www.phoenixnewtimes.com Open in urlscan Pro
2606:4700:20::681a:f67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.phoenixnewtimes.com/click/29979210.4774/aHR0cHM6Ly93d3cucGhvZW5peG5ld3RpbWVzLmNvbS9ldmVudC9kYXRlLXBhY2thZ2UtaW1tZXJz...
Effective URL:
https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Submission: On December 19 via manual (December 19th 2022, 7:25:57 pm UTC) from CA — Scanned from CA

Summary HTTP 128 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 48 IPs in 2 countries across 37 domains to perform 128 HTTP transactions. The main IP is 2606:4700:20::681a:f67, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.phoenixnewtimes.com. The Cisco Umbrella rank of the primary domain is 498974.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 8th 2022. Valid for: a year.

This is the only time www.phoenixnewtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.20.71.201 107.20.71.201	14618 (AMAZON-AES) (AMAZON-AES)
23	2606:4700:20:... 2606:4700:20::681a:f67	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:816::200a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:207... 2600:9000:2073:3000:c:b42a:3740:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.84.210.36 99.84.210.36	16509 (AMAZON-02) (AMAZON-02)
1 3	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	99.84.208.86 99.84.208.86	16509 (AMAZON-02) (AMAZON-02)
1	23.220.188.182 23.220.188.182	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
2	2606:2800:220... 2606:2800:220:131d:1d30:1f1d:238b:1e56	15133 (EDGECAST) (EDGECAST)
5	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2199:c600:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800b... 2620:116:800b:21:c1e8:5385:5098:6bf0	14618 (AMAZON-AES) (AMAZON-AES)
1	54.203.48.28 54.203.48.28	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3036::ac43:8a2c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
2	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9b	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
4	2606:4700:10:... 2606:4700:10::6816:858	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:b19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	68.67.160.75 68.67.160.75	29990 (ASN-APPNEX) (ASN-APPNEX)
1 9	54.187.93.46 54.187.93.46	16509 (AMAZON-02) (AMAZON-02)
3 6	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 2	8.28.7.83 8.28.7.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
2 3	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3 3	199.127.204.171 199.127.204.171	26120 (RHYTHMONE) (RHYTHMONE)
1 2	199.187.193.192 199.187.193.192	47043 (SMARTADSE...) (SMARTADSERVER)
1	2600:9000:208... 2600:9000:208f:2e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.212.226.157 44.212.226.157	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:823::200d	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
5	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
2	52.54.160.235 52.54.160.235	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.204.220.204 54.204.220.204	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.229.38.178 3.229.38.178	14618 (AMAZON-AES) (AMAZON-AES)
1	34.193.160.212 34.193.160.212	14618 (AMAZON-AES) (AMAZON-AES)
2 2	3.218.90.66 3.218.90.66	14618 (AMAZON-AES) (AMAZON-AES)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	34.223.191.1 34.223.191.1	16509 (AMAZON-02) (AMAZON-02)
128	48

1 107.20.71.201 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-71-201.compute-1.amazonaws.com

link.phoenixnewtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2606:4700:20::681a:f67 (United States)

ASN13335 (CLOUDFLARENET, US)

www.phoenixnewtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media2.phoenixnewtimes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:816::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2073:3000:c:b42a:3740:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:809::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.210.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-210-36.iad79.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.208.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-208-86.iad79.r.cloudfront.net

api.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.220.188.182 (Atlanta, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-220-188-182.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81f::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2199:c600:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.203.48.28 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-48-28.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3036::ac43:8a2c (United States)

ASN13335 (CLOUDFLARENET, US)

rddywd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.166 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:858 (United States)

ASN13335 (CLOUDFLARENET, US)

www.pelcro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.160.75 (New York, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.187.93.46 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-93-46.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.28.7.83 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.246.49 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.127.204.171 (United States) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.187.193.192 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:208f:2e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.212.226.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-226-157.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:823::200d (Nutley, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.160.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-160-235.compute-1.amazonaws.com

psp.pushnami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.204.220.204 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-220-204.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.38.178 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-38-178.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.160.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-160-212.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.218.90.66 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.223.191.1 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-191-1.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	phoenixnewtimes.com 1 redirects link.phoenixnewtimes.com www.phoenixnewtimes.com — Cisco Umbrella Rank: 498974 media2.phoenixnewtimes.com — Cisco Umbrella Rank: 568428	3 MB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	253 KB
11	ad.gt 1 redirects a.ad.gt — Cisco Umbrella Rank: 3631 p.ad.gt — Cisco Umbrella Rank: 4335 ids.ad.gt — Cisco Umbrella Rank: 3201	19 KB
8	google.com apis.google.com — Cisco Umbrella Rank: 92 adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 71	61 KB
8	adsrvr.org 3 redirects js.adsrvr.org — Cisco Umbrella Rank: 1410 match.adsrvr.org — Cisco Umbrella Rank: 315 insight.adsrvr.org — Cisco Umbrella Rank: 596	10 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 982 q.stripe.com — Cisco Umbrella Rank: 6290 m.stripe.com — Cisco Umbrella Rank: 976	101 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	6 KB
6	pelcro.com js.pelcro.com — Cisco Umbrella Rank: 69505 www.pelcro.com — Cisco Umbrella Rank: 69433	225 KB
6	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 365 fonts.googleapis.com — Cisco Umbrella Rank: 37 www.googleapis.com — Cisco Umbrella Rank: 21	184 KB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	233 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	282 KB
5	adnxs.com 2 redirects acdn.adnxs.com — Cisco Umbrella Rank: 576 ib.adnxs.com — Cisco Umbrella Rank: 210 secure.adnxs.com — Cisco Umbrella Rank: 414	37 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	82 KB
4	pushnami.com api.pushnami.com — Cisco Umbrella Rank: 5118 psp.pushnami.com — Cisco Umbrella Rank: 19480	63 KB
3	tapad.com 3 redirects pixel.tapad.com — Cisco Umbrella Rank: 409	792 B
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 740 syndication.twitter.com — Cisco Umbrella Rank: 1034	133 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
3	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 3356 cds.connatix.com — Cisco Umbrella Rank: 3433	275 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1099	17 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	623 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1329 beacon.krxd.net — Cisco Umbrella Rank: 559	219 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 204	2 KB
2	smartadserver.com 1 redirects sync.smartadserver.com — Cisco Umbrella Rank: 1433	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 497	1 KB
2	openx.net 2 redirects u.openx.net — Cisco Umbrella Rank: 653	459 B
2	pubmatic.com 2 redirects image2.pubmatic.com — Cisco Umbrella Rank: 852	623 B
2	google.ca adservice.google.ca — Cisco Umbrella Rank: 14299 www.google.ca — Cisco Umbrella Rank: 9048	1 KB
2	rddywd.com rddywd.com — Cisco Umbrella Rank: 123026	1 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 939 pixel.quantserve.com — Cisco Umbrella Rank: 666	10 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	9 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1227	201 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 868	632 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	627 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 3170	11 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	701 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1412	15 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	75 KB
128	37

	Domain	Requested by
22	www.phoenixnewtimes.com	www.phoenixnewtimes.com
9	ids.ad.gt	1 redirects www.phoenixnewtimes.com
9	pagead2.googlesyndication.com	www.phoenixnewtimes.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	www.facebook.com	www.phoenixnewtimes.com connect.facebook.net
5	match.adsrvr.org	3 redirects js.adsrvr.org
5	connect.facebook.net	www.phoenixnewtimes.com connect.facebook.net
4	www.pelcro.com	js.pelcro.com
4	maps.googleapis.com	www.phoenixnewtimes.com maps.googleapis.com
3	q.stripe.com	www.phoenixnewtimes.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	js.stripe.com	js.pelcro.com js.stripe.com
3	accounts.google.com	apis.google.com www.phoenixnewtimes.com www.gstatic.com
3	cm.g.doubleclick.net	2 redirects www.phoenixnewtimes.com
3	pixel.tapad.com	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.phoenixnewtimes.com www.google-analytics.com www.googletagmanager.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	ups.analytics.yahoo.com	2 redirects
2	dpm.demdex.net	2 redirects
2	psp.pushnami.com	api.pushnami.com
2	www.google.com	www.phoenixnewtimes.com tpc.googlesyndication.com
2	sync.smartadserver.com	1 redirects www.phoenixnewtimes.com
2	sync.1rx.io	2 redirects
2	u.openx.net	2 redirects
2	image2.pubmatic.com	2 redirects
2	secure.adnxs.com	2 redirects
2	ib.adnxs.com	acdn.adnxs.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	rddywd.com	www.phoenixnewtimes.com
2	apis.google.com	www.phoenixnewtimes.com apis.google.com
2	platform.twitter.com	www.phoenixnewtimes.com platform.twitter.com
2	api.pushnami.com	www.phoenixnewtimes.com api.pushnami.com
2	cds.connatix.com	www.phoenixnewtimes.com cd.connatix.com
2	js.adsrvr.org	www.phoenixnewtimes.com insight.adsrvr.org
2	cdn.jsdelivr.net	www.phoenixnewtimes.com
2	js.pelcro.com	www.phoenixnewtimes.com js.pelcro.com
1	m.stripe.com	m.stripe.network
1	beacon.krxd.net	js.adsrvr.org
1	usermatch.krxd.net	1 redirects
1	insight.adsrvr.org	js.adsrvr.org
1	pixel.quantserve.com	www.phoenixnewtimes.com
1	www.gstatic.com	accounts.google.com
1	www.google.ca	www.phoenixnewtimes.com
1	ping.chartbeat.net	www.phoenixnewtimes.com
1	rules.quantcount.com	secure.quantserve.com
1	sync.targeting.unrulymedia.com	1 redirects
1	p.ad.gt	a.ad.gt
1	cdn.hadronid.net	a.ad.gt
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.ca	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	syndication.twitter.com	platform.twitter.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleapis.com	www.phoenixnewtimes.com
1	a.ad.gt	www.phoenixnewtimes.com
1	secure.quantserve.com	www.phoenixnewtimes.com
1	static.chartbeat.com	www.phoenixnewtimes.com
1	acdn.adnxs.com	www.phoenixnewtimes.com
1	cd.connatix.com	1 redirects
1	media2.phoenixnewtimes.com	www.phoenixnewtimes.com
1	www.googletagmanager.com	www.phoenixnewtimes.com
1	fonts.googleapis.com	www.phoenixnewtimes.com
1	link.phoenixnewtimes.com	1 redirects
128	63

This site contains links to these domains. Also see Links.

Domain
shop.phoenixnewtimes.com
www.voicemediagroup.com
www.browardpalmbeach.com
www.dallasobserver.com
www.miaminewtimes.com
www.westword.com
www.couponscaptain.com
media2.phoenixnewtimes.com
ticketmaster.evyy.net
www.facebook.com
twitter.com
voice-media-group.dcatalog.com
adindex.phoenixnewtimes.com
www.instagram.com
publishwithfoundation.com

Subject Issuer	Validity	Valid
phoenixnewtimes.com Cloudflare Inc ECC CA-3	`2022-12-08` - `2023-12-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.pelcro.com Amazon	`2022-11-12` - `2023-12-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.pushnami.com Amazon	`2022-04-03` - `2023-05-02`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-28` - `2022-12-27`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.ad.gt Amazon	`2022-05-10` - `2023-06-08`	a year	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-22` - `2023-02-22`	a year	crt.sh
pelcro.com Cloudflare Inc ECC CA-3	`2022-02-16` - `2023-02-15`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.hadronid.net GTS CA 1P5	`2022-12-14` - `2023-03-14`	3 months	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-12-15` - `2024-01-11`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Frame ID: 3D8EBE38C665A01E7FFDA051CD01E9EF
Requests: 96 HTTP requests in this frame

Frame: https://cds.connatix.com/p/209089/connatix.playspace.js
Frame ID: 60856997029F05636F22BAFF0F6971F4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 5B84051C27B83FC3B9156A99E5F50BA7
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.phoenixnewtimes.com
Frame ID: 0DF7B1628D8EA0FCDC29B7B3B524278B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6648850737115177&output=html&adk=2146552207&adf=2389439239&lmt=1671470746&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671477949152&bpp=5&bdt=972&idt=728&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4260234876807&frm=20&pv=2&ga_vid=627040464.1671477949&ga_sid=1671477950&ga_hid=1336694088&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071167%2C44780792&oid=2&pvsid=2897167528287862&tmod=548772301&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=776
Frame ID: 46A9C81F76A086BB382C4E3F57C1ECA2
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: ECD08DE5548EBB0D839F9F1932183426
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&upid=07ypglr&upv=1.1.0
Frame ID: 7BD4B1B8062A276D3751C05FC49264AB
Requests: 2 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 9422CA9EE65A2D457131D3E6B8CDEA1E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Frame ID: 2AA3357F401B5687C5FF98AEC21C2DAD
Requests: 1 HTTP requests in this frame

Frame: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=137425c4-114b-4d56-ae27-7ccd285e3f2c
Frame ID: 6FEF6A64624041483D11B7507367AAEF
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-bZTBfXlE2uIaBMXO1ZTAzqmtYANkaXU-~A&gdpr=0&gdpr_consent=
Frame ID: 910E7C4BE8EA3C968B1DB13A1EEF818B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A2984E1D565D17E810B26DBCA3CDD2E1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 415E5C76E75B1B06A3AC1A7F7F1C140D
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0E68104FFD03A316B627170FBDA2C019
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1BC823F8894E4DC012BC6E18ECF62873
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7993E00AF60D958DEE098CCE731B1BC
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 2FDB2D22B4ACDD0428034265D43099DE
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DATE PACKAGE - Immersive Van Gogh Phoenix (Peak) | Art - Museums | Phoenix New Times | The Leading Independent News Source in Phoenix, Arizona

Page URL History Show full URLs

https://link.phoenixnewtimes.com/click/29979210.4774/aHR0cHM6Ly93d3cucGhvZW5peG5ld3RpbWVzLmNvbS9ldmVudC9kYXRl... HTTP 302
https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsl... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

uikit.*\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Pushnami (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

api\.pushnami\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

128
Requests

92 %
HTTPS

54 %
IPv6

37
Domains

63
Subdomains

48
IPs

2
Countries

4810 kB
Transfer

14755 kB
Size

46
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://shop.phoenixnewtimes.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.voicemediagroup.com/
Title: Voice Media Group

