www.dominionpost.com Open in urlscan Pro
23.29.132.40 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dominionpost.com/
Submission: On August 19 via automatic, source certstream-suspicious (August 19th 2021, 5:15:26 am UTC)

Summary HTTP 220 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 33 domains to perform 220 HTTP transactions. The main IP is 23.29.132.40, located in United States and belongs to BIGSCOOTS, US. The main domain is www.dominionpost.com.
TLS certificate: Issued by R3 on August 19th 2021. Valid for: 3 months.

This is the only time www.dominionpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
62	23.29.132.40 23.29.132.40	394303 (BIGSCOOTS) (BIGSCOOTS)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	151.101.12.176 151.101.12.176	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:b0c0:3:d... 2a03:b0c0:3:d0::d23:4001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
13	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4	199.19.89.14 199.19.89.14	54105 (SSM-NET) (SSM-NET)
2	34.96.77.232 34.96.77.232	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
9	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3	199.19.89.19 199.19.89.19	54105 (SSM-NET) (SSM-NET)
21	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3033::6815:3922	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
13	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:aa7a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	34.215.192.98 34.215.192.98	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:4c::8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
220	38

62 23.29.132.40 (United States)

ASN394303 (BIGSCOOTS, US)
PTR: ip-40.132-29-23.securedserverspace.com

www.dominionpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:b0c0:3:d0::d23:4001 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 199.19.89.14 (United States)

ASN54105 (SSM-NET, US)
PTR: 199-19-89-14.secondstreetmedia.com

embed.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.77.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.77.96.34.bc.googleusercontent.com

widget.secure.ownlocal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.dk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

566f2125eaaa65a065d84d2a3258866b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.19.89.19 (United States)

ASN54105 (SSM-NET, US)
PTR: 199-19-89-19.secondstreetmedia.com

api.secondstreetapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:3922 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.paywallproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.215.192.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-192-98.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:4c::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5e6nzs.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	dominionpost.com www.dominionpost.com	1 MB
26	doubleclick.net 2 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net static.doubleclick.net ad.doubleclick.net	187 KB
22	googlesyndication.com pagead2.googlesyndication.com 566f2125eaaa65a065d84d2a3258866b.safeframe.googlesyndication.com tpc.googlesyndication.com	297 KB
21	youtube.com www.youtube.com	723 KB
13	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	307 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	233 KB
9	googlevideo.com r3---sn-4g5e6nzs.googlevideo.com	1 MB
7	secondstreetapp.com embed.secondstreetapp.com api.secondstreetapp.com media.secondstreetapp.com	644 KB
6	googletagservices.com www.googletagservices.com	214 KB
6	facebook.com www.facebook.com	594 B
5	google.com adservice.google.com www.google.com	15 KB
5	googleapis.com ajax.googleapis.com fonts.googleapis.com	37 KB
4	stripe.com js.stripe.com m.stripe.com	60 KB
3	awin1.com 1 redirects www.awin1.com	2 KB
3	facebook.net connect.facebook.net	170 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	757 B
2	rlcdn.com 2 redirects id.rlcdn.com	887 B
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
2	stripe.network m.stripe.network	19 KB
2	paywallproject.com ads.paywallproject.com	55 KB
2	google.de adservice.google.de	975 B
2	google-analytics.com www.google-analytics.com	19 KB
2	ownlocal.com widget.secure.ownlocal.com	26 KB
1	congstar.de banner.congstar.de	518 B
1	ggpht.com yt3.ggpht.com	3 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	457 B
1	mookie1.com odr.mookie1.com	324 B
1	quantserve.com cms.quantserve.com	464 B
1	google.dk adservice.google.dk	853 B
1	googleadservices.com partner.googleadservices.com	441 B
1	plausible.io plausible.io	855 B
1	googletagmanager.com www.googletagmanager.com	40 KB
220	33

	Domain	Requested by
62	www.dominionpost.com	www.dominionpost.com
21	www.youtube.com	www.dominionpost.com www.youtube.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	securepubads.g.doubleclick.net	www.dominionpost.com securepubads.g.doubleclick.net www.googletagservices.com
9	r3---sn-4g5e6nzs.googlevideo.com	www.youtube.com
9	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
8	pagead2.googlesyndication.com	www.dominionpost.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	assets.ad4m.at	as.ad4m.at
6	www.googletagservices.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
6	www.facebook.com	www.dominionpost.com connect.facebook.net
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	ad4m.at	googleads.g.doubleclick.net ad4m.at
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.dominionpost.com www.youtube.com
4	fonts.googleapis.com	www.dominionpost.com embed.secondstreetapp.com
3	www.awin1.com	1 redirects as.ad4m.at
3	media.secondstreetapp.com	www.dominionpost.com
3	api.secondstreetapp.com	embed.secondstreetapp.com
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	connect.facebook.net	www.dominionpost.com connect.facebook.net
3	js.stripe.com	www.dominionpost.com js.stripe.com
2	ad.doubleclick.net	2 redirects
2	as.ad4m.at	ad4m.at as.ad4m.at
2	www.google.com	www.youtube.com tpc.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	id.rlcdn.com	2 redirects
2	m.stripe.network	js.stripe.com m.stripe.network
2	ads.paywallproject.com	www.dominionpost.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	widget.secure.ownlocal.com	www.dominionpost.com widget.secure.ownlocal.com
1	banner.congstar.de	as.ad4m.at
1	www.gstatic.com	www.youtube.com
1	m.stripe.com	m.stripe.network
1	yt3.ggpht.com	www.youtube.com
1	static-de.ad4mat.net	ad4m.at
1	static.doubleclick.net	www.youtube.com
1	pixel.rubiconproject.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	www.dominionpost.com
1	566f2125eaaa65a065d84d2a3258866b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.dk	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	embed.secondstreetapp.com	www.dominionpost.com
1	plausible.io	www.dominionpost.com
1	www.googletagmanager.com	www.dominionpost.com
1	ajax.googleapis.com	www.dominionpost.com
220	49

This site contains links to these domains. Also see Links.

