8a568973a09
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e12de60ae02f84e71b5b05c2ca62ce6b1304c1dcda8d2d1e267283b3564b090
518bc5ed35ae6c4865ac2144dfb2170377f5032f3fab1379a5979fbcd91700d8
52b2265e66042015eb118ebf9121747a36bd9e06e26c8ebaec2378149fbdbced
557c67c76c13a84e8b483ee1a0dfdd807399d960909266e7c6a83ddfadca9c81
6382a4c817467257f894643efe063d589126fb64cb86ca2b779504c2fd0b0af3
648bc7fc47553f2f65c156ae90bd312ebf18c63862c7d9b27b489cdfe7101976
64d2ce701b1f0b1d910bff7f252ae7a53d5f90cf3efb970163811c757b889d57
69316bde85428108020829bb1b79e145922a983b6f5ba55c74c82f6f46de9938
7136c66ee0037c19d886ae33c804a00e61ea5f4a8850cff98c88c54e4263fa51
74eecc45f3f5d1c8cc959ec3bcde1096786e3dc519936923af36347b952a84e5
75a07c671a2085f4454f3bcb08880e0b7adbd4555690d6e68b7d08f493154c30
7683d332504696a198e897fe90f3e3cdb7ef53cc8fb9389ca26954822c43b48b
7e4ea4fe08c3e75d789d7d36e09d5af9dea53ad1769de22a7e57bdd702cad450
7f4049e8923ddb3b759697aebae3d69181b42fa677abba4d875f4a1ba7beff89
8580c1b30909dcac2d7eaffcb6c00198a23d7206fcb79874eb745dff852e76d3
8b8506928501a437418ca18498b5fcbd474b0c4bfc96b438bc9e09baa53adce5
8cf6f020c4fe1dfc77d6ad29dfe4c4591e317d397baf3ee31edaf44ce3da098a
8f15d4bd9d993862cb25dd4cff34a14b484ee80661315800bcac2a336358ce7d
8f636701ed4425a91edc6cf05fe2beb685fb5c0320193cbfb2e6e64ae29a6962
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
97210a6f3bb5fd736f839127b138eb7a7786cde64d5983b53743cb6816d7079e
9976a4b90d3ae8d4b59ad7370bf572d8c7a3faa28844a7bceec55693fa01d3e1
9fe769bfc93145d27bc2efa853ca49895d7a44af9c5dd2566c3233b66c9d14b4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1986648968954951ce23dc928777cbc984269c9a5755331bca30beb037a65e9
a50b662f2edb1a3a83262d38ec53d67b401eb01623cfa667a329c56e1276a07a
a60186cc7771c2e4172960196eee53d0ff7464fb813539486122bb113743f7dd
a69ce83f86f2e80772d4e867c6d46d9aac905c7554a9300222eefa80e34c24bf
a8dd5310f1564e14e30c03c9c260a31c490ce92ac9b5123d50dc2af9193a485f
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa410df976d62fec8deed178e98cd85038f95232b7ff67c565e878a090f35aa1
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
b07d02c8ede625dd16b97254a7d58fb54d63c5906d0c9390a494998d99d495ba
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
ba54afe3b878ec6fba2fac4f8c34e08af78cdcd8b59187cb9d4a7374fa5d363d
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c61fcc1401e2278735bea5d306ca0cc32b93ccdf62ec8179ed0c999545b5502b
cb88f50aa535351d1922e2aa8ee26eabc9a22cf5c1e95e2babe1fa76d640e090
cf3e21aad61783d6e6908e5631c43656c05a34a9c7f64eab44dcd7fc58562aa8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe103cb575c16171ee932e2daae7d0bd56a88838f0e29e6d549c9b1b989faf5
db089ca07d362f1b397ad52d9eea9d8d3d13d20b2d557339e8bc9ac2a499de4c
dc593d1a2f82f0252ce737384c233a81252a57a2c881ae724cf32a21933d94b1
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ef95248567c05a78a15257e76376b8d8e19ebf6be2ccae6abdb66c05d21a85
ea6f1b25e62a96baf760614b1066baacc3e329dd708eb16c7d2f7d7e2ebdcf53
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
faefa9845ae6dd39ac95ce3cade71c8fedb24e9453a820b4a348293a4b254cbe
fe9d3c399cfab2beae377ccb7ebd0e90cc65bd98aa0172e82e21e4cdb57ef597

santamariatimes.com Open in urlscan Pro 192.104.182.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

98 Requests

82 %HTTPS

19 %IPv6

37 Domains

47 Subdomains

38 IPs

8 Countries

1619 kBTransfer

4162 kBSize

31 Cookies

11 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

santamariatimes.com Open in urlscan Pro
192.104.182.209 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

82 %
HTTPS

19 %
IPv6

37
Domains

47
Subdomains

38
IPs

8
Countries

1619 kB
Transfer

4162 kB
Size

31
Cookies

98 HTTP transactions
1 data transactions