Search URL Search Domain Scan URL

URL: https://www.browardpalmbeach.com/
Title: New Times Broward-Palm Beach

Search URL Search Domain Scan URL

URL: https://www.dallasobserver.com/
Title: Dallas Observer

Search URL Search Domain Scan URL

URL: https://www.miaminewtimes.com/
Title: Miami New Times

Search URL Search Domain Scan URL

URL: https://www.westword.com/
Title: Westword

Search URL Search Domain Scan URL

URL: https://www.couponscaptain.com/
Title: Coupons Captain

Search URL Search Domain Scan URL

URL: https://media2.phoenixnewtimes.com/phx/imager/u/original/14471604/e4440fb7-67c7-430a-bbd4-c73438b645cd_1407721_tablet_landscape_large_16_9.jpg
Title: click to enlarge

Search URL Search Domain Scan URL

URL: https://ticketmaster.evyy.net/c/1202638/271177/4272?u=https%3A%2F%2Fwww.universe.com%2Fevents%2Fdate-package-immersive-van-gogh-phoenix-peak-tickets-WSCL35%3Fref%3Dticketmaster&sharedid=phx&subId1=phx
Title: Get Tickets

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605&redirect_uri=https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605&app_id=752951872059350

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605&text=DATE%20PACKAGE%20-%20Immersive%20Van%20Gogh%20Phoenix%20(Peak)&via=phoenixnewtimes

Search URL Search Domain Scan URL

URL: https://voice-media-group.dcatalog.com/v/PNT-121522/
Title: This Week's Issue

Search URL Search Domain Scan URL

URL: https://adindex.phoenixnewtimes.com/classifieds
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://www.facebook.com/phoenixnewtimes

Search URL Search Domain Scan URL

URL: https://www.instagram.com/phoenixnewtimes/

Search URL Search Domain Scan URL

URL: https://twitter.com/phoenixnewtimes

Search URL Search Domain Scan URL

URL: https://publishwithfoundation.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.phoenixnewtimes.com/click/29979210.4774/aHR0cHM6Ly93d3cucGhvZW5peG5ld3RpbWVzLmNvbS9ldmVudC9kYXRlLXBhY2thZ2UtaW1tZXJzaXZlLXZhbi1nb2doLXBob2VuaXgtcGVhay0xNDQ3MTYwNT91dG1fc291cmNlPU5ld3NsZXR0ZXJzJnV0bV9tZWRpdW09ZW1haWw/5745d6f7498ecfca84ced513Cd5d099fc HTTP 302
https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/209089/connatix.playspace.js

Request Chain 74

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001671477950-J64QR2VQ-748T&adnxs_id=$UID&gdpr=0 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001671477950-J64QR2VQ-748T&adnxs_id=8820141495692507188&gdpr=0

Request Chain 75

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001671477950-J64QR2VQ-748T&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001671477950-J64QR2VQ-748T&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=137425c4-114b-4d56-ae27-7ccd285e3f2c&id=AU1D-0100-001671477950-J64QR2VQ-748T

Request Chain 76

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001671477950-J64QR2VQ-748T HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001671477950-J64QR2VQ-748T HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=18111E9F-0822-493E-8777-457F1C08CAE0&id=AU1D-0100-001671477950-J64QR2VQ-748T

Request Chain 77

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001671477950-J64QR2VQ-748T&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001671477950-J64QR2VQ-748T&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=32df3307-e3fb-4052-9171-3dc01667899e%252Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001671477950-J64QR2VQ-748T%2526tapad_id%253D32df3307-e3fb-4052-9171-3dc01667899e&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=137425c4-114b-4d56-ae27-7ccd285e3f2c&ttd_puid=32df3307-e3fb-4052-9171-3dc01667899e%2Chttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26tapad_id%3D32df3307-e3fb-4052-9171-3dc01667899e HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001671477950-J64QR2VQ-748T&tapad_id=32df3307-e3fb-4052-9171-3dc01667899e

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001671477950-J64QR2VQ-748T HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001671477950-J64QR2VQ-748T&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001671477950-J64QR2VQ-748T&google_gid=CAESEJX3Ow6p9xUINYKfQreGy9o&google_cver=1&google_ula=450542624,0

Request Chain 79

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001671477950-J64QR2VQ-748T HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MTQ3Nzk1MC1KNjRRUjJWUS03NDhU

Request Chain 80

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001671477950-J64QR2VQ-748T%26auid%3DAU1D-0100-001671477950-J64QR2VQ-748T HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001671477950-J64QR2VQ-748T%26auid%3DAU1D-0100-001671477950-J64QR2VQ-748T HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=7be99509-08df-45df-96cf-1dda23dfab4b&id=AU1D-0100-001671477950-J64QR2VQ-748T&auid=AU1D-0100-001671477950-J64QR2VQ-748T

Request Chain 81

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26unruly_id%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26unruly_id%3D%5BRX_UUID%5D&cb=1671477950100 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-fd583366-ca0a-47ad-a53f-094e474e774b-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26unruly_id%3DRX-fd583366-ca0a-47ad-a53f-094e474e774b-005 HTTP 302
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001671477950-J64QR2VQ-748T&unruly_id=RX-fd583366-ca0a-47ad-a53f-094e474e774b-005

Request Chain 83

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26sas_uid%3D%5bsas_uid%5d&gdpr=0 HTTP 302
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001671477950-J64QR2VQ-748T&sas_uid=[sas_uid]&gdpr=0&cklb=1

Request Chain 107

https://dpm.demdex.net/ibs:dpid=903&dpuuid=137425c4-114b-4d56-ae27-7ccd285e3f2c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=137425c4-114b-4d56-ae27-7ccd285e3f2c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam

Request Chain 108

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=137425c4-114b-4d56-ae27-7ccd285e3f2c HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=137425c4-114b-4d56-ae27-7ccd285e3f2c

Request Chain 109

https://ups.analytics.yahoo.com/ups/55953/sync?uid=137425c4-114b-4d56-ae27-7ccd285e3f2c&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=137425c4-114b-4d56-ae27-7ccd285e3f2c&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-bZTBfXlE2uIaBMXO1ZTAzqmtYANkaXU-~A&gdpr=0&gdpr_consent=

128 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request date-package-immersive-van-gogh-phoenix-peak-14471605 Show response
www.phoenixnewtimes.com/event/
Redirect Chain

https://link.phoenixnewtimes.com/click/29979210.4774/aHR0cHM6Ly93d3cucGhvZW5peG5ld3RpbWVzLmNvbS9ldmVudC9kYXRlLXBhY2thZ2UtaW1tZXJzaXZlLXZhbi1nb2doLXBob2VuaXgtcGVhay0xNDQ3MTYwNT91dG1fc291cmNlPU5ld3Ns...
https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

145 KB
29 KB

1644ms
1567ms

Document
text/html

2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa1733bf58cdb10b6e8929b14dcdda9f4a555d7546faf93dd1e9b2dbb232583c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
cache-control: max-age=300, s-maxage=900
cf-cache-status: MISS
cf-ray: 77c286ae6ea02dba-ORD
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 19:25:48 GMT
last-modified: Mon, 19 Dec 2022 17:25:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F35HP3wA5ycXKslltw4lvSdv7yt45OKIO3QfnolgiXqzadzoYz%2B6PI8uIrwEReqG6ZyYx2fI0muY3rzpsBSF6szblsozUYCT%2Feb1vklnZT3VkBhtqJtcEkkBkYdRShVe4DuF3%2BfUMueM7FPziZnMhXwexF5v"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Host,Accept-Encoding
x-dn-cache-control: max-age=93600
x-dn-gyrobaseid: phx-Event-14471605-calendar
x-frame-options: SAMEORIGIN
x-gyrobase-publication: phx

Redirect headers

connection: close
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 19 Dec 2022 19:25:46 GMT
location: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
server: Sailthru
x-robots-tag: noindex

GET
H2 200 QlHbXmHMsEqIpgPJg6Xx7fjLCUA.js Show response
www.phoenixnewtimes.com/cdn-cgi/apps/head/ 4 KB
2 KB 38ms
36ms Script
application/javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/cdn-cgi/apps/head/QlHbXmHMsEqIpgPJg6Xx7fjLCUA.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 218e16b20479abf1a1b8fa1c77a69a32db478429436b1c717e6096d6a3d79f73

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
x-amz-version-id: 19kpP6jw0j86fS1dsy9WbzEWrxu_Hm5W
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WYADBN049YXAM3FB
age: 14364228
x-amz-id-2: x1TdS6WqZIFSCiTx4yZ6nxNChOJmh7ewv2WIT3hAuUka+KsN8y9rSJX/Bt7nPQ1QJ36wyU/OMvo=
last-modified: Wed, 20 Apr 2022 15:40:11 GMT
server: cloudflare
etag: W/"9d497b0dfbb9a9119247651270fe2f16"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PuHYZ7ziwet%2F2QuAJyqnUv0b6y5308R7v%2FngQx4Sl81inoQ4NHLyYdizHuWPBTIxuarVhywFBB%2BjwQ0%2B0JYaOMFMSJsTuogIaZJe4bT%2FsmEBsHpig6KFCO0whS8iclumaOLcUF4Q%2FeQ66WKjsHsIMcUTGFt5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77c286b84f432dba-ORD

GET
H2 200 desktop.min.css
www.phoenixnewtimes.com/fdn-system/assets/pub/styles/ 870 KB
108 KB 84ms
82ms Stylesheet
text/css 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/fdn-system/assets/pub/styles/desktop.min.css?cb=7291a948631d5aa7d53ff4fe0fec7ae3
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56bac5cf70fa7d09963d4c16f961722f7e1aeea793d5d2503af54fc1a008963d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 18 Dec 2022 22:30:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 43471
etag: W/"d96cd-5f021c177e380"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TopyDbrnp%2F01rmt5SLe4Otfp6GEE70cLmgOLf%2Br%2FUwWulAcoh42F4HwMNYSlEOVLsiTs2b8eTnJ6NMU%2BNlKr0SQbRsE%2FOHbwi0EEgj%2FYmiDaPKr4J6ygwdfHiA7d1Xu%2BKATei%2FTDwjpnRE8uwDMcBTwHbh8q"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-dn-cache-control: max-age=259200
cf-ray: 77c286b84f442dba-ORD
expires: Thu, 22 Dec 2022 07:00:48 GMT

GET
H2 200 uikit.min.js Show response
www.phoenixnewtimes.com/fdn-system/assets/pub/scripts/ 131 KB
42 KB 66ms
65ms Script
application/x-javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/fdn-system/assets/pub/scripts/uikit.min.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfbf3d9abff305b811e7799fc9d088efc092005fbdfa746abbe2517ecd543e0d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 17 Dec 2022 17:35:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 128176
etag: W/"20c6a-5f00984dcfb80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rj4kcf4%2Fvx0P7yLEI38DngNW2Ia2%2FVCFPkXy7zI9PwziubrUodocabXPo50dtRYL%2F1herc6CcDuhUKNWGdWNLoeX1T%2Fy7dG4SjdYqu1G8mL7ln7R6ows2Kc1IcNsg46gHJIWMQdAd4Jqjk4go0dAiU2jnPE"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 77c286b84f452dba-ORD
expires: Wed, 21 Dec 2022 07:37:37 GMT

GET
H2 200 uikit-icons-fdn.min.js Show response
www.phoenixnewtimes.com/fdn-system/assets/pub/scripts/ 228 KB
87 KB 85ms
84ms Script
application/x-javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/fdn-system/assets/pub/scripts/uikit-icons-fdn.min.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d57f9ddb633dcc5857ad4cdf9be75e1e37830ece957e888bb928ef5bc6ad134

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 18:08:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 258433
etag: W/"38f74-5eff5dbe817c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdALY%2F4K3UBvzcsjZGObJx6LtLc9wyXDq3T37dJ8FcxOInd5KGqulEj1fh5OkFQwjaCXsF9niFAA7JnmkKcVdRrPFs7EZOa81xm1%2FtqyD8TAnvXfcyIGcyWn%2FTn%2FqvxbVCYQEng0Qur7F1wlPLlf6F6PoOwh"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 77c286b84f462dba-ORD
expires: Mon, 19 Dec 2022 19:37:44 GMT

GET
H2 200 brands.min.js Show response
www.phoenixnewtimes.com/foundation/fontawesome/js/ 437 KB
190 KB 65ms
49ms Script
application/x-javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/foundation/fontawesome/js/brands.min.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c60fbb2cbbef335bceb50752f77180c710787594e46f9e00d13121c489af0f5

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 21:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2985
etag: W/"6d592-5bb8e808c9400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2B2LNh1O6mbYdvwpYeBTeCFsDCteU3xpTV%2Fu78anBMAxyYy7Vt9fJIWEeHFx3MN82BRjhNoPoxmkhwWw1B8MrGRD0vJeemsLfc53EfNLo0W2nOLOY2jz6fjOJNA52JCYQxl5Fys1PbfcLdKusqxLqMx45z58"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 77c286bb0baa2dba-ORD
expires: Sat, 09 Jul 2022 12:09:39 GMT

GET
H2 200 solid.min.js Show response
www.phoenixnewtimes.com/foundation/fontawesome/js/ 1 MB
345 KB 67ms
51ms Script
application/x-javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/foundation/fontawesome/js/solid.min.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a1b092d7e105d5ecda0bd16c3642bc9c9a19ce1c86318331d81c8d40217641c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 20:58:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2985
etag: W/"116b58-5bb8e7ae2b3c2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fsh3SEPulEs44YQTfJAKmsC2K4nCnOFSE5NVWg7VRfTDzMn9msn0gt%2Bk%2BYjCtAl8ndvJTjaEG%2BBk0PiDFFQFsAutGVGSTG24G2IFZ9whtRNVhZnX%2FoS1yDW%2BP6Fzfvi0vdKKmq1QG7TS3k09yGIdY8R7nArn"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 77c286bb0bac2dba-ORD
expires: Fri, 26 Aug 2022 09:56:33 GMT