Domain
dominionpost.com
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
dominionpost.com R3	`2021-08-19` - `2021-11-17`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
plausible.io R3	`2021-05-28` - `2021-08-26`	3 months	crt.sh
*.secondstreetapp.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-23` - `2022-07-23`	2 years	crt.sh
secure.ownlocal.com GTS CA 1D4	`2021-06-28` - `2021-09-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.dk GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.ad4mat.net AlphaSSL CA - SHA256 - G2	`2019-08-06` - `2021-09-08`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-08-10` - `2021-10-19`	2 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.dominionpost.com/
Frame ID: 7414C9F49A3E364F2790659973FC16DD
Requests: 104 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: A011D84D59AC9B37ABE9982DFE0C3A74
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208745263388354&output=html&adk=1812271804&adf=3025194257&lmt=1629350098&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.dominionpost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629350098826&bpp=4&bdt=628&idt=131&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2272086393149&frm=20&pv=2&ga_vid=804797133.1629350099&ga_sid=1629350099&ga_hid=2120784474&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C21066435%2C20211866%2C21065724%2C31062297&oid=3&pvsid=4019862396282742&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=153
Frame ID: F3BA9A152DDF9254CFC8419E7FB857F1
Requests: 1 HTTP requests in this frame

Frame: https://566f2125eaaa65a065d84d2a3258866b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F36CE9BA66FA0D891915E9CD39839B0F
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
Frame ID: 24D62814871830BEA30C5A414FD85C2F
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208745263388354&output=html&h=280&slotname=3926158833&adk=3670756789&adf=3251233310&pi=t.ma~as.3926158833&w=360&fwrn=4&fwrnh=100&lmt=1629350099&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.dominionpost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629350099454&bpp=4&bdt=1256&idt=4&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0ab401c3cad7c07f-22ba094badc90055%3AT%3D1629350098%3ART%3D1629350098%3AS%3DALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA&prev_fmts=0x0&nras=1&correlator=2272086393149&frm=20&pv=1&ga_vid=804797133.1629350099&ga_sid=1629350099&ga_hid=2120784474&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C21066435%2C20211866%2C21065724%2C31062297&oid=3&pvsid=4019862396282742&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=Im3Gpx7HG7&p=https%3A//www.dominionpost.com&dtd=12
Frame ID: 9C32F5C3BAD5C69FE1EA8582D1EBCBB1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
Frame ID: DE65BD0F3EE6A5928FCBF76C4C8ACF97
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHUsP8reo_-6rveXXFK5KgBYu-CuXUXm6To4AooYYCgxcxNssrObEU7-LtLEmkGetnv5ByqSwTjq4uX0e5Z1QEj0fco_k8_KWTU6fKKEGnwYHisdlYV_KVifX-y3gbl54ka019nYU9MkcydIZ0TGFdijjFILeF5j1wKeYKKTkUgMhUa9oA4HbfDR9omrbfKaKP-EvxbYemG6-3eWPBbX5oyb2bKozZZRmPmRq0mS1Pf64NKHGk4P5nIZYeQuo1YtSkIzDcOIkJP7zi3A4ryvFQVdrboLihR24cI8UsICsNFOf1BYWM_MAmoS5RRczW5CDUKYh2vQ&sai=AMfl-YTMq1m7FE6frnauXKOiY3-W_WVQOdcH2mcg2vNq-_ITRP0PriXvBmhGnkupAwn1pxq1xjWDU2tYxOVVpP_2TktCydIJkhxB6m_pFpRs5MSnTXZutYDcMQmSlQHXNIo&sig=Cg0ArKJSzDfHQBNA-EjEEAE&urlfix=1&adurl=
Frame ID: 44D05933CDA88FA7D252D3B41A3E316E
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssB_SxngBDpSbIn-jnYXaG5WECM_tsqd_NJoqtY1LwOvLaJiuXtZAiFSq-BzWz3n9ts8mM7XIjxsUQ7KPw3xe0K19mssjpRJymWQc0L1rvF2PdwromDdDBx805Az6eez3EH0jtw_hxs1tof6nwDptYhv9WUgPoZNEUkzJJBeZUbAABJZMAiyM_PHoQ4GWu_vfBWcntnLWuQMqNdy-fL9majTYtr5ldd5j4t23RzP3m8Z6z0WIT4LnVbZ3pZtg6Qj_WNpMjHuBWhc_n0PPEJs5_BhC8OxcmFHI7OADOSsj5o_L9rQGnJbBi_ws4lzoCOs3Q&sai=AMfl-YTIm-y6faISkHsqkT0HmeA8Qn4ZTMkYGw3UMPWii30tl7Yqr7HNOcyJTN11aNQjTr9Wnomo-2_nNBLZVFb5nGzwT-_07zxZhZL45pMncldg545WiTnKVt4KtaabHAo&sig=Cg0ArKJSzEGsjhNXqb9UEAE&adurl=