GET
H2 200 regular.min.js Show response
www.phoenixnewtimes.com/foundation/fontawesome/js/ 1 MB
443 KB 68ms
52ms Script
application/x-javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/foundation/fontawesome/js/regular.min.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1295392dc1ad49ec647789fb43abc365e98aee26822f397ba16a24d9acf6a689

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 21:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2985
etag: W/"155d35-5bb8e808c9400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5oWauCACk9arvwZYgH7MZmTst6n9IU%2BbicsJFzJVcz1o2oob32bdv3cvlpMK%2BNNfepkJTKvdpAZbpuAYABZG69UTSU2HczizLLQzcbpJbJ4Yv%2BpBYF%2BzeV6BjrvrIwqbn0e4aAC91OEmJWjlYsH%2BYgFHBt5"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 77c286bb0bae2dba-ORD
expires: Sat, 09 Jul 2022 01:46:22 GMT

GET
H2 200 fontawesome.min.js Show response
www.phoenixnewtimes.com/foundation/fontawesome/js/ 36 KB
13 KB 284ms
268ms Script
application/x-javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/foundation/fontawesome/js/fontawesome.min.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 380a2b96ba56a2981cd1c689b78edd8b91096f843ebec8ba62de16c8d8afd2fb

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 17 Feb 2021 21:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"91a7-5bb8e808c9400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXHFjETHjW%2BValdSZ9T7xvBWm4GkbMHhIHvAEQI7Rr4t%2BCXLefycugO3qAzpzN2l9PIGMK%2BMuFjbQWqkHXg5ezqNopustEkvpgjyPj76dwMwaDMHkcoxRlRkGDusK9W3pXvlCAjejanM5FLcOMInT%2BJ0Xm%2Fh"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 77c286bb0baf2dba-ORD
expires: Sat, 09 Jul 2022 03:59:39 GMT

GET
H2 200 light.min.js Show response
www.phoenixnewtimes.com/foundation/fontawesome/js/ 1 MB
493 KB 94ms
78ms Script
application/x-javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/foundation/fontawesome/js/light.min.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f44becebd35a6e9ec71d4917ee8690eb00a0b0f0c9c7fa230f504464e9c643c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 20:58:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2985
etag: W/"17be80-5bb8e7ae214be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32z2kSiPw%2FVrh1V57Uz8N7Vz3o%2F0vcpRu6tZ1sL4Xv4Fmgm49uEhKHBAjXlkKkR6TcEkzA7ByaOzpaVbEFcqRkZONaldBXKi%2FEcw%2F4echyGWRkO01q%2FCZxpwqw1fT65p6PT0gvXFA%2Fii%2FAbWTfvunclJZ82y"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 77c286bb0bb02dba-ORD
expires: Mon, 29 Aug 2022 09:39:42 GMT

GET
H2 200 duotone.min.js Show response
www.phoenixnewtimes.com/foundation/fontawesome/js/ 1 MB
356 KB 94ms
79ms Script
application/x-javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/foundation/fontawesome/js/duotone.min.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51643413920fb7346927f681edf04d04a89cbdd95e4b1f6c52808328bf92ad4e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 17 Feb 2021 21:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2985
etag: W/"12d01e-5bb8e808c9400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKlFQ2Gt%2F%2B2EPgKqjpPx%2F5E22KQTVzr9r724qMCy7pEc7gKSborMsWEyk50em%2ByQnyR%2B8MDlUZu1Iftu9Eg7%2FvwW0wUbL7QCckobAfgVkPsZKwGTB6qrNttTnWGDCblyF5%2FsMQRXHXpK4Drp7bP4f27T%2Bebc"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 77c286bb0bb22dba-ORD
expires: Sat, 09 Jul 2022 05:51:59 GMT

GET
H2 200 foundation-air-2-0-1.js Show response
www.phoenixnewtimes.com/foundation/scripts/ 669 KB
180 KB 52ms
51ms Script
application/x-javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/foundation/scripts/foundation-air-2-0-1.js?cb=26a24fc5da4a1c70da1021ce0045be11
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e035d3f23309ca479bb89dc8aa46a71826bde6958b10f1472b7203c2dff8e12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43471
cf-polished: origSize=684762
last-modified: Tue, 05 Apr 2022 21:48:24 GMT
cf-bgj: minify
server: cloudflare
etag: W/"a72da-5dbef34429a00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EepDUHQmv4qc0DdtYPVCMZLYu3okcBM5leKGKmpxwTiq7sJOBkosV125OU9U6kBJJYDL0JPdrHQN4GfCyVzdSx5b15HSHH5bxgD%2Fwyj5%2FgoGzkPeaaHZQ68yfnEmzCxyddTYDX3VY9hk9d0MniSuTow5spZ0"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 77c286b84f492dba-ORD
expires: Thu, 22 Dec 2022 07:00:48 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 160 KB
53 KB 145ms
94ms Script
text/javascript 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCpuLa9nk_d2aIviF02JiLW8HfnGP2l-fU

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

57041153f44784bed5ad390b00dd0a6d5dba175e6de0e4d4ec74c97e487c8bde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=60
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53495
x-xss-protection: 0
expires: Mon, 19 Dec 2022 19:55:48 GMT

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
2 KB 86ms
37ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@300;400;700&family=Roboto+Condensed:wght@300;400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@100;300;400;500;700&display=swap

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47c4ddec8ced87e0f02bc3866b56b732e8a24917d79db3a38baedf001f24db05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Dec 2022 19:14:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Dec 2022 19:25:48 GMT

GET
H2 200 main.min.js Show response
js.pelcro.com/sdk/ 282 KB
83 KB 182ms
21ms Script
text/javascript 2600:9000:2073:3000:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/sdk/main.min.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2073:3000:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac6b9b3222290a815f00d1050211c973ccd19bc50e4f997e578602f9c64376f3

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:21:23 GMT
content-encoding: gzip
via: 1.1 cb0868a0a661911b98247aaff77bc898.cloudfront.net (CloudFront)
last-modified: Mon, 19 Dec 2022 18:21:08 GMT
server: AmazonS3
x-amz-cf-pop: IAD50-C2
age: 3866
etag: W/"53527b6e4f1dbb539db0f9547303c0bc"
vary: Accept-Encoding
x-amz-meta-sha256: rGubMiIpCoFfANEFAhHJc8zRm8UOT5l+V4YC+cZDdvM=
content-type: text/javascript; charset=utf-8
x-amz-meta-md5: 53527b6e4f1dbb539db0f9547303c0bc
x-cache: Hit from cloudfront
x-amz-meta-sha384: HSn2H6QAYSgf3kU+SygCS/dw3rANPoDNCjQrPVHGgEX8LmbWCa+vjpgDApadjGZl
x-amz-cf-id: 6Y32bGtxVewUuDuJUnpbBp8YFYnz1GIMZYFU1o_RW3NWF4ZswLtsnA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 119ms
39ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LNJVZ7WWDK

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2381a9476aede89b45e4ce0663aa85f8bc24e7765106c7d12dfe721cc3b21459

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76816
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 19 Dec 2022 19:25:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
49 KB 129ms
49ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6648850737115177

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62ed6438b5dce242acef8382f5ac2bc3723f0b744cd207b24c3e6942d985f241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.phoenixnewtimes.com/
Origin: https://www.phoenixnewtimes.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49414
x-xss-protection: 0
server: cafe
etag: 7404721346254570314
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:25:48 GMT

GET
H2 200 ResizeSensor.js Show response
www.phoenixnewtimes.com/fdn-system/assets/pub/scripts/ 5 KB
2 KB 85ms
84ms Script
application/x-javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/fdn-system/assets/pub/scripts/ResizeSensor.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd55acbe373b8ce45a4ca931775510a3dfa9fd40ec8505ae7291feb7b0b62575

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171969
cf-polished: origSize=10104
last-modified: Sat, 17 Dec 2022 17:35:58 GMT
cf-bgj: minify
server: cloudflare
etag: W/"2778-5f00984dcfb80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dk%2BvNMEk7I7E1ZS9hBrOKuyHZtqe1892vZiqPkDlqX65J3FESPA4dWLBA5naoAPs86Un2ofqR4dXkz98iTehhwN7JsD8hQ4l29vM82DPKkFGuVCTMGw4d3k8N5AaIWGUBsOiZ%2F2eTBKP3s1JdHE3jG41E7sh"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 77c286b84f4a2dba-ORD
expires: Tue, 20 Dec 2022 19:39:39 GMT

GET
H2 200 ElementQueries.js Show response
www.phoenixnewtimes.com/fdn-system/assets/pub/scripts/ 10 KB
3 KB 54ms
53ms Script
application/x-javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/fdn-system/assets/pub/scripts/ElementQueries.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 398dc6dbd96011b1221e4ae2d74302edf250d806c06bc696701a2dcb63d331ba

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 178940
cf-polished: origSize=20253
last-modified: Sat, 17 Dec 2022 17:35:58 GMT
cf-bgj: minify
server: cloudflare
etag: W/"4f1d-5f00984dcfb80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHUgo4HimOSPQUH2Kd%2F7DQgAoG5%2FIEmToiwxhNhesl2rEU0Q9542XrblT9yb8DRVtPiS72sElRRPnBvrou5x7L2X0ikgjPeNbxLKQOz2GnEFTufgdLNBZBmVMmauXvkm1lAzu7FlidyyZ25QYs9UfU%2Fy0Glq"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
x-dn-cache-control: max-age=259200
cf-ray: 77c286b84f4b2dba-ORD
expires: Tue, 20 Dec 2022 17:41:20 GMT

GET
H2 200 phx-main-logo.png
www.phoenixnewtimes.com/images/ 7 KB
7 KB 68ms
54ms Image
image/webp 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.phoenixnewtimes.com/images/phx-main-logo.png
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 302e05277d09dde32df9fa04c22bf5e609ab7e30749a0cd09fa119c18f2120af

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 424779
cf-polished: origFmt=png, origSize=10891
content-disposition: inline; filename="phx-main-logo.webp"
content-length: 6814
last-modified: Wed, 23 Jun 2021 21:54:50 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "2a8b-5c575f4b2d4b4"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUdSifB8ygXZjxjpo5dATk5DPdgLNOX8Oc8DD6ghlbN2zZBsDks%2BrZt5JGhO3hwSBPrZXXeXBnFzLo2RriWWALvkAlJDb9i%2FeDjLCB0HjSTadz1axTjd8Kv%2BtNSxq%2FCbQei3NObqJGstOAMFEtgEGU5M4lSI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-dn-cache-control: max-age=2419202
accept-ranges: bytes
cf-ray: 77c286bb0bb32dba-ORD
expires: Wed, 11 Jan 2023 19:41:32 GMT

GET
H2 200 e4440fb7-67c7-430a-bbd4-c73438b645cd_1407721_tablet_landscape_large_16_9.jpg
media2.phoenixnewtimes.com/phx/imager/u/golden-m/14471604/ 502 KB
503 KB 564ms
515ms Image
image/jpeg 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media2.phoenixnewtimes.com/phx/imager/u/golden-m/14471604/e4440fb7-67c7-430a-bbd4-c73438b645cd_1407721_tablet_landscape_large_16_9.jpg

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf16ae90a4220f3e28330d6578ff5095d931b4397f528ad83632eb1124193b74

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:49 GMT
strict-transport-security: max-age=3600; includeSubDomains
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gyrobase-publication: phx
content-length: 514116
last-modified: Fri, 16 Sep 2022 13:52:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1lKyVQ3ZbceoGLR2bYcnVS3xEi1K6fsWHyF6bcK9UOv3NhAONLwL9LCc1YQLSC8YKOKrMqpp22xlrgue0qSGsUtcYftrTt0CutWG%2FMP3EEf87UavnhvNW65jcO3fvF87jpMs2CImAJtwmP8qAyC6j2gzgVWBCSn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-dn-cache-control: max-age=2419202
cache-control: max-age=21600, s-maxage=21600
accept-ranges: bytes
cf-ray: 77c286bb4bfc2dba-ORD
expires: Sun, 15 Jan 2023 06:41:19 GMT

GET
H2 200 email-decode.min.js Show response
www.phoenixnewtimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 33ms
32ms Script
application/javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.phoenixnewtimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Dec 2022 12:21:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6399bfb7-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2B8neaeHC%2FgyyJ36fF%2Fj9Ae9XlncExRbPBAca7iIDsfG5EZYLNFQb6jk1pS0%2FwoV9eh6ELcjtTEWnYUia%2BTmIpYq9OfK%2BKoVTQpVY6aB4x5uxTS6wkcLB7M5k6P2f05Y%2FxcrNGg%2BKCCKUAx%2FFF7MI7eb1hdR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 77c286b9690c2dba-ORD
expires: Wed, 21 Dec 2022 19:25:48 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 73ms
36ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41553
x-jsd-version: 3.1.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19158-FRA, cache-yyz4532-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfpjDNlxiHzgGrUGFoY7zeMwgIB45rANrR69qEl0%2F6Ie2dqsrEmRf015gkXCaPoIlDbfVzv1GoS8BZfP8RyS3RjVElBewd3CsOABax%2FABi7AbLJrlpFudKbamiPh6Dw0wx%2BWhEVkKmOru3HBW8A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 77c286ba2b017157-YUL

GET
H3 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 48ms
25ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41693
x-jsd-version: 3.1.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19177-FRA, cache-yyz4548-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlhG7caVh8Vhp2GVQD7OvuXBJ6431PYGUUAkI4ywhxHSyIhXjMRDkLtXvRtyymez33MHHedjSIDnM%2Fy7bZRwyxfW46dHCl2Ff4rM9NKc1v58YGjTOQLnDt%2FTBOWmBIcBheoEgN0KSH6OX1PWUe0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 77c286bb08344bb9-YUL

GET
H2 200 PoweredByFoundation.svg
www.phoenixnewtimes.com/images/ 20 KB
8 KB 58ms
46ms Image
image/svg+xml 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.phoenixnewtimes.com/images/PoweredByFoundation.svg
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a73eb3a275137c862b8aede37f767fb8878199c38388c804d40811205fb3b396