Frame ID: 9C449442CA7318AB1C01F1DBE8F881E6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1YNd4aNA3vca1Z7Y8xTk5IHqSvU5QVd9m8y5DeA8Uzh58rX1FGrXum2EGfpU3bAktDMKDRRggkNQ_jQbmcIERYaAXN8dMszbrBkCgyLLifaWO_nO9PhuEOGoa6XIXV9my3O-7QXCAmLDNn46sVM6Bz2nPIK434zI2kumOLrrP7RKItQcf4WAdc1FVsNzaQntSoAN8Ce5rg9OFDpAOLm7dDpSfb1Sl5VhQT0L5oOW7oz9Wv7tmVlC6DD-Rz16U0ZoTMBnGV4t8JfTWeTrD-M-qq5l_zoCgb34tGFHBY1NW4XmpbsOJ7ye8ONqC7S56G6M4_DOwsHUTMBTrmzQ&sai=AMfl-YRcUPDWw0D7QNnZXDUHJnN6BYRxRaLI9o2k5_oDQjVWgnz_c6f8v-nI_SdxwvyoTsbBbBsMSkEBy0etpN8UrtKgfxW9cYPOFSBkXFuNKe26-fYedgZsT6uDeUH9IAU&sig=Cg0ArKJSzA7PjeIyelagEAE&adurl=
Frame ID: FF52062AB922468687FBB424C79AC17B
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQbuBWpsTOB8wMy4d_QST_NCkgjeBOVIEcuqwweiWeGPuR2msllf8beBDHo_ALuhDZ5B7_UzQ8C42XVE35J3tZ4b6ZXKqwZLcDKA0q6id6RlzTZ5sH-_MyXKRzafDpkZeD3LKSU25P3FvZsyOiMPx-z-QaTmSc8SNIEl959YLl-8aSt5utcE7N6pyTWMC1grywQsOt8Azga53ftALudbTO8Rs0cAKnMdB-48yF_K6Gb-bN9gpuwQx8--OBum65UyEHVy09qDqf8zXM1xSITDTsgmt6W8TVHqBptmbRvjImvrhBa91xKlIrLPceYZsDU9QYBu3cZiigXw&sai=AMfl-YQ32ITJM86Y8uCB8bRW5K9nprTU4OVsSmGv9gHV7JKvKQP4g9_fUDCdRwgf4hedsegJ7JWCK9gf4P9qvwk7SzzmTvsZXnA8T3rV3anxmTfPkPd24_WgyOIYP0dIVDg&sig=Cg0ArKJSzBjYwd6c73jNEAE&adurl=
Frame ID: 41FC47E9B06E712032717C6804EF18BF
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: E70C6DEB6F8BB972132B30C9C14171DE
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: B6511E43B8D58EA17B987EF3781B1562
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: F2B3F81FD581601A8D7E70F01423523B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CZe460-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTSAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64Z69oaJ_d15bfPOGQWxmFqniMYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMyMDg3NDUyNjMzODgzNTQYAA&sigh=-kVtdZnLFZ0
Frame ID: 99158492F5E04C5CEEF1187CBAC242CB
Requests: 6 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1g74pp2wmstz56v12d4r8ssk4c5geqmtpepmv5r1y8etx28904qtkf9sajxkg0wc4dwh378sp94avamh6n3h17nfcfnztshezxz5h6vh0ce1w53jf03k7wg45h9z1a05m67sgnhpbb76qwkkya2satknwaspm7hwhje1wsbmw9y1f0xd4w0h55c6vb9vnkbgh7jxc00mkrykp92nfa8dghdd2v08ycb6yjqrzpkv2pjvkm1jvzr6n49a9y9a9wg3wneknk0tzv1a7gv732tv7x69cksq2b1hdn1rgtqnrjkxp8jpdecsrs53vs46td130xv4n79x433werz992jahyqbg4stnqm7rwzcjxfpjs2qa6ds6fx3shbsxvyb0e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%26client%3Dca-pub-3208745263388354%26adurl%3D
Frame ID: FF801BD4C8A202E02B14AB4028163B6B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B782FB5CFA0D3BEDBCAC7A66EDA31C5E
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: 891EF107886A50C97B657E856682BAA7
Requests: 4 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 6B64173E78C70FE705623168FAA0CC9C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Muli:400,700
Frame ID: 0D29CE77B852E089250E0689D72EC5D5
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C41C9C6128A0C0F910B2AF53B37A55AC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 376B4E4B94D2C1A07A60D4A3B879E4A6
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=sMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepx&g=95e810713a62af15cde1a7c0a2683caf%2F2999403134066262003&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629350100962&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23j2t0ftm9pjmdrrcg3hamsh1rxm97kr62vechtde21kwrxnc2q581tzamqyw04qq2ktpzw17har6d18rsq3cyq5rd95y5s44cry00may5n756h2f51aa72f0wgwp9q4n9fdhrqpv52387ch64rax5mx95faxfzzb9r7b3bcd9vh60yf5g8mqeax79cj3vtdgrxxkpyw83eq920kt4crqekhwccf1qy2056sc8ew9cy7sbq7k0qdhsqjf9135dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%2526client%253Dca-pub-3208745263388354%2526adurl%253D&y=1&z=0
Frame ID: 1C0DC55922D906BCCE8D149B02142BAB
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

220
Requests

100 %
HTTPS

62 %
IPv6

33
Domains

49
Subdomains

38
IPs

4
Countries

5430 kB
Transfer

11416 kB
Size

9
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://dominionpost.com/category/latest-news/
Title: News

Search URL Search Domain Scan URL

URL: http://dominionpost.com/
Title: The Dominion Post

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thedominionpostwv/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/DominionPostWV
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC8qodRyXsUA8UD0LD0AvwQg
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 154

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL_WXlrCash25EaeT4Ye_twtJz62RGTm2gejaWcGaKdlAzjHpY1QprwikJ6McTNMWv_CQEBLUwCQxZ57J6Wx8YMX9K6dE3m&google_gid=CAESEI-yETP7M9vuIS1MFdEpnfg&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNTR94gGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMX1dYbHJDYXNoMjVFYWVUNFllX3R3dEp6NjJSR1RtMmdlamFXY0dhS2RsQXpqSHBZMVFwcndpa0o2TWNUTk1Xdl9DUUVCTFV3Q1F4WjU3SjZXeDhZTVg5SzZkRTNt HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUmgzRzhVQVN3SVI0WjhvU0ZyZWw5TkhnX2NQUHBDanA0cXFsbkI1TUEzNA==&google_push

Request Chain 156

https://rtb.openx.net/sync/dds?google_gid=CAESEANHcKn3cg1_xNkCk4rlpD0&google_cver=1&google_push=AYg5qPKa9Z5xoPEnM8epQr4iDnvRYTMsYRpxp_tENNwe5ocaK_HWupgI60EK0IfRY-nVXIiNaq-qgtzuvP1Uh3z2ZA9K3IwQiHLG HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEANHcKn3cg1_xNkCk4rlpD0&google_cver=1&google_push=AYg5qPKa9Z5xoPEnM8epQr4iDnvRYTMsYRpxp_tENNwe5ocaK_HWupgI60EK0IfRY-nVXIiNaq-qgtzuvP1Uh3z2ZA9K3IwQiHLG&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKa9Z5xoPEnM8epQr4iDnvRYTMsYRpxp_tENNwe5ocaK_HWupgI60EK0IfRY-nVXIiNaq-qgtzuvP1Uh3z2ZA9K3IwQiHLG&google_hm=E4tk_Zq1xVgG0d7eh1Tdyw==

Request Chain 157

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPApg6ZiEEtjNgW2Y-LZS4U&google_cver=1&google_push=AYg5qPJ0LBizhyKT_n1ZDP05uFTUNC48meInz88Egr-sC4M-nENjBMDbau8ehx-1V3hoA_ClfdwwFlFt6ub6bUqgAnpomZpxxGDU HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPApg6ZiEEtjNgW2Y-LZS4U&google_cver=1&google_push=AYg5qPJ0LBizhyKT_n1ZDP05uFTUNC48meInz88Egr-sC4M-nENjBMDbau8ehx-1V3hoA_ClfdwwFlFt6ub6bUqgAnpomZpxxGDU&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FcxonFmnRGKCTcj74qCCyA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ0LBizhyKT_n1ZDP05uFTUNC48meInz88Egr-sC4M-nENjBMDbau8ehx-1V3hoA_ClfdwwFlFt6ub6bUqgAnpomZpxxGDU

Request Chain 158

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFkRfwY50aU216adrPhDSWY&google_cver=1&google_push=AYg5qPKLqDp5r2mfAe4WTWSyAiBZaYKhTUvXv2GGNu-Igj2EPpUp8i07_-_h2WkHMdz7JRXHD6yYUjBSyYZSchVSDztq-gpk_cXJ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NJR1pCSkMtUi1CUk9W&google_push=AYg5qPKLqDp5r2mfAe4WTWSyAiBZaYKhTUvXv2GGNu-Igj2EPpUp8i07_-_h2WkHMdz7JRXHD6yYUjBSyYZSchVSDztq-gpk_cXJ

Request Chain 159

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc&google_tc=

Request Chain 213

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidsMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepxasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKCs_Y-qvPICFcjvdwodtRICOg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidsMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepxasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidsMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepxasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629350101_6795d3d0-00ac-11ec-b149-692d057bce79

220 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.dominionpost.com/ 183 KB
22 KB 583ms
336ms Document
text/html 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 4b0e7aff2f0c0cb40d1b3a250fe2f5db8f6aa2a01d82136568078cdb0ce04a10

Request headers

:method: GET
:authority: www.dominionpost.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D; expires=Sat, 18-Sep-2021 05:14:58 GMT; Max-Age=2592000; path=/
link: <https://www.dominionpost.com/wp-json/>; rel="https://api.w.org/" <https://www.dominionpost.com/wp-json/wp/v2/pages/134929>; rel="alternate"; type="application/json" <https://www.dominionpost.com/>; rel=shortlink
server: nginx centminmod
x-powered-by: centminmod
content-encoding: br

GET
H2 200 style.min.css
www.dominionpost.com/wp-includes/css/dist/block-library/ 79 KB
10 KB 124ms
122ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Sat, 31 Jul 2021 03:02:55 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"6104bd5f-13abe"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 blocks.style.build.css
www.dominionpost.com/wp-content/plugins/block-gallery/dist/ 33 KB
4 KB 128ms
125ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/block-gallery/dist/blocks.style.build.css?ver=1.1.6
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: f8942e3f85a6bafd83a49f12ff4e0439cf72e226d33143e2db8afcf93e84174b