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 30 Jun 2021 17:20:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4700
etag: W/"515e-5c5feef1da701"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWi2lO2N0G%2Brf3FmTYaJq%2B7j9xwSuM3gdfA%2BlkHggcaBIBCvWsE1OQqkhn8Zux2eL6FVloiEMnPni9wqZzRnuW4EToEKGSVxOd33I1golQi%2B8MgFxdCCGxKQKrgLGZlocqqqDezd0dPbQRi%2FkQ1S%2BZkpfyOi"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 77c286bb0bb42dba-ORD

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 111ms
28ms Script
application/x-javascript 99.84.210.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.210.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-210-36.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 04:43:18 GMT
Via: 1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD79-C1
Age: 52951
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: v_sI5ifnjOvN2gr6xxq6mJnQZvxclMPI9od3QG8rVmUhejXqbiaBuQ==

GET
H2 200 SwyU8VNVpb9BTt2dPK-Y1bkp8tU.js Show response
www.phoenixnewtimes.com/cdn-cgi/apps/body/ 4 KB
2 KB 50ms
37ms Script
application/javascript 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/cdn-cgi/apps/body/SwyU8VNVpb9BTt2dPK-Y1bkp8tU.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/cdn-cgi/apps/head/QlHbXmHMsEqIpgPJg6Xx7fjLCUA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d0f674e2c088dfb4aea85d4644cd03b7a821c2504ce8ca5a4c02d7e29ef9323

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
x-amz-version-id: jA7sbq73wW5P5nCbtpL0BKA3pr1rmp13
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 746FAS7AVYHS7C9W
age: 14364297
x-amz-id-2: 6ZBvg7OmbbdxVB1Fe7LJNwXSGglICgMNKGFUtjjz4q3+3tGfTHLSVnkt0NgbvEnUsUYQx69r3mE=
last-modified: Wed, 20 Apr 2022 15:40:11 GMT
server: cloudflare
etag: W/"501f97a2ec1134360369f30e47a7b120"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLKwd23Vx4j4DNNw62CpCXdGk3Uai8TiF%2BuzwSVzPBJlTjojHfU7Eow1c7l4NYnGkTr5gSxZ4IJu%2FbF8nSo1jrpgaH7TZ%2FJ4v6I4rrol6%2BDVx1tYQauybXf%2Bkcr2fX565AkYmhYYILrzPiSkBLwoCLmmxV8L"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 77c286bb0bb52dba-ORD

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 90ms
44ms XHR
application/json 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCpuLa9nk_d2aIviF02JiLW8HfnGP2l-fU

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.phoenixnewtimes.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H2

200

connatix.playspace.js Show response
cds.connatix.com/p/209089/ Frame 6085
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/209089/connatix.playspace.js

1002 KB
228 KB

80ms
5ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/209089/connatix.playspace.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9fb73efabf1d6bef19b8e947b3fe68e959c765d8d2c2f057670a6b599d80decd

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
last-modified: Mon, 19 Dec 2022 18:49:16 GMT
age: 2113
etag: "647ca1b2a49531a27769640f8d4b9fcb"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 233032

Redirect headers

location: https://cds.connatix.com/p/209089/connatix.playspace.js
date: Mon, 19 Dec 2022 19:25:48 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H2 200 604b9a5dca020f0010ead52e Show response
api.pushnami.com/scripts/v1/pushnami-adv/ 245 KB
62 KB 116ms
37ms Script
application/javascript 99.84.208.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pushnami.com/scripts/v1/pushnami-adv/604b9a5dca020f0010ead52e
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.208.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-208-86.iad79.r.cloudfront.net
Software: /
Resource Hash: 8ddc5718c3df9a9256816484543bec1a55f33597fa7cda19505469dd15a81f8f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:25 GMT
content-encoding: gzip
via: 1.1 de6760156d781e28f72545a2e9243b26.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C1
age: 23
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: 2HDOEdzHPlnWyRc5H7s8IMgN9411P7jMURx2_RkP3WWDQ-A99GT6IA==

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 95 KB
33 KB 209ms
48ms Script
application/javascript 23.220.188.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.220.188.182 Atlanta, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-220-188-182.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: cba44fea0ed580f42b7756ac614daaba504a6aa04acf57e0c478cbc86810168e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 19:25:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Dec 2022 14:21:56 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: W/"63a07384-17da6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 33197
Expires: Tue, 20 Dec 2022 19:25:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 95ms
17ms Script
text/javascript 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 18:44:14 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2494
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 19 Dec 2022 20:44:14 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 138ms
19ms Script
application/javascript 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D2A) /
Resource Hash: c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 19:25:48 GMT
Content-Encoding: gzip
Age: 616
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 29221
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
Server: ECS (nyb/1D2A)
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 106ms
13ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/foundation/scripts/foundation-air-2-0-1.js?cb=26a24fc5da4a1c70da1021ce0045be11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ae5c596393ceb1385283562743cf52e7ccc8affc152dbd49795b742793543c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 19:25:48 GMT
content-md5: SsDDYZKWk2QjSidMVzbkQg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: zgNsGuzkAQZfEEmaWhR4vGDeT4ByaHEJc+GAFOKESt3F2iBg0G9eNQeoYP7twntdXPYU2uLkE+3VGjrA/LriEQ==
x-fb-trip-id: 1512268381
x-fb-content-md5: 05ab92551ef3aa4f2871c1682f113e9b
cross-origin-opener-policy: same-origin-allow-popups
etag: "fce8f3a0d103e67b333b1d4898537a20"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:44:24 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 129ms
45ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/foundation/scripts/foundation-air-2-0-1.js?cb=26a24fc5da4a1c70da1021ce0045be11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51c06c0897a55aef1eca1f08d9a2bfa471345de41f68bcb46dd17b17038101db

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 19:25:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20933
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "4fcbc207c89b8c6c"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:25:48 GMT

GET
H2 200 avalon-book-fdn.woff
www.phoenixnewtimes.com/styles/fonts/ 26 KB
26 KB 128ms
75ms Font
application/font-woff 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/styles/fonts/avalon-book-fdn.woff
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/fdn-system/assets/pub/styles/desktop.min.css?cb=7291a948631d5aa7d53ff4fe0fec7ae3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48e66e73048706fa4d36d4b10033b268c63408c0304395f11ef661a278c403bf

Request headers

Referer: https://www.phoenixnewtimes.com/fdn-system/assets/pub/styles/desktop.min.css?cb=7291a948631d5aa7d53ff4fe0fec7ae3
Origin: https://www.phoenixnewtimes.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 30 Jun 2021 17:20:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3754
etag: W/"6640-5c5fef1877d8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lt2MeWwh01g1f469ZLW93ngfZpiSz%2FhQCQJkJY1gCaYHIar94g43XbNmq5JHRWdqVrlwUaMBbe1LSkxi%2F8%2FIpxcaiTO6pZqdglS0pSRcwsC6zA25z%2B7Gaxbn3x0QCbpB1lL9NoB3AH8RJIdJklC9u%2BzfSUjW"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
x-dn-cache-control: max-age=259200
cf-ray: 77c286bbdcbf2dba-ORD
expires: Thu, 14 Jul 2022 19:43:09 GMT

GET
H2 200 ToolsAjax Show response
www.phoenixnewtimes.com/phoenix/Macros/ 153 B
613 B 457ms
435ms XHR
text/html 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.phoenixnewtimes.com/phoenix/Macros/ToolsAjax?macro=getStatusObject&object=14471605

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/foundation/scripts/foundation-air-2-0-1.js?cb=26a24fc5da4a1c70da1021ce0045be11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b95d7130b3d7bebe5f1bb450825f97a987df101b5bd80f5dee1102a53a6ece7c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
X-Requested-With: XMLHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:49 GMT
content-security-policy: frame-ancestors 'self'
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gyrobase-publication: phx
pragma: no-cache
accept-ch: sec-ch-ua-model,sec-ch-ua-platform-version
server: cloudflare
vary: Host,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1QTmBQ%2BV2YLigowl4BcqbHa73zw8vB8PfbJZa2%2Ba5YdteKISDKliYzIdMvjs2hdeVJU8E9iLpWSatxOhCdWwR1BVWVDBRDNnB2uTqsXJtrOvYVUewK2O0y%2F02I9uTTzxpTNR%2FE%2BiBVl4uV68mx8JrCQ6B8B"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, must-revalidate
permissions-policy: ch-ua-model=*,ch-ua-platform-version=*
cf-ray: 77c286bc0cff2dba-ORD
expires: 0

GET
H2 200 avalon-bold-fdn.woff
www.phoenixnewtimes.com/styles/fonts/ 27 KB
27 KB 68ms
51ms Font
application/font-woff 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.phoenixnewtimes.com/styles/fonts/avalon-bold-fdn.woff
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/fdn-system/assets/pub/styles/desktop.min.css?cb=7291a948631d5aa7d53ff4fe0fec7ae3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131911bf220ea99b0c5cb656841224dba94da7314169f3069ccac0815bc9e0df

Request headers

Referer: https://www.phoenixnewtimes.com/fdn-system/assets/pub/styles/desktop.min.css?cb=7291a948631d5aa7d53ff4fe0fec7ae3
Origin: https://www.phoenixnewtimes.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 30 Jun 2021 17:20:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3754
etag: W/"6aa8-5c5fef185dc00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zc9Vl61TqY76ij7QMwDVhgyXrGZxvvrjDYKEWGoT7Bhvn%2FtI3%2B2GhBn0XG8ABJ%2Be9rk%2F%2BubHXVgiCGCqrdE1zpaU5fx3KSExmMsRjq4k3D9GWnoScqP4eZ%2FaxatAQLqwp4lf2A1FoqWpDIHzj9TktKpN2pr%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
x-dn-cache-control: max-age=259200
cf-ray: 77c286bc1d0d2dba-ORD
expires: Sat, 09 Jul 2022 05:52:02 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 115ms
41ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@300;400;700&family=Roboto+Condensed:wght@300;400;700&family=Roboto+Slab:wght@400;700&family=Roboto:wght@100;300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.phoenixnewtimes.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 22:31:34 GMT
x-content-type-options: nosniff
age: 420854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 22:31:34 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 100ms
26ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.phoenixnewtimes.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 02:11:37 GMT
x-content-type-options: nosniff
age: 234851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 02:11:37 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eca6b1948499bebdb770f79fcb405d77bcc2c1287ea9c81d12001a3c5c132bda

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 25ms
16ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.phoenixnewtimes.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:05:32 GMT
x-content-type-options: nosniff
age: 289216
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:05:32 GMT

GET
DATA 200
OK truncated
/ 803 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 45ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Dec 2022 19:25:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ZnhIbgyESa1ntqfoFw8ZoeDI471v+WLCvQCTrwZ7UEHuw2WlTTXuPTugC9g9onTHR6tzqsYvR0BZ4NA0Vc4C+g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 112ms
28ms Script
application/x-javascript 2600:9000:2199:c600:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2199:c600:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:43:28 GMT
content-encoding: gzip
via: 1.1 3b8e0d5ce152e011bcc1dba2235e26b8.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: IAD79-C1
age: 42141
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 4ekwqWWc0HefD2NeUlgfk03-W98ToQhJWxuEt6HYa5DbEq_IL_DI2Q==
expires: Tue, 20 Dec 2022 07:43:28 GMT

GET
H2 200 aquant.js Show response
secure.quantserve.com/ 25 KB
10 KB 132ms
20ms Script
application/javascript 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/aquant.js?a=p-a4LDpi_DEopn-
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:49 GMT
content-encoding: gzip
etag: "StHfV9prSwQMxjKWocWEFw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 26 Dec 2022 19:25:49 GMT

GET
H2 200 322 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 257ms
86ms Script
application/javascript 54.203.48.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/322?url=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&ref=
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.203.48.28 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-203-48-28.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 821e284702988e65b2943971190f778e28fc3d8c8e379c35a7c21f4757a1d204

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 19:25:49 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.20.0
content-type: application/javascript

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
48 KB 99ms
54ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b225520e63b1d45a899525e7f63f8bfbae8bc8480f0eb517ed0aeef0485b84e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49618
x-xss-protection: 0
server: cafe
etag: 16187736455118057174
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:25:48 GMT

GET
H2 200 advertising.js Show response
rddywd.com/ 9 B
525 B 95ms
27ms Script
application/javascript 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rddywd.com/advertising.js
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:49 GMT
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 02:58:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 59217
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F4RdDLoyinKnUyA2GWQ%2BvDo5%2FIb8hozicNYP8IFlYWn2YK0IInqN8nvnJuk7ptTdPbxvPDpgO5Ax1aGKsp4DpFDLAG3dlyMJDQYs6Ma9AuFgIkrrk0oJxht8v%2BT8J9%2BcVoWr6EsNAgDu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 77c286bd5c929e1c-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9

GET
H2 200 adcode.png
rddywd.com/ 43 B
550 B 93ms
26ms Image
image/gif 2606:4700:3036::ac43:8a2c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rddywd.com/adcode.png
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:8a2c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.phoenixnewtimes.com/
Origin: https://www.phoenixnewtimes.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:49 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64302
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZzQlao75ImAhYeeYhWNn628KHIJR2duE9KnQjqWLuOJMURhZDnPrcCIZaAmXGfTtQlDRP%2F6OKbRBNxhZCXc7hIC7mTmJPcOBlMUrAXrRKxss8JZNPIB1iS%2Bbi7xlcG8Xncnrk1m7IL2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86401
accept-ranges: bytes
cf-ray: 77c286bd5d52c32e-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H2 204 generate_204
www.googleapis.com/ 0
40 B 39ms
19ms Image
text/plain 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googleapis.com/generate_204
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 74ms
33ms XHR
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1336694088&t=pageview&_s=1&dl=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&ul=en-us&de=UTF-8&dt=DATE%20PACKAGE%20-%20Immersive%20Van%20Gogh%20Phoenix%20(Peak)%20%7C%20Art%20-%20Museums%20%7C%20Phoenix%20New%20Times%20%7C%20The%20Leading%20Independent%20News%20Source%20in%20Phoenix%2C%20Arizona&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1433455028&gjid=2015472325&cid=627040464.1671477949&tid=UA-395255-1&_gid=1316717174.1671477949&_r=1&_slc=1&cd2=Calendar&cd3=14471605&cd7=Event&cd8=Art%20-%20Museums&z=1130722417

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.phoenixnewtimes.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.phoenixnewtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Cover_12.15.22.jpg
www.phoenixnewtimes.com/imager/b/r-cover/15125507/852d/ 53 KB
54 KB 50ms
49ms Image
image/jpeg 2606:4700:20::681a:f67
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.phoenixnewtimes.com/imager/b/r-cover/15125507/852d/Cover_12.15.22.jpg
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:f67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81599069d689ec199ec3a75617e1df76a777343b27042f55fcdc8caff361fba8

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-gyrobase-publication: phx
age: 3558
cf-polished: origSize=57461, status=vary_header_present
content-length: 54201
last-modified: Wed, 14 Dec 2022 20:00:12 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
vary: Host, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lopdcpFu98kABPlcAvXY7vRoLHsDzzS9%2FrRWNG6o3nMCIc1tZyXubm0OhgVWmFhiWTYmJJjgKlX%2FN9dNTkVqNuobe47kuWwg9YjPGDwxxCBTkpq%2BMQyLVmCRVyNvbAxNsW3bCEqSlZr%2B40rlFE0eLJ6sb%2FNm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-dn-cache-control: max-age=2419202
cache-control: max-age=21600, s-maxage=21600
accept-ranges: bytes
cf-ray: 77c286bdf8572dba-ORD
expires: Wed, 11 Jan 2023 20:01:50 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 356 KB
117 KB 114ms
113ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6648850737115177

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3efb1c6efde7139756bd608eab26de8aa1fe3416bb7048d33fd0510377cd5ace

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119960
x-xss-protection: 0
server: cafe
etag: 8057966231321279511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 19:25:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 5B84 10 KB
5 KB 90ms
20ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6648850737115177

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.phoenixnewtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 59460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 02:54:49 GMT
etag: 10353107486223812946
expires: Mon, 02 Jan 2023 02:54:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widget_iframe.644279d1635fd969e87af94a98bd232b.html Show response
platform.twitter.com/widgets/ Frame 0DF7 320 KB
104 KB 20ms
19ms Document
text/html 2606:2800:220:131d:1d30:1f1d:238b:1e56
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.phoenixnewtimes.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyb/1D0A) /
Resource Hash: 8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74

Request headers

Referer: https://www.phoenixnewtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 223771
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105445
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Dec 2022 19:25:49 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyb/1D0A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 hls.ab55e91cf2e7990a858b.js
cds.connatix.com/p/209089/ Frame 6085 0
47 KB 11ms
10ms Other
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/209089/hls.ab55e91cf2e7990a858b.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:49 GMT
content-encoding: br
last-modified: Mon, 19 Dec 2022 18:49:16 GMT
age: 2057
etag: "e5e0faa4064e2c15854121dfe1954b86"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48352

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 34ms
33ms Ping
text/plain 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LNJVZ7WWDK&gtm=2oebu0&_p=1336694088&cid=627040464.1671477949&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671477949&sct=1&seg=0&dl=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&dt=DATE%20PACKAGE%20-%20Immersive%20Van%20Gogh%20Phoenix%20(Peak)%20%7C%20Art%20-%20Museums%20%7C%20Phoenix%20New%20Times%20%7C%20The%20Leading%20Independent%20News%20Source%20in%20Phoenix%2C%20Arizona&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LNJVZ7WWDK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.phoenixnewtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 19 B
835 B 89ms
44ms XHR
application/json 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.phoenixnewtimes.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 19:25:49 GMT
AN-X-Request-Uuid: 737eec8e-993c-494c-a752-41ae4c2c48ef
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.phoenixnewtimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 42ms
19ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=ce076dd0d71a745453f25b45f55cdaf1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e6cea607374256f30fd7c602c9bfbf152e3e8f19bb80dc24f2f20af48c8451e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.phoenixnewtimes.com/
Origin: https://www.phoenixnewtimes.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 19:25:49 GMT
content-md5: rMupaC1UYwI5oTfIJijVhQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87015
x-fb-rlafr: 0
x-fb-debug: jWZnMdTVu8a24L5nncE42b4BYRI2MVXUH2LHx6CBRhVwknNr1aYE2jm43q4ETjPxLNk9/r4NfW8Up7MslttBcA==
x-fb-content-md5: c31c2181cf58860020a139e9ba723d3c
cross-origin-opener-policy: same-origin-allow-popups
etag: "7f10254c80e92df142900aa5c766ebb3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 19 Dec 2023 17:27:02 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 98ms
32ms XHR
text/plain 2607:f8b0:4004:c1d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-395255-1&cid=627040464.1671477949&jid=1433455028&gjid=2015472325&_gid=1316717174.1671477949&_u=YEBAAAAAAAAAAC~&z=1727114134

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.phoenixnewtimes.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Dec 2022 19:25:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.phoenixnewtimes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/ 109 KB
36 KB 76ms
20ms Script
text/javascript 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e9313576448e5201db2ab8887305bfec55941d7e11b5529576eaeb2b5ddeedf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 22:35:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36882
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 15:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 17 Dec 2023 22:35:02 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 0DF7 1 KB
721 B 120ms
42ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=5f3a69a060d69336142aea0a8d413b124ba54795

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fwww.phoenixnewtimes.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

131fca19960314913665f3f9eef73981f8847442e2e44fb4a6280964a98e3581

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 7
date: Mon, 19 Dec 2022 19:25:49 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 19 Dec 2022 19:25:49 GMT
server: tsa_b
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: fc4882dc5daedb73
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 1947f064a5eb7e1d2f0247274f39623ec239cf478a63149b37f76b5b9ab60979
content-length: 401

OPTIONS
H2 204 site
www.pelcro.com/api/v1/sdk/ Frame 0
0 323ms
265ms Preflight 2606:4700:10::6816:858
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=1009&language=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.phoenixnewtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 77c286c278b8f051-EWR
date: Mon, 19 Dec 2022 19:25:50 GMT
expires: Mon, 19 Dec 2022 19:25:50 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
vary: Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options: nosniff

GET
H2 200 site Show response
www.pelcro.com/api/v1/sdk/ 18 KB
2 KB 106ms
105ms XHR
application/json 2606:4700:10::6816:858
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pelcro.com/api/v1/sdk/site?site_id=1009&language=en

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d10035036ee325aee66a640c7d29ad53492e3f9fbbc92638b5f6a266f065d9d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.phoenixnewtimes.com/
X-Pelcro-Sdk-Version: 2.10.4
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 19:19:52 GMT
server: cloudflare
age: 358
vary: Accept-Encoding
content-language: en
access-control-allow-origin: *
content-type: application/json; charset=utf-8
cache-control: max-age=0
cf-ray: 77c286c41ad6f051-EWR
expires: Mon, 19 Dec 2022 19:19:52 GMT

GET
H3 200 682420171855092 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 22ms
21ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/682420171855092?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc3508227219f27c700cb95df86caff472ad5d86ff03443f7567fe212c39bf08

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Dec 2022 19:25:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86005
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: OhftOfeh+/RhOXT9VwFdpMob/iCC6D0Br0chCiTx3LkWaM4c4MDUdUf0GNfV4gG6Zx8OU5LjFuXffETsuyq5LQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 405 B
701 B 82ms
36ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.phoenixnewtimes.com&callback=_gfp_s_&client=ca-pub-6648850737115177&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2b16fd8eed0abca85415524c594f918b2995a1e55244806c511d0062f4035f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.ca/adsid/ 107 B
792 B 96ms
47ms Script
application/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ca/adsid/integrator.js?domain=www.phoenixnewtimes.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 98ms
46ms Script
application/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.phoenixnewtimes.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
38ms Image
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&tn=DIV&cls=cc-window%20cc-banner%20cc-type-info%20cc-theme-block%20cc-bottom%20cc-color-override-688238583%20&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&tn=DIV&cls=GlobalHeader%20Event%20uk-root%20fdn-margin-vert%20SiteHeaderGrid%20comp-shell-siteheader%20uk-sticky%20uk-sticky-fixed&ign=false&pw=1600&ph=1200&x=800&y=0

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 46A9 0
19 B 221ms
165ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6648850737115177&output=html&adk=2146552207&adf=2389439239&lmt=1671470746&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671477949152&bpp=5&bdt=972&idt=728&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4260234876807&frm=20&pv=2&ga_vid=627040464.1671477949&ga_sid=1671477950&ga_hid=1336694088&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071167%2C44780792&oid=2&pvsid=2897167528287862&tmod=548772301&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=776

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.phoenixnewtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 19:25:50 GMT
expires: Mon, 19 Dec 2022 19:25:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 19 B
835 B 34ms
34ms XHR
application/json 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.phoenixnewtimes.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 19 Dec 2022 19:25:49 GMT
AN-X-Request-Uuid: b62d1873-1516-41a2-8b7e-2cd7bfa483b6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.phoenixnewtimes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
11 KB 145ms
37ms Script
application/javascript 2606:4700:20::681a:b19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?partner_id=322&sync=1&url=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/322?url=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&ref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:50 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: FNK044PCM9Y7VVCR
age: 1308
x-amz-id-2: AlHhfnaYFu7DcAqm/AZXcFZz8Z4At5Hcn9XqhUxeA24L5T6B/l+VTePOXZCvBx0dhJEtzYQ2PVA=
cf-bgj: minify
last-modified: Fri, 18 Nov 2022 10:57:44 GMT
server: cloudflare
etag: W/"2280e2148e4ee3c06f679f8fac039778"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=583Z%2BfYHFlSxLTtofOc%2FR8NceQm5YGV0Gwawq6yEnKZDC%2Ff02dIqAY%2BvtjpBQCsC18p3jpA%2B4MGOjFxWVEr4uv%2B8KpEXsVHYpNe7DOR%2Bgx6rguXkYzM6sXpstq7xy9XunWjJvUDfYSDd4qKKurU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 77c286c40f762be7-ORD

GET
H2 200 322 Show response
p.ad.gt/api/v1/p/ 43 KB
13 KB 552ms
113ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/322
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/322?url=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&ref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4e9bc06fed6ec87628ecafc1c65946dc62a29651af76a99227ebdbbc2ecf59

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:50 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Wed, 14 Dec 2022 17:49:50 GMT
server: cloudflare
etag: W/"1671040190.0-43782-2710637159"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=43200
cf-ray: 77c286c61d81c340-EWR
expires: Tue, 20 Dec 2022 07:25:50 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001671477950-J64QR2VQ-748T&adnxs_id=$UID&gdpr=0
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26adnxs_id%3D%24UID%26gdpr%3D0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001671477950-J64QR2VQ-748T&adnxs_id=8820141495692507188&gdpr=0

43 B
284 B

83ms
83ms

Image
image/gif

54.187.93.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001671477950-J64QR2VQ-748T&adnxs_id=8820141495692507188&gdpr=0
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Server: 54.187.93.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-93-46.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 19 Dec 2022 19:25:50 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
expires: Tue, 20 Dec 2022 07:25:50 GMT

Redirect headers

Date: Mon, 19 Dec 2022 19:25:50 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 149.56.153.181; 149.56.153.181; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4c041725-78a6-42fb-862c-f17be50944ff
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001671477950-J64QR2VQ-748T&adnxs_id=8820141495692507188&gdpr=0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001671477950-J64QR2VQ-748T&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001671477950-J64QR2VQ-748T&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=137425c4-114b-4d56-ae27-7ccd285e3f2c&id=AU1D-0100-001671477950-J64QR2VQ-748T

43 B
284 B

129ms
128ms

Image
image/gif

54.187.93.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=137425c4-114b-4d56-ae27-7ccd285e3f2c&id=AU1D-0100-001671477950-J64QR2VQ-748T
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Server: 54.187.93.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-93-46.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 19 Dec 2022 19:25:50 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
expires: Tue, 20 Dec 2022 07:25:50 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:50 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=137425c4-114b-4d56-ae27-7ccd285e3f2c&id=AU1D-0100-001671477950-J64QR2VQ-748T
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001671477950-J64QR2VQ-748T
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001671477950-J64QR2VQ-748T
https://ids.ad.gt/api/v1/pbm_match?pbm=18111E9F-0822-493E-8777-457F1C08CAE0&id=AU1D-0100-001671477950-J64QR2VQ-748T

43 B
284 B

86ms
86ms

Image
image/gif

54.187.93.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=18111E9F-0822-493E-8777-457F1C08CAE0&id=AU1D-0100-001671477950-J64QR2VQ-748T
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Server: 54.187.93.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-93-46.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 19 Dec 2022 19:25:50 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
expires: Tue, 20 Dec 2022 07:25:50 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=18111E9F-0822-493E-8777-457F1C08CAE0&id=AU1D-0100-001671477950-J64QR2VQ-748T
date: Mon, 19 Dec 2022 19:25:50 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001671477950-J64QR2VQ-748T&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001671477950...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001671477950-J64QR2VQ-748T&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001671...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=32df3307-e3fb-4052-9171-3dc01667899e%252Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-010...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=137425c4-114b-4d56-ae27-7ccd285e3f2c&ttd_puid=32df3307-e3fb-4052-9171-3dc01667899e%2Chttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001671477950-J64QR2VQ-748T&tapad_id=32df3307-e3fb-4052-9171-3dc01667899e

43 B
284 B

86ms
85ms

Image
image/gif

54.187.93.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001671477950-J64QR2VQ-748T&tapad_id=32df3307-e3fb-4052-9171-3dc01667899e
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Server: 54.187.93.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-93-46.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 19 Dec 2022 19:25:50 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
expires: Tue, 20 Dec 2022 07:25:50 GMT

Redirect headers

date: Mon, 19 Dec 2022 19:25:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001671477950-J64QR2VQ-748T&tapad_id=32df3307-e3fb-4052-9171-3dc01667899e
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001671477950-J64QR2VQ-748T
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001671477950-J64QR2VQ-748T&google_tc=
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001671477950-J64QR2VQ-748T&google_gid=CAESEJX3Ow6p9xUINYKfQreGy9o&google_cver=1&google_ula=450542624,0

43 B
284 B

83ms
82ms

Image
image/gif

54.187.93.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001671477950-J64QR2VQ-748T&google_gid=CAESEJX3Ow6p9xUINYKfQreGy9o&google_cver=1&google_ula=450542624,0
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Server: 54.187.93.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-93-46.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 19 Dec 2022 19:25:50 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
expires: Tue, 20 Dec 2022 07:25:50 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:50 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001671477950-J64QR2VQ-748T&google_gid=CAESEJX3Ow6p9xUINYKfQreGy9o&google_cver=1&google_ula=450542624,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001671477950-J64QR2VQ-748T
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MTQ3Nzk1MC1KNjRRUjJWUS03NDhU