Request headers

:path: /wp-content/plugins/block-gallery/dist/blocks.style.build.css?ver=1.1.6
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Tue, 05 May 2020 18:16:50 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5eb1ad92-85cd"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 dashicons.min.css
www.dominionpost.com/wp-includes/css/ 58 KB
35 KB 130ms
127ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/css/dashicons.min.css?ver=5.8
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

:path: /wp-includes/css/dashicons.min.css?ver=5.8
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 17:12:20 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"6086f474-e688"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 style.css
www.dominionpost.com/wp-content/plugins/ee-simple-file-list-search/css/ 1 KB
681 B 233ms
230ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/ee-simple-file-list-search/css/style.css?ver=1.1.1
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: fa802dfcc807a2328b9535116820441a97af865e856c4ac22a9f1977d6fe1169

Request headers

:path: /wp-content/plugins/ee-simple-file-list-search/css/style.css?ver=1.1.1
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Fri, 17 Jan 2020 20:45:14 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5e221cda-5ff"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 jquery-ui.min.css
www.dominionpost.com/wp-content/plugins/ee-simple-file-list-search/datepicker/ 19 KB
4 KB 233ms
228ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/ee-simple-file-list-search/datepicker/jquery-ui.min.css?ver=1.1.1
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 6ede2c03c9cfd35d74a4465cfa48500fa0f08f7abba769b63ea3c723e030706b

Request headers

:path: /wp-content/plugins/ee-simple-file-list-search/datepicker/jquery-ui.min.css?ver=1.1.1
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Fri, 17 Jan 2020 20:45:14 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5e221cda-4a78"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 jquery-ui.theme.min.css
www.dominionpost.com/wp-content/plugins/ee-simple-file-list-search/datepicker/ 14 KB
2 KB 234ms
229ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/ee-simple-file-list-search/datepicker/jquery-ui.theme.min.css?ver=1.1.1
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: e37a48c7a46495908f18466988f8681e504acad46647a2116ebf4b514029c69d

Request headers

:path: /wp-content/plugins/ee-simple-file-list-search/datepicker/jquery-ui.theme.min.css?ver=1.1.1
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Fri, 17 Jan 2020 20:45:14 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5e221cda-3617"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 eeStyles.css
www.dominionpost.com/wp-content/plugins/simple-file-list/css/ 2 KB
1 KB 234ms
229ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/simple-file-list/css/eeStyles.css?ver=5.8
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 25c39225990bcadc17dc5724ec591bf56641bd59ead723361f7cc2ee579aaa24

Request headers

:path: /wp-content/plugins/simple-file-list/css/eeStyles.css?ver=5.8
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Fri, 17 Jan 2020 20:44:42 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5e221cba-94d"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 issuem-leaky-paywall.css
www.dominionpost.com/wp-content/plugins/leaky-paywall//css/ 8 KB
2 KB 235ms
230ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/leaky-paywall//css/issuem-leaky-paywall.css?ver=4.16.4
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 24d425393f58f5167d68f36736be1ae57f40c77771f5de106179e333b356baa4

Request headers

:path: /wp-content/plugins/leaky-paywall//css/issuem-leaky-paywall.css?ver=4.16.4
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Sat, 31 Jul 2021 02:49:26 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"6104ba36-20e8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 unipress.css
www.dominionpost.com/wp-content/plugins/unipress-api//css/ 367 B
632 B 235ms
230ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/unipress-api//css/unipress.css?ver=1.18.13
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 3c00b719d453f5357d67bd0131c02e387e229bc1fbda0e49588f04c9408f42c1

Request headers

:path: /wp-content/plugins/unipress-api//css/unipress.css?ver=1.18.13
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Thu, 15 Apr 2021 15:41:34 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "60785eae-16f"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 367

GET
H2 200 jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/ 34 KB
35 KB 29ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/themes/smoothness/jquery-ui.css?ver=5.8

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 18:09:44 GMT
x-content-type-options: nosniff
age: 126314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35212
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 18:09:44 GMT

GET
H2 200 lp-gift.css
www.dominionpost.com/wp-content/plugins/leaky-paywall-gift-subscriptions//css/ 321 B
586 B 235ms
230ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/leaky-paywall-gift-subscriptions//css/lp-gift.css?ver=2.9.9
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 13477a1af9cf16a992c9a8d1ea7ad871fa568b3bbdb9edb07edea3572c3804a5

Request headers

:path: /wp-content/plugins/leaky-paywall-gift-subscriptions//css/lp-gift.css?ver=2.9.9
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Thu, 17 Dec 2020 14:24:15 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5fdb6a0f-141"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 321

GET
H2 200 style.css
www.dominionpost.com/wp-content/plugins/leaky-paywall-trials//css/ 269 B
534 B 235ms
231ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/leaky-paywall-trials//css/style.css?ver=1.7.0
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 0c8c99dc7ef4a98825b029ff8a3e377e4b862647c1877794566923f64ae3fadc

Request headers

:path: /wp-content/plugins/leaky-paywall-trials//css/style.css?ver=1.7.0
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Sat, 10 Oct 2020 23:53:32 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5f82497c-10d"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 269