170 B
188 B

36ms
36ms

Image
image/png

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MTQ3Nzk1MC1KNjRRUjJWUS03NDhU

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY3MTQ3Nzk1MC1KNjRRUjJWUS03NDhU
date: Mon, 19 Dec 2022 19:25:50 GMT
server: nginx/1.20.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001671477950-J64QR2VQ-748T%26auid%3DAU...
https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001671477950-J64QR2VQ-748T%26auid...
https://ids.ad.gt/api/v1/openx?openx_id=7be99509-08df-45df-96cf-1dda23dfab4b&id=AU1D-0100-001671477950-J64QR2VQ-748T&auid=AU1D-0100-001671477950-J64QR2VQ-748T

43 B
284 B

83ms
82ms

Image
image/gif

54.187.93.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=7be99509-08df-45df-96cf-1dda23dfab4b&id=AU1D-0100-001671477950-J64QR2VQ-748T&auid=AU1D-0100-001671477950-J64QR2VQ-748T
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Server: 54.187.93.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-93-46.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 19 Dec 2022 19:25:50 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
expires: Tue, 20 Dec 2022 07:25:50 GMT

Redirect headers

date: Mon, 19 Dec 2022 19:25:50 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://ids.ad.gt/api/v1/openx?openx_id=7be99509-08df-45df-96cf-1dda23dfab4b&id=AU1D-0100-001671477950-J64QR2VQ-748T&auid=AU1D-0100-001671477950-J64QR2VQ-748T
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

unruly
ids.ad.gt/api/v1/
Redirect Chain

https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26unruly_id%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26unruly_id%3D%5BRX_UUID%5D&cb=1671477950100
https://sync.targeting.unrulymedia.com/csync/RX-fd583366-ca0a-47ad-a53f-094e474e774b-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26unruly_id%3D...
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001671477950-J64QR2VQ-748T&unruly_id=RX-fd583366-ca0a-47ad-a53f-094e474e774b-005

43 B
284 B

91ms
85ms

Image
image/gif

54.187.93.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001671477950-J64QR2VQ-748T&unruly_id=RX-fd583366-ca0a-47ad-a53f-094e474e774b-005
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Server: 54.187.93.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-93-46.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 19 Dec 2022 19:25:50 GMT
cache-control: public, max-age=43200
server: nginx/1.20.0
expires: Tue, 20 Dec 2022 07:25:50 GMT

Redirect headers

Date: Mon, 19 Dec 2022 19:25:50 GMT
Server: Tengine
ETag: RXfd583366ca0a47ada53f094e474e774b005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001671477950-J64QR2VQ-748T&unruly_id=RX-fd583366-ca0a-47ad-a53f-094e474e774b-005
Content-Type: text/html
Connection: keep-alive

GET
H2 200 ip_match
ids.ad.gt/api/v1/ 0
74 B 122ms
82ms Image
text/html 54.187.93.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001671477950-J64QR2VQ-748T
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.93.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-93-46.us-west-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:50 GMT
server: nginx/1.20.0
content-length: 0
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3DAU1D-0100-001671477950-J64QR2VQ-748T%26sas_uid%3D%5bsas_uid%5d&gdpr=0
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001671477950-J64QR2VQ-748T&sas_uid=[sas_uid]&gdpr=0&cklb=1

0
313 B

55ms
54ms

Image
text/plain

199.187.193.192
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001671477950-J64QR2VQ-748T&sas_uid=[sas_uid]&gdpr=0&cklb=1
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: HTTP/1.1
Server: 199.187.193.192 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:49 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=AU1D-0100-001671477950-J64QR2VQ-748T&sas_uid=[sas_uid]&gdpr=0&cklb=1
pragma: no-cache
date: Mon, 19 Dec 2022 19:25:49 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 rules-p-a4LDpi_DEopn-.js Show response
rules.quantcount.com/ 160 B
632 B 94ms
21ms Script
application/javascript 2600:9000:208f:2e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-a4LDpi_DEopn-.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/aquant.js?a=p-a4LDpi_DEopn-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:208f:2e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee4b82b6cd20b5507cdc8ba9f680f953a6b395a5714bfbc362613d99744adc03

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 18:26:19 GMT
via: 1.1 6115ccbf06ce7bea7cea8806dfa86752.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C3
age: 3582
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:08:45 GMT
server: AmazonS3
etag: "b70022f01835553bebda2e2b4ea63db2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Bp5mxkI5HgOuvg6jMulAjNu3zVnjaqHKDiU2lbcDmjVH3OR6-EJ_Qg==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 95ms
26ms Image
image/gif 44.212.226.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=phoenixnewtimes.com&p=%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605&u=Z_1jJCo6QXSBo4flw&d=phoenixnewtimes.com&g=10424&g0=%2Fcalendar&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1775&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&b=3827&_m=email&_x=Newsletters&t=DxdlyGCWA4xzDc2NBZD1QiSWB5VZZo&V=139&i=DATE%20PACKAGE%20-%20Immersive%20Van%20Gogh%20Phoenix%20(Peak)%20%7C%20Art%20-%20Museums%20%7C%20Phoenix%20New%20Times%20%7C%20The%20Leading%20I&tz=0&sn=1&sv=DEHh6FDJUv6HkKvQbCUvdmaC7rSws&sd=1&im=067b0ff3&_
Requested by: Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.212.226.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-212-226-157.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 19 Dec 2022 19:25:50 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 143ms
47ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-395255-1&cid=627040464.1671477949&jid=1433455028&_u=YEBAAAAAAAAAAC~&z=1607046785

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 125ms
38ms Image
image/gif 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-395255-1&cid=627040464.1671477949&jid=1433455028&_u=YEBAAAAAAAAAAC~&z=1607046785

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame ECD0 283 B
1 KB 125ms
56ms Document
text/html 2607:f8b0:4006:823::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.ydLROSGdlBE.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_OUY4V-VcsLuRVnUuYVO758FydkA/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200d Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

770e0f68ebdd7de65566edbb0cf75d1ac03826171049396e92b1afd9d0d649f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GiyIqcC0B4vXC0SnD6LFLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.phoenixnewtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-GiyIqcC0B4vXC0SnD6LFLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 19:25:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 384343588808276 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/384343588808276?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f731d2a4e576a4dc7bdaa028505300b7d3c9a77058aeb5a173c3ec00603e20b1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Dec 2022 19:25:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86005
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: sFtPmc86WtoPd8jcfINfX5y6fsabuHQHNhPsjB/4csJ3L2mXSiIX124410GLms025TallbTD9AS8t6hj2BlSuA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 74ms
52ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=682420171855092&ev=PageView&dl=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&rl=&if=false&ts=1671477950235&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671477950229.1571391987&it=1671477949842&coo=false&rqm=GET

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Dec 2022 19:25:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 location Show response
www.pelcro.com/api/v1/sdk/ 66 B
155 B 47ms
40ms XHR
application/json 2606:4700:10::6816:858
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pelcro.com/api/v1/sdk/location
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127dbf7de12bd7072e12f7bf921fe92067015763fab9a8ade76d1a3c03c2c5af

Request headers

Accept: application/json
Cache-Control: max-age=0
Referer: https://www.phoenixnewtimes.com/
X-Pelcro-Sdk-Version: 2.10.4
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 19 Dec 2022 19:25:50 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 77c286c56c18f051-EWR
vary: Accept-Encoding
content-type: application/json; charset=UTF-8

OPTIONS
H2 200 location
www.pelcro.com/api/v1/sdk/ Frame 0
0 43ms
40ms Preflight 2606:4700:10::6816:858
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pelcro.com/api/v1/sdk/location
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:858 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,x-pelcro-sdk-version
Access-Control-Request-Method: GET
Origin: https://www.phoenixnewtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: cache-control,x-pelcro-sdk-version
access-control-allow-methods: GET
access-control-allow-origin: *
cf-ray: 77c286c51bc7f051-EWR
content-length: 0
date: Mon, 19 Dec 2022 19:25:50 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 104ms
56ms Fetch
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=752951872059350&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=ce076dd0d71a745453f25b45f55cdaf1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
date: Mon, 19 Dec 2022 19:25:50 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: mPNIWP7JspieLtOBNHHuSbngvjX/Vn5El2S1dOgBYJOfl2wy8p7C5fHqI93GTd6VjBQfUO4bAz49KW9RXEyvrQ==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.phoenixnewtimes.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 20ms
19ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=384343588808276&ev=PageView&dl=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&rl=&if=false&ts=1671477950299&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671477950229.1571391987&it=1671477949842&coo=false&rqm=GET

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Dec 2022 19:25:50 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 400 cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame ECD0 2 KB
851 B 134ms
39ms Other
text/html 2607:f8b0:4006:823::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/_/IdpIFrameHttp/cspreport

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200d Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a23fd1a589572d73e77077a120ca808cd69cc9f6c66e5cdd410605a4430bfcd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=base Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.KfbFqosJV-Y.es5.O/d=1/rs=AOaEmlFUFFjuRV_Tr8tZDNBAzV7gWJKaBA/ Frame ECD0 100 KB
35 KB 124ms
19ms Script
text/javascript 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.KfbFqosJV-Y.es5.O/d=1/rs=AOaEmlFUFFjuRV_Tr8tZDNBAzV7gWJKaBA/m=base

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93b83f3ce09c6b7766d84ad900122472457954a2cde3d722b2ae3c6a3f66f7b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 01:49:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35134
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 07:40:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 01:49:43 GMT

GET
H2 200 main.min.js Show response
js.pelcro.com/ui/plugin/west-word/ 713 KB
139 KB 49ms
48ms Script
text/javascript 2600:9000:2073:3000:c:b42a:3740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pelcro.com/ui/plugin/west-word/main.min.js
Requested by: Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2073:3000:c:b42a:3740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9cfd33c901ea82fe2dcea630488f62cf84f7ba8a4b32381a28fa582a2e198e9c

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 06:45:11 GMT
content-encoding: gzip
via: 1.1 cb0868a0a661911b98247aaff77bc898.cloudfront.net (CloudFront)
last-modified: Mon, 26 Apr 2021 14:05:05 GMT
server: AmazonS3
x-amz-cf-pop: IAD50-C2
age: 45640
etag: W/"13cf4b13a783a66945822413b1388894"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
x-amz-cf-id: ryJ2raXkaaJSN0EN7EVZSfFLbIiEopk2_Feu_OSiq77zT1QQHxcqxA==

GET
H2 200 pixel;r=1207668853;rf=0;a=p-a4LDpi_DEopn-;url=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail;u...
pixel.quantserve.com/ 35 B
372 B 60ms
25ms Image
image/gif 2620:116:800b:21:c1e8:5385:5098:6bf0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1207668853;rf=0;a=p-a4LDpi_DEopn-;url=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail;uht=2;fpan=1;fpa=P0-1433781679-1671477949989;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=phoenixnewtimes.com;dst=0;et=1671477950393;tzo=0;ogl=url.https%3A%2F%2Fwww%252Ephoenixnewtimes%252Ecom%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-pe%2Csite_name.Phoenix%20New%20Times%2Ctitle.DATE%20PACKAGE%20-%20Immersive%20Van%20Gogh%20Phoenix%20(Peak)%2Cimage.https%3A%2F%2Fmedia2%252Ephoenixnewtimes%252Ecom%2Fphx%2Fimager%2Fu%2Fslideshow%2F14471604%2Fe4440fb7-67c7%2Cimage%3Awidth.1524%2Cimage%3Aheight.857%2Cdescription.DATE%20PACKAGE%20-%20Immersive%20Van%20Gogh%20Phoenix%20(Peak)%20%3A%2Ctype.website;ses=56052836-39c3-43d3-a89e-aa8e81987399

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800b:21:c1e8:5385:5098:6bf0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame ECD0 49 B
96 B 52ms
52ms XHR
application/json 2607:f8b0:4006:823::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.phoenixnewtimes.com&client_id=1047773507347-jchudn4ns3sp35d2mhbljpqee8u4l1r2.apps.googleusercontent.com

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.KfbFqosJV-Y.es5.O/d=1/rs=AOaEmlFUFFjuRV_Tr8tZDNBAzV7gWJKaBA/m=base

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200d Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iLTl2YR7jY2x3VbWACBNAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
X-Requested-With: XmlHttpRequest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: script-src 'report-sample' 'nonce-iLTl2YR7jY2x3VbWACBNAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-encoding: gzip
cross-origin-embedder-policy: require-corp
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type: application/json; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 19 Dec 2022 19:25:50 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 7BD4 838 B
1 KB 30ms
26ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&upid=07ypglr&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 0d861b856bbb11fde55665b240694209db795cf88282f9e4fa821d7fa1eeab00

Request headers

Referer: https://www.phoenixnewtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 19:25:50 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 hub Show response
api.pushnami.com/scripts/v1/ Frame 9422 2 KB
1 KB 24ms
23ms Document
text/html 99.84.208.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pushnami.com/scripts/v1/hub

Requested by

Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/604b9a5dca020f0010ead52e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.208.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-208-86.iad79.r.cloudfront.net

Software

Resource Hash

2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-inline' *
X-Content-Security-Policy	default-src 'unsafe-inline' *

Request headers

Referer: https://www.phoenixnewtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-origin: *
age: 1636
cache-control: no-cache
content-encoding: gzip
content-security-policy: default-src 'unsafe-inline' *
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 18:58:34 GMT
vary: accept-encoding
via: 1.1 de6760156d781e28f72545a2e9243b26.cloudfront.net (CloudFront)
x-amz-cf-id: 9AP0C1HN5VTuA38XzS0naCSsg-pOmnctPiM5PoaKkMUyQuZeD-DlHw==
x-amz-cf-pop: IAD79-C1
x-cache: Hit from cloudfront
x-content-security-policy: default-src 'unsafe-inline' *
x-webkit-csp: default-src 'unsafe-inline' *

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 109ms
67ms XHR
application/json 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

668b2848d6cb9a71d8700d160863b0a06333bcee54bb96e6a875ff7c050ad43b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11038
x-xss-protection: 0