GET
H2 200 style.css
www.dominionpost.com/wp-content/plugins/leaky-paywall-invoices/includes/css/ 2 KB
751 B 235ms
231ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/leaky-paywall-invoices/includes/css/style.css?ver=5.8
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: d5ff1cbfad78adc9904202a46e81e6be43cbf87854233d56d5ddcde6f322f78d

Request headers

:path: /wp-content/plugins/leaky-paywall-invoices/includes/css/style.css?ver=5.8
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Thu, 18 Feb 2021 15:58:20 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"602e8e9c-741"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 leaky-paywall-coupons.css
www.dominionpost.com/wp-content/plugins/leaky-paywall-coupons//css/ 732 B
997 B 236ms
231ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/leaky-paywall-coupons//css/leaky-paywall-coupons.css?ver=1.9.4
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 3920943abe8f70b62b3bcb24c2bd488059143d0115adb0736415f787ec386ed0

Request headers

:path: /wp-content/plugins/leaky-paywall-coupons//css/leaky-paywall-coupons.css?ver=1.9.4
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Sat, 19 Jun 2021 00:39:24 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "60cd3cbc-2dc"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 732

GET
H2 200 js_composer.min.css
www.dominionpost.com/wp-content/plugins/js_composer/assets/css/ 474 KB
40 KB 236ms
232ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.2.0
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d

Request headers

:path: /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.2.0
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Wed, 26 Aug 2020 22:46:52 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5f46e65c-76828"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 css
fonts.googleapis.com/ 3 KB
719 B 19ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin%3Aregular%7CLora%3Areguler&display=swap&ver=1.2.4

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1dac2fbbfdf9a879919b69f21033a56d599d7f404776bb2815942c8a0384f817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 05:14:58 GMT
server: ESF
date: Thu, 19 Aug 2021 05:14:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 05:14:58 GMT

GET
H2 200 mediaelementplayer-legacy.min.css
www.dominionpost.com/wp-includes/js/mediaelement/ 11 KB
3 KB 302ms
298ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

:path: /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Thu, 10 Dec 2020 19:34:09 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5fd27831-2bf8"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 wp-mediaelement.min.css
www.dominionpost.com/wp-includes/js/mediaelement/ 4 KB
1 KB 303ms
298ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

:path: /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=5.8
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Tue, 11 Aug 2020 22:46:02 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5f331faa-105a"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 frontend.min.css
www.dominionpost.com/wp-content/themes/jnews/assets/dist/ 530 KB
79 KB 303ms
299ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 0a4d3e7c518e0771ed59584e8621048d529d18bac487045f0c4bbe8da1822bd2

Request headers

:path: /wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Wed, 26 Aug 2020 22:42:54 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5f46e56e-846d4"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 style.css
www.dominionpost.com/wp-content/themes/jnews/ 426 B
691 B 303ms
299ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/themes/jnews/style.css?ver=7.0.9
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 6a94dd7a301221c391c6319c63f7f47de0731a74d3b5a83f2630243d039d8d6a

Request headers

:path: /wp-content/themes/jnews/style.css?ver=7.0.9
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Wed, 26 Aug 2020 22:42:54 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5f46e56e-1aa"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 426

GET
H2 200 darkmode.css
www.dominionpost.com/wp-content/themes/jnews/assets/css/ 42 KB
6 KB 303ms
299ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/themes/jnews/assets/css/darkmode.css?ver=7.0.9
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 1351b8e0d48b23b501977d5e5f33985307bcb42234c1936477aac36486e8b461

Request headers

:path: /wp-content/themes/jnews/assets/css/darkmode.css?ver=7.0.9
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Wed, 26 Aug 2020 22:42:54 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5f46e56e-a8d9"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 plugin.css
www.dominionpost.com/wp-content/plugins/jnews-social-share/assets/css/ 1 KB
1 KB 303ms
299ms Stylesheet
text/css 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/jnews-social-share/assets/css/plugin.css
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 5847707988b0ee28c7b583abaabd6c203ad910326e5b9fe12149a0bc8ac43e5c

Request headers

:path: /wp-content/plugins/jnews-social-share/assets/css/plugin.css
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Wed, 26 Aug 2020 22:45:12 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5f46e5f8-472"
vary: Accept-Encoding
content-type: text/css
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 1138

GET
H2 200 jquery.min.js Show response
www.dominionpost.com/wp-includes/js/jquery/ 87 KB
30 KB 303ms
299ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Sat, 31 Jul 2021 03:02:55 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"6104bd5f-15db1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 jquery-migrate.min.js Show response
www.dominionpost.com/wp-includes/js/jquery/ 11 KB
4 KB 303ms
300ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Thu, 10 Dec 2020 19:34:09 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5fd27831-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 jquery-ui.min.js Show response
www.dominionpost.com/wp-content/plugins/ee-simple-file-list-search/datepicker/ 53 KB
16 KB 303ms
300ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/ee-simple-file-list-search/datepicker/jquery-ui.min.js?ver=1.1.1
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 842277eb9e48d9dbf421e122e6c6275b6172a6706dd20d1645ee05a0b79cb951

Request headers

:path: /wp-content/plugins/ee-simple-file-list-search/datepicker/jquery-ui.min.js?ver=1.1.1
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Fri, 17 Jan 2020 20:45:14 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5e221cda-d434"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 eeJavacripts-head.js Show response
www.dominionpost.com/wp-content/plugins/simple-file-list/js/ 646 B
931 B 303ms
300ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/simple-file-list/js/eeJavacripts-head.js?ver=30
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: a1ecdb9898066eca61fa947eeb0b44d834f9563bbcfba841f52436123d361a25