GET
H2 200 / Show response
js.stripe.com/v3/ 406 KB
98 KB 114ms
16ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: js.pelcro.com
URL: https://js.pelcro.com/sdk/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8194683988aa780cecce16851d1df8844ba925e94c167345076796570ea59216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 19:25:50 GMT
via: 1.1 varnish
age: 15
x-cache: HIT
content-length: 100075
x-request-id: e5acf1ee-a566-4693-b283-bd9bebb3b3b8
x-served-by: cache-yyz4578-YYZ
last-modified: Fri, 16 Dec 2022 20:49:47 GMT
server: Fastly
etag: "1427be9e5809af896fcea387d09e6a09"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 7BD4 487 B
964 B 25ms
24ms Script
application/x-javascript 99.84.210.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=eac6kka&ref=https%3A%2F%2Fwww.phoenixnewtimes.com%2Fevent%2Fdate-package-immersive-van-gogh-phoenix-peak-14471605%3Futm_source%3DNewsletters%26utm_medium%3Demail&upid=07ypglr&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.210.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-210-36.iad79.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 19 Dec 2022 06:12:24 GMT
Via: 1.1 19ae496eb414e9373ed8ce49d0fdbba2.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: IAD79-C1
Age: 47607
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: Krt_6w95JUTHmSvUu6eNHN_sxeblMfAnAR464bvAib2xlEjqBmRjhQ==

POST
H2 200 psp Show response
psp.pushnami.com/api/ 2 B
229 B 377ms
376ms Fetch
text/html 52.54.160.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Requested by: Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/604b9a5dca020f0010ead52e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.160.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-160-235.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept: application/json, text/plain, */*
Referer: https://www.phoenixnewtimes.com/
accept-language: en-CA,en;q=0.9
key: 604b9a5dca020f0010ead52e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.phoenixnewtimes.com
date: Mon, 19 Dec 2022 19:25:51 GMT
cache-control: no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: accept-encoding
content-type: text/html; charset=utf-8

OPTIONS
H2 200 psp
psp.pushnami.com/api/ Frame 0
0 121ms
27ms Preflight
application/json 52.54.160.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://psp.pushnami.com/api/psp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.160.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-160-235.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: key
Access-Control-Request-Method: POST
Origin: https://www.phoenixnewtimes.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: key
access-control-allow-methods: POST
access-control-allow-origin: https://www.phoenixnewtimes.com
access-control-expose-headers: content-type, content-length, etag
access-control-max-age: 600
cache-control: no-cache
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Mon, 19 Dec 2022 19:25:50 GMT
vary: accept-encoding

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 2AA3
Redirect Chain

https://dpm.demdex.net/ibs:dpid=903&dpuuid=137425c4-114b-4d56-ae27-7ccd285e3f2c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=903&dpuuid=137425c4-114b-4d56-ae27-7ccd285e3f2c&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam

70 B
596 B

25ms
25ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 19 Dec 2022 19:25:50 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
DCS: dcs-prod-va6-1-v044-0d8119880.edge-va6.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: PKigLSCuQzE=

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 6FEF
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=137425c4-114b-4d56-ae27-7ccd285e3f2c
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=137425c4-114b-4d56-ae27-7ccd285e3f2c

0
0

92ms
23ms

Document
text/plain

34.193.160.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=137425c4-114b-4d56-ae27-7ccd285e3f2c
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.160.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-160-212.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private, no-cache, no-store
date: Mon, 19 Dec 2022 19:25:50 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-request-time: D=55 t=1671477950
x-served-by: beacon-n003-ash-prod.krxd.net

Redirect headers

content-length: 0
date: Mon, 19 Dec 2022 19:25:50 GMT
location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=137425c4-114b-4d56-ae27-7ccd285e3f2c
x-age: 0
x-cache: MISS
x-cache-hits: 0
x-served-by: usermatch-a020-ash-prod.krxd.net

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 910E
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=137425c4-114b-4d56-ae27-7ccd285e3f2c&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=137425c4-114b-4d56-ae27-7ccd285e3f2c&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-bZTBfXlE2uIaBMXO1ZTAzqmtYANkaXU-~A&gdpr=0&gdpr_consent=

70 B
596 B

25ms
24ms

Document
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-bZTBfXlE2uIaBMXO1ZTAzqmtYANkaXU-~A&gdpr=0&gdpr_consent=
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 19 Dec 2022 19:25:50 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Mon, 19 Dec 2022 19:25:50 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-bZTBfXlE2uIaBMXO1ZTAzqmtYANkaXU-~A&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 99ms
45ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js?bust=31071167

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 19:25:50 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame A298 0
15 B 26ms
19ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.phoenixnewtimes.com
Referer: https://www.phoenixnewtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.phoenixnewtimes.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 19:25:50 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 415E 200 B
786 B 17ms
17ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.phoenixnewtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3108050
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 19:25:50 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 402727
x-content-type-options: nosniff
x-request-id: b8ec4c96-e557-4288-a09f-fd25b265f309
x-served-by: cache-yyz4578-YYZ

POST
H2 200 csp-report
q.stripe.com/ Frame 415E 0
570 B 294ms
84ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Dec 2022 19:25:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 415E 0
570 B 294ms
85ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 19 Dec 2022 19:25:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 415E 631 B
438 B 17ms
16ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Dec 2022 19:25:50 GMT
via: 1.1 varnish
age: 3108050
x-cache: HIT
content-length: 332
x-request-id: 8b99deb4-fbd6-4fc8-a24e-2fe6bcb7e229
x-served-by: cache-yyz4578-YYZ
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 318771

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0E68 0
15 B 19ms
19ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.phoenixnewtimes.com
Referer: https://www.phoenixnewtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.phoenixnewtimes.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 19:25:50 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1BC8 13 KB
5 KB 137ms
23ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.phoenixnewtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 285660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 12:04:51 GMT
expires: Sat, 16 Dec 2023 12:04:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C799 783 B
534 B 153ms
40ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da9e271ee4b61d6855056686364cc2f06c7c6d215b784de6f9a9b8d82003e2be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GvHMbBtd5doibf6GmeqIKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.phoenixnewtimes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-GvHMbBtd5doibf6GmeqIKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 19:25:51 GMT
expires: Mon, 19 Dec 2022 19:25:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 2FDB 930 B
1 KB 80ms
41ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 153
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 19 Dec 2022 19:25:51 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 172
x-content-type-options: nosniff
x-request-id: 62eba564-f375-46db-ac5a-98bc92f34a2c
x-served-by: cache-yyz4578-YYZ
x-timer: S1671477951.038434,VS0,VE0

POST
H2 200 csp-report
q.stripe.com/ Frame 2FDB 0
345 B 158ms
83ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.phoenixnewtimes.com
URL: https://www.phoenixnewtimes.com/event/date-package-immersive-van-gogh-phoenix-peak-14471605?utm_source=Newsletters&utm_medium=email

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Mon, 19 Dec 2022 19:25:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 2FDB 86 KB
16 KB 20ms
20ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Mon, 19 Dec 2022 19:25:51 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 42
x-cache: HIT
content-length: 16031
x-request-id: 262cd01a-1209-438b-9213-6dc16e7f3d7a
x-served-by: cache-yyz4578-YYZ
server: Fastly
x-timer: S1671477951.066745,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 49

POST
H2 200 6 Show response
m.stripe.com/ Frame 2FDB 156 B
523 B 253ms
88ms XHR
application/json 34.223.191.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.223.191.1 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-223-191-1.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3b3a3e5d7bfc32a8d6b85748ecac6eabec11257077c42159c4ecb6d525e1d7d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 19 Dec 2022 19:25:51 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C799 0
0 34ms
33ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=2897167528287862&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 1BC8 36 KB
16 KB 20ms
19ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 18:56:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260981
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Dec 2023 18:56:10 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1BC8 0
10 B 19ms
19ms Image
text/plain 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YVYlKQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:25:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 106ms
105ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=2897167528287862&bg=!T0ylTAjNAAYgquz3AKo7ACkAdvg8WgQEF0hEcoBFl2liuhYn44kHC7SBUBf7Swomdrm1xHFrsa_xIwIAAACrUgAAAANoAQeZAuG2JAvu3x4Q8flprs1XRWsATkiqYhiwnT62vHGsFtOcfPac4G-iWARy4rBezylYtM2gbkvZYaP2w52cb3OGm9ju2b8PFYPZJ-cWSzYMRaSjur5JRsh8t4Tjjbdb05tBlhoAzeL-lmple7e0id5DhYIo4NXPI0-5_D3AvOviVekyUJ6J5aePF-zjVexocttTjPXkh4LfLCEjLS2Jw4O3LQLfOmXAwUfmd8gCWs3Z0SNi-QdBvzO7FtTVySnGnkJkLFnnwNWTAFhp7bQMrVRaTye0oN8SvPSGKfMOrtRjXTs-gf1X5NAVV2IqfAcYTyOP9aHPDxSyGCgix49fb2O3cWn_luUad25BAVTItYTleDtg6ME_WntBYoAqnvQlNKho2ydRMbJpYx0WzvYwGF0Np4JZUysPIKDpstmF_-KxLjX0awf2XgUuJQ8W-_dZb9LNIQO6i3PEiwWYQQ131kmgUq0oOE92vuwPlpW6iT32ZMP6WPzZ4AuK6NgbE0jW8BHNCak61ADJACKFA3DGEjGgtZCYOfsUFn_7r_ozdzhZNHvw7z0foRPDpi0PA0gJHUQytkTI0YGuRQ1LHlD2zCcKbQOyrhAQHS_5-tdK5iCYWOmjeVYwjTsEwCaPdoK9S7alg_szRA3eNLojLEL59rotx8pRMUB_E9cn01AmmG9F6pzdQxie_CsF2vNkiploISE9Sc6IxcUdiaoKT-VXHL1eA5RVUDj8WweC5tU6uftqivQ4s4EgSM_H6o_B0R4PrmeREmcI46yqdPo6aMHjSQkoM77EinmGJsHlX4pC-y3C7jEgootTgDUKet-hOhPbAJDwfZqRbVZonbpz8E7BIWrChDIowtWPZz2JdS1yCrIThtuHV1Pq0waQZZQSHceqLv60B6sgSe36hE9_SZm2d36QhSCo85yszXxPNmpI0wszjDPheZfbsSwV_XVQPGkIGa3zu_5hJjaqGSi-5iwLqXU4_OFL5Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/3/ 249 KB
68 KB 63ms
21ms Script
text/javascript 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/3/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCpuLa9nk_d2aIviF02JiLW8HfnGP2l-fU

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32999fee543995c67d5f35c2432cccc8a0df808c6e3aa5697e751e694e4a8cef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:06:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69755
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 18:55:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 19:06:53 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/3/ 166 KB
61 KB 64ms
24ms Script
text/javascript 2607:f8b0:4006:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/3/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCpuLa9nk_d2aIviF02JiLW8HfnGP2l-fU

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9a23567883cb5e3c7b2d81005271db6d3753e2186c625acbf88ad47e282041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.phoenixnewtimes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 19:08:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62746
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 18:55:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 19:08:59 GMT

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

46 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.phoenixnewtimes.com/	1970-01-20 17:03:54	Name: sailthru_hid Value: 8857f0911bb44d98dbef1504ffedb9455745d6f7498ecfca84ced513229e3cfc458a4c55ca1a81bb17181184
.phoenixnewtimes.com/	1970-01-20 08:18:08	Name: sailthru_bid Value: 29979210.4774
.phoenixnewtimes.com/	1970-01-20 08:19:24	Name: _gid Value: GA1.2.1316717174.1671477949
.phoenixnewtimes.com/	1970-01-20 08:17:58	Name: _gat Value: 1
.phoenixnewtimes.com/	1970-01-20 17:53:57	Name: pelcro_first_touch_utm_medium Value: ZW1haWw=
.phoenixnewtimes.com/	1970-01-20 17:53:57	Name: pelcro_first_touch_utm_source Value: TmV3c2xldHRlcnM=
.phoenixnewtimes.com/	1970-01-20 17:53:57	Name: _ga_LNJVZ7WWDK Value: GS1.1.1671477949.1.0.1671477949.0.0.0
.phoenixnewtimes.com/	1970-01-20 17:53:57	Name: _ga Value: GA1.1.627040464.1671477949
.phoenixnewtimes.com/	1970-01-20 17:03:33	Name: _au_1d Value: AU1D-0100-001671477950-J64QR2VQ-748T
.phoenixnewtimes.com/	1970-01-20 17:03:33	Name: _au_last_seen_pixels Value: eyJhcG4iOjE2NzE0Nzc5NTAsInR0ZCI6MTY3MTQ3Nzk1MCwicHViIjoxNjcxNDc3OTUwLCJ0YXBhZCI6MTY3MTQ3Nzk1MCwiYWR4IjoxNjcxNDc3OTUwLCJnb28iOjE2NzE0Nzc5NTAsIm9wZW54IjoxNjcxNDc3OTUwLCJ1bnJ1bHkiOjE2NzE0Nzc5NTAsInNtYXJ0IjoxNjcxNDc3OTUwfQ==
.phoenixnewtimes.com/	1970-01-20 17:46:45	Name: _cb Value: Z_1jJCo6QXSBo4flw
.phoenixnewtimes.com/	1970-01-20 17:46:45	Name: _chartbeat2 Value: .1671477949997.1671477949997.1.DEHh6FDJUv6HkKvQbCUvdmaC7rSws.1
.phoenixnewtimes.com/	1970-01-20 08:17:59	Name: _cb_svref Value: null
.adnxs.com/	1970-01-20 10:27:33	Name: uuid2 Value: 8820141495692507188
.tapad.com/	1970-01-20 09:44:21	Name: TapAd_TS Value: 1671477950051
.tapad.com/	1970-01-20 09:44:21	Name: TapAd_DID Value: 32df3307-e3fb-4052-9171-3dc01667899e
.openx.net/	1970-01-20 17:03:33	Name: i Value: 8105b335-28d4-45d4-9fe2-c162508757b2\|1671477950
.adsrvr.org/	1970-01-20 17:03:33	Name: TDID Value: 137425c4-114b-4d56-ae27-7ccd285e3f2c
.phoenixnewtimes.com/	1970-01-20 17:39:33	Name: __gads Value: ID=11be19a5016802fd-22aaabd322d90017:T=1671477949:RT=1671477949:S=ALNI_MbsTqthjmA416SK1SBAU4SbJ84kTw
.pubmatic.com/	1970-01-20 10:27:33	Name: KTPCACOOKIE Value: true
.phoenixnewtimes.com/	1970-01-20 17:39:33	Name: __gpi Value: UID=000008da1196fbb2:T=1671477949:RT=1671477949:S=ALNI_MaPNzvSF2qSsbL6KMfkJ0Cfa0Z-xA
.1rx.io/	1970-01-20 17:03:33	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fd583366-ca0a-47ad-a53f-094e474e774b-005%22%7D
.www.phoenixnewtimes.com/	1970-01-20 17:53:57	Name: G_ENABLED_IDPS Value: google
.pubmatic.com/	1970-01-20 17:03:33	Name: KADUSERCOOKIE Value: 18111E9F-0822-493E-8777-457F1C08CAE0
.doubleclick.net/	1970-01-20 17:53:57	Name: IDE Value: AHWqTUmijXciVAje_WTQ3kvj23m21F1DF5Jt9bvBxdQ4kKiI_L22__UoQLaxZRs7W3Y
.phoenixnewtimes.com/	1970-01-20 10:27:33	Name: _fbp Value: fb.1.1671477950229.1571391987
.ad.gt/	1970-01-20 17:53:57	Name: au_id Value: AU1D-0100-001671477950-J64QR2VQ-748T
.ad.gt/	1970-01-20 17:53:57	Name: g_hosted Value:
.tapad.com/	1970-01-20 09:44:21	Name: TapAd_3WAY_SYNCS Value: 1!8491
.phoenixnewtimes.com/	1970-01-20 16:56:21	Name: pelcro.unique.id Value: azNkYTkwbWo5ODdsYnY2dGNwMQ==
.targeting.unrulymedia.com/	1970-01-20 17:03:33	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-fd583366-ca0a-47ad-a53f-094e474e774b-005%22%7D
.quantserve.com/	1970-01-20 17:48:12	Name: mc Value: 63a0babe-6e559-75d58-54639
.phoenixnewtimes.com/	1970-01-20 17:42:26	Name: __qca Value: P0-1433781679-1671477949989
.smartadserver.com/	1970-01-20 17:03:33	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 17:03:33	Name: pbw Value: %24b%3d16100%3b%24o%3d11100
.google.com/	1970-01-20 12:41:29	Name: NID Value: 511=nUkVxkNyvkoKg2ulSgsfCC5BzAqWHMbkoApSWwCOjxyCqUdN1NTZ64YV6oqRvdkZ1Ci4crl1BzXaLYrdJQs-YiiuWdZipTXYNkuK4qFnRBTL1bPOsuWJV6HGv6EhzLZZ2UFMtZ99k-fkEBTLGEJj4e54uTuoYEoHnA3VTqs_X6c
.smartadserver.com/	1970-01-20 17:03:33	Name: pid Value: 1103798404672974
.yahoo.com/	1970-01-20 17:03:55	Name: A3 Value: d=AQABBL66oGMCENCQSeKO9rI3q4bl4le6IisFEgEBAQEMomOqYwAAAAAA_eMAAA&S=AQAAAsaKtT-SIb8Bk7eFQQsvogA
.demdex.net/	1970-01-20 12:37:09	Name: demdex Value: 70060053477311950013671347387579523617
.analytics.yahoo.com/	1970-01-20 17:03:33	Name: IDSYNC Value: 1769~28xv
.dpm.demdex.net/	1970-01-20 12:37:09	Name: dpm Value: 70060053477311950013671347387579523617
.adsrvr.org/	1970-01-20 17:03:33	Name: TDCPM Value: CAESFAoFdGFwYWQSCwiwotvrm4CxOxAFEhIKA2FhbRILCJb9ku-bgLE7EAUSEwoEa3J1eBILCJb9ku-bgLE7EAUSGQoKcmlnaHRtZWRpYRILCJb9ku-bgLE7EAUYBSABKAMyCwiW9ZWcsoCxOxAFOAFCBCICCAFaB2VhYzZra2FgAQ..
.krxd.net/	1970-01-20 12:37:09	Name: _kuid_ Value: PRIQeUUs
m.stripe.com/	1970-01-20 17:53:57	Name: m Value: 9eda2139-72b9-4a23-ba4b-19fa9b70cda19f596d
.www.phoenixnewtimes.com/	1970-01-20 17:03:33	Name: __stripe_mid Value: 471b3b16-4e06-4340-b8cd-db6aee0dbc2fe59ec8
.www.phoenixnewtimes.com/	1970-01-20 08:17:59	Name: __stripe_sid Value: 008318d3-e5b1-47fb-af36-74b3eb1710658bd9b0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport Message: Failed to load resource: the server responded with a status of 400 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
accounts.google.com
acdn.adnxs.com
adservice.google.ca
adservice.google.com
api.pushnami.com
apis.google.com
beacon.krxd.net
cd.connatix.com
cdn.hadronid.net
cdn.jsdelivr.net
cds.connatix.com
cm.g.doubleclick.net
connect.facebook.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
ids.ad.gt
image2.pubmatic.com
insight.adsrvr.org
js.adsrvr.org
js.pelcro.com
js.stripe.com
link.phoenixnewtimes.com
m.stripe.com
m.stripe.network
maps.googleapis.com
match.adsrvr.org
media2.phoenixnewtimes.com
p.ad.gt
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
pixel.quantserve.com
pixel.tapad.com
platform.twitter.com
psp.pushnami.com
q.stripe.com
rddywd.com
rules.quantcount.com
secure.adnxs.com
secure.quantserve.com
static.chartbeat.com
stats.g.doubleclick.net
sync.1rx.io
sync.smartadserver.com
sync.targeting.unrulymedia.com
syndication.twitter.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleapis.com
www.googletagmanager.com
www.gstatic.com
www.pelcro.com
www.phoenixnewtimes.com
104.244.42.72
107.178.246.49
107.20.71.201
142.251.40.130
151.101.192.176
151.101.2.137
199.127.204.171
199.187.193.192
23.220.188.182
2600:9000:2073:3000:c:b42a:3740:93a1
2600:9000:208f:2e00:6:44e3:f8c0:93a1
2600:9000:2199:c600:18:1fcd:351:7bc1
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:4700:10::6816:445
2606:4700:10::6816:858
2606:4700:20::681a:b19
2606:4700:20::681a:f67
2606:4700:3036::ac43:8a2c
2606:4700::6810:5614
2607:f8b0:4004:c1d::9b
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::2003
2607:f8b0:4006:809::2008
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::200a
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::2003
2607:f8b0:4006:81f::200e
2607:f8b0:4006:823::200d
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::200e
2620:116:800b:21:c1e8:5385:5098:6bf0
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:83:face:b00c:0:25de
3.218.90.66
3.229.38.178
34.193.160.212
34.223.191.1
35.244.159.8
44.212.226.157
52.223.40.198
52.54.160.235
54.186.23.98
54.187.93.46
54.203.48.28
54.204.220.204
68.67.160.75
68.67.179.166
8.28.7.83
99.84.208.86
99.84.210.36
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d861b856bbb11fde55665b240694209db795cf88282f9e4fa821d7fa1eeab00
127dbf7de12bd7072e12f7bf921fe92067015763fab9a8ade76d1a3c03c2c5af
1295392dc1ad49ec647789fb43abc365e98aee26822f397ba16a24d9acf6a689
131911bf220ea99b0c5cb656841224dba94da7314169f3069ccac0815bc9e0df
131fca19960314913665f3f9eef73981f8847442e2e44fb4a6280964a98e3581
13f329a0d3e082589a14177df4778b45ea8cb3826ce3b945fcbb0721baca5825
1c60fbb2cbbef335bceb50752f77180c710787594e46f9e00d13121c489af0f5
1d57f9ddb633dcc5857ad4cdf9be75e1e37830ece957e888bb928ef5bc6ad134
218e16b20479abf1a1b8fa1c77a69a32db478429436b1c717e6096d6a3d79f73
2381a9476aede89b45e4ce0663aa85f8bc24e7765106c7d12dfe721cc3b21459
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
2e9313576448e5201db2ab8887305bfec55941d7e11b5529576eaeb2b5ddeedf
302e05277d09dde32df9fa04c22bf5e609ab7e30749a0cd09fa119c18f2120af
32999fee543995c67d5f35c2432cccc8a0df808c6e3aa5697e751e694e4a8cef
380a2b96ba56a2981cd1c689b78edd8b91096f843ebec8ba62de16c8d8afd2fb
398dc6dbd96011b1221e4ae2d74302edf250d806c06bc696701a2dcb63d331ba
3b3a3e5d7bfc32a8d6b85748ecac6eabec11257077c42159c4ecb6d525e1d7d3
3efb1c6efde7139756bd608eab26de8aa1fe3416bb7048d33fd0510377cd5ace
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
47c4ddec8ced87e0f02bc3866b56b732e8a24917d79db3a38baedf001f24db05
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4881c5df7768ae1b95e6644d690b41ee9625c1aad05a26f50121acaa3d622f22
48e66e73048706fa4d36d4b10033b268c63408c0304395f11ef661a278c403bf
51643413920fb7346927f681edf04d04a89cbdd95e4b1f6c52808328bf92ad4e
51c06c0897a55aef1eca1f08d9a2bfa471345de41f68bcb46dd17b17038101db
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56bac5cf70fa7d09963d4c16f961722f7e1aeea793d5d2503af54fc1a008963d
57041153f44784bed5ad390b00dd0a6d5dba175e6de0e4d4ec74c97e487c8bde
5a1b092d7e105d5ecda0bd16c3642bc9c9a19ce1c86318331d81c8d40217641c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ed6438b5dce242acef8382f5ac2bc3723f0b744cd207b24c3e6942d985f241
668b2848d6cb9a71d8700d160863b0a06333bcee54bb96e6a875ff7c050ad43b
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
770e0f68ebdd7de65566edbb0cf75d1ac03826171049396e92b1afd9d0d649f1
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7d0f674e2c088dfb4aea85d4644cd03b7a821c2504ce8ca5a4c02d7e29ef9323
7e6cea607374256f30fd7c602c9bfbf152e3e8f19bb80dc24f2f20af48c8451e
7f555674a54503e3367276168359cef065eecc75f1fe436ac13bdf3dfd65a970
81599069d689ec199ec3a75617e1df76a777343b27042f55fcdc8caff361fba8
8194683988aa780cecce16851d1df8844ba925e94c167345076796570ea59216
821e284702988e65b2943971190f778e28fc3d8c8e379c35a7c21f4757a1d204
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8c0531412c543b9bd978e29acb8f5cf330db9891115d1e9924519d9a675b7b74
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ddc5718c3df9a9256816484543bec1a55f33597fa7cda19505469dd15a81f8f
93b83f3ce09c6b7766d84ad900122472457954a2cde3d722b2ae3c6a3f66f7b9
9cfd33c901ea82fe2dcea630488f62cf84f7ba8a4b32381a28fa582a2e198e9c
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e035d3f23309ca479bb89dc8aa46a71826bde6958b10f1472b7203c2dff8e12
9f44becebd35a6e9ec71d4917ee8690eb00a0b0f0c9c7fa230f504464e9c643c
9fb73efabf1d6bef19b8e947b3fe68e959c765d8d2c2f057670a6b599d80decd
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a23fd1a589572d73e77077a120ca808cd69cc9f6c66e5cdd410605a4430bfcd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a73eb3a275137c862b8aede37f767fb8878199c38388c804d40811205fb3b396
ac6b9b3222290a815f00d1050211c973ccd19bc50e4f997e578602f9c64376f3
ae5c596393ceb1385283562743cf52e7ccc8affc152dbd49795b742793543c8a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b225520e63b1d45a899525e7f63f8bfbae8bc8480f0eb517ed0aeef0485b84e1
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b95d7130b3d7bebe5f1bb450825f97a987df101b5bd80f5dee1102a53a6ece7c
bc3508227219f27c700cb95df86caff472ad5d86ff03443f7567fe212c39bf08
bfbf3d9abff305b811e7799fc9d088efc092005fbdfa746abbe2517ecd543e0d
c02444f391e8655e79ff8d7d4cb69c3426c3bffbf8731a994fa23aed0f641d12
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca9a23567883cb5e3c7b2d81005271db6d3753e2186c625acbf88ad47e282041
cba44fea0ed580f42b7756ac614daaba504a6aa04acf57e0c478cbc86810168e
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cf16ae90a4220f3e28330d6578ff5095d931b4397f528ad83632eb1124193b74
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10035036ee325aee66a640c7d29ad53492e3f9fbbc92638b5f6a266f065d9d2
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
da9e271ee4b61d6855056686364cc2f06c7c6d215b784de6f9a9b8d82003e2be
e2b16fd8eed0abca85415524c594f918b2995a1e55244806c511d0062f4035f8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
eca6b1948499bebdb770f79fcb405d77bcc2c1287ea9c81d12001a3c5c132bda
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee4b82b6cd20b5507cdc8ba9f680f953a6b395a5714bfbc362613d99744adc03
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f731d2a4e576a4dc7bdaa028505300b7d3c9a77058aeb5a173c3ec00603e20b1
fa1733bf58cdb10b6e8929b14dcdda9f4a555d7546faf93dd1e9b2dbb232583c
fd55acbe373b8ce45a4ca931775510a3dfa9fd40ec8505ae7291feb7b0b62575
fe4e9bc06fed6ec87628ecafc1c65946dc62a29651af76a99227ebdbbc2ecf59

www.phoenixnewtimes.com Open in urlscan Pro 2606:4700:20::681a:f67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

128 Requests

92 %HTTPS

54 %IPv6

37 Domains

63 Subdomains

48 IPs

2 Countries

4810 kBTransfer

14755 kBSize

46 Cookies

17 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.phoenixnewtimes.com Open in urlscan Pro
2606:4700:20::681a:f67 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

92 %
HTTPS

54 %
IPv6

37
Domains

63
Subdomains

48
IPs

2
Countries

4810 kB
Transfer

14755 kB
Size

46
Cookies

128 HTTP transactions
2 data transactions