Request headers

:path: /wp-content/plugins/simple-file-list/js/eeJavacripts-head.js?ver=30
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Fri, 17 Jan 2020 20:44:42 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5e221cba-286"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 646

GET
H2 200 script.js Show response
www.dominionpost.com/wp-content/plugins/leaky-paywall/js/ 22 KB
4 KB 303ms
300ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/leaky-paywall/js/script.js?ver=4.16.4
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 8b93dbab1a30324007d2b07d1c0b28b284dbef8920e3890f4735ae4e0312c622

Request headers

:path: /wp-content/plugins/leaky-paywall/js/script.js?ver=4.16.4
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Sat, 31 Jul 2021 02:49:26 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"6104ba36-5865"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 unipress.js Show response
www.dominionpost.com/wp-content/plugins/unipress-api//js/ 987 B
1 KB 303ms
300ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/unipress-api//js/unipress.js?ver=1.18.13
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: a489894ec426c15436990b7fc7f0386265f4ba6a3079069efaad8fb5c092dbc0

Request headers

:path: /wp-content/plugins/unipress-api//js/unipress.js?ver=1.18.13
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Thu, 15 Apr 2021 15:41:34 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "60785eae-3db"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 987

GET
H2 200 lp-gift.js Show response
www.dominionpost.com/wp-content/plugins/leaky-paywall-gift-subscriptions//js/ 307 B
593 B 303ms
300ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/leaky-paywall-gift-subscriptions//js/lp-gift.js?ver=2.9.9
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 635c3ace113d7f1ef0ac34c2c70c93c61121a05f053a156e5b207ed5620b1c99

Request headers

:path: /wp-content/plugins/leaky-paywall-gift-subscriptions//js/lp-gift.js?ver=2.9.9
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Thu, 17 Dec 2020 14:24:15 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5fdb6a0f-133"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 307

GET
H2 200 bpopup.js Show response
www.dominionpost.com/wp-content/plugins/leaky-paywall-name-your-price/js/ 5 KB
2 KB 303ms
301ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/leaky-paywall-name-your-price/js/bpopup.js?ver=1.2.0
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 416172d847c270c8715b04a4bb67701aa918804ee71bd8f4ef188d8288658d39

Request headers

:path: /wp-content/plugins/leaky-paywall-name-your-price/js/bpopup.js?ver=1.2.0
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Thu, 29 Oct 2020 14:37:27 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5f9ad3a7-146c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 leaky-paywall-coupons.js Show response
www.dominionpost.com/wp-content/plugins/leaky-paywall-coupons/js/ 443 B
728 B 303ms
301ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/leaky-paywall-coupons/js/leaky-paywall-coupons.js?ver=1.9.4
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 9a1f268230c437623f0ee09b9113c689dd214757a33b1fe584e757e154a4c2ac

Request headers

:path: /wp-content/plugins/leaky-paywall-coupons/js/leaky-paywall-coupons.js?ver=1.9.4
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Sat, 19 Jun 2021 00:39:24 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "60cd3cbc-1bb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 443

GET
H2 200 / Show response
js.stripe.com/v3/ 235 KB
58 KB 146ms
28ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/?ver=5.8

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f312fce9edec54cb42bdb599f7327fb1df535d1f4e8e520587072e98bc8b549f

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
vary: Accept-Encoding
age: 204
via: 1.1 varnish
x-cache: HIT
content-length: 59195
x-amz-id-2: agUhDLtHPWbhngWCglgKRhD3i5EGQtuPxSP00JTMqlzAWDdjt3cMtTN/CHaioKRSHY1bhSBLsps=
x-served-by: cache-fra19163-FRA
timing-allow-origin: *
last-modified: Wed, 18 Aug 2021 19:58:05 GMT
server: AmazonS3
etag: "e0d0d819f3e1987a1cd619390a5ca1a4"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 57CKPJ41YV8CNAGF
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 46

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 32ms
29ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-116801467-1

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab5b86731fcd151800d2abfe97a8b303a6f7c24a47333dd3fc5e393dadb30495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41068
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Aug 2021 05:14:58 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 63ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

176b638c389c39c6a3eb3ad45cb22f33d0519aea04a25457e1cbf5fcabb76020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49828
x-xss-protection: 0
server: cafe
etag: 18431015219193138647
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 05:14:58 GMT

GET
H2 200 plausible.js Show response
plausible.io/js/ 1 KB
855 B 82ms
51ms Script
application/javascript 2a03:b0c0:3:d0::d23:4001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/js/plausible.js
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:b0c0:3:d0::d23:4001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Netlify /
Resource Hash: 47abcdf23981abd488a677c9467c3d78d51f2db0b6c8edc63d000a479652ef34

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id: 01FDEDAXS4VM64Q74BE8X46A1G
date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
server: Netlify
age: 0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 648

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 157ms
56ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

4028b12fd513a81a4e16d23e14c06ea331e813a63ea3a82025d6e01c68ab54fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "963 / 960 of 1000 / last-modified: 1629324705"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25197
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:14:58 GMT

GET
H2 200 7days-1.gif
www.dominionpost.com/wp-content/uploads/2021/05/ 54 KB
54 KB 178ms
175ms Image
image/gif 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dominionpost.com/wp-content/uploads/2021/05/7days-1.gif
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 4e3e99ae01189631482b1dc44744f37a5ebec156499c4f7221b9f96d566ea5fa

Request headers

:path: /wp-content/uploads/2021/05/7days-1.gif
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Thu, 27 May 2021 01:57:33 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "60aefc8d-d766"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 55142

GET
H2 200 logo-web.png
www.dominionpost.com/wp-content/uploads/2019/12/ 61 KB
62 KB 184ms
182ms Image
image/png 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dominionpost.com/wp-content/uploads/2019/12/logo-web.png
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 1caaede84b0f251f30c7217a0102496739ee3498a8277acf4f3fc1fc1ce8f171

Request headers

:path: /wp-content/uploads/2019/12/logo-web.png
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Wed, 01 Jan 2020 01:23:45 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5e0bf4a1-f5f6"
vary: Accept-Encoding
content-type: image/png
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 62966

GET
H2 200 wp-emoji-release.min.js Show response
www.dominionpost.com/wp-includes/js/ 18 KB
5 KB 186ms
184ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Sat, 31 Jul 2021 03:02:55 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"6104bd5f-4705"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H/1.1 200
OK optin.js Show response
embed.secondstreetapp.com/Scripts/dist/ 176 KB
51 KB 410ms
133ms Script
application/javascript 199.19.89.14
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.14 , United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-14.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: cae73e0c8c7491e006c9f617638a8d8162ec989bde4e84cdae82ed4cb2024484

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 05:14:58 GMT
Content-Encoding: gzip
ETag: "040bd19d193d71:0"
Last-Modified: Wed, 18 Aug 2021 01:33:52 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 113
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 52405

GET
H2 200 2022-Calendar-Promo-3x7-1.png
www.dominionpost.com/wp-content/uploads/2021/07/ 106 KB
106 KB 186ms
184ms Image
image/png 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dominionpost.com/wp-content/uploads/2021/07/2022-Calendar-Promo-3x7-1.png
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: eb511698fac49785aff45c9a70670fef41ad30d711bba53d514d90ab4ea740b7

Request headers

:path: /wp-content/uploads/2021/07/2022-Calendar-Promo-3x7-1.png
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Thu, 08 Jul 2021 15:49:20 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "60e71e80-1a620"
vary: Accept-Encoding
content-type: image/png
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 108064

GET
H2 200 embed.js Show response
widget.secure.ownlocal.com/ 6 KB
6 KB 261ms
150ms Script
application/javascript 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.secure.ownlocal.com/embed.js?uuid=78b842e6-0bd1-4154-ab05-d3dc82332d3c&?h=600&min_featured_level=0&category=all&subcategory=all&days_ago=30

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

232.77.96.34.bc.googleusercontent.com

Software

nginx/1.17.2 /

Resource Hash

43ee53d296fca70608f19eeda6e438cc099816e1c258e220a408ece7f67d7b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
via: 1.1 google
last-modified: Fri, 06 Aug 2021 14:24:55 GMT
server: nginx/1.17.2
vary: Origin
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 5742

GET
H2 200 scripts.js Show response
www.dominionpost.com/wp-content/plugins/ee-simple-file-list-search/js/ 2 KB
945 B 121ms
121ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/ee-simple-file-list-search/js/scripts.js?ver=30
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 1a3f90cf75bccc938a5f0ac1af695aa111f25a57e63dcf96c7cdc63e353a53ad

Request headers

:path: /wp-content/plugins/ee-simple-file-list-search/js/scripts.js?ver=30
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Fri, 17 Jan 2020 20:45:14 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5e221cda-80e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 eeJavacripts-footer.js Show response
www.dominionpost.com/wp-content/plugins/simple-file-list/js/ 1 KB
1 KB 125ms
120ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/simple-file-list/js/eeJavacripts-footer.js?ver=30
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: d71c463d434244263921181ad7a4b010b73da80365aa44910e500fbb89d94176

Request headers

:path: /wp-content/plugins/simple-file-list/js/eeJavacripts-footer.js?ver=30
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Fri, 17 Jan 2020 20:44:42 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5e221cba-4ae"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 1198

GET
H2 200 script.js Show response
www.dominionpost.com/wp-content/plugins/ad-dropper/js/ 322 B
607 B 125ms
121ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/ad-dropper/js/script.js?ver=1.8.0
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 051d1627bf4de5c0a0ab18cba5e980047bc3ab87d8afb5acd929b0894e93b6ff

Request headers

:path: /wp-content/plugins/ad-dropper/js/script.js?ver=1.8.0
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Fri, 12 Feb 2021 23:52:28 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "602714bc-142"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 322

GET
H2 200 script.js Show response
www.dominionpost.com/wp-content/plugins/leaky-paywall-basic-shipping/includes/js/ 3 KB
879 B 125ms
121ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/leaky-paywall-basic-shipping/includes/js/script.js?ver=1.7.0
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: c21b2c628b4ba6e6be8d7e3cdba3a862c9f947cd99b9d4062c0908ea112efd5a

Request headers

:path: /wp-content/plugins/leaky-paywall-basic-shipping/includes/js/script.js?ver=1.7.0
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Thu, 17 Dec 2020 14:24:14 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5fdb6a0e-b22"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 core.min.js Show response
www.dominionpost.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 127ms
123ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 17:12:20 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"6086f474-5133"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 datepicker.min.js Show response
www.dominionpost.com/wp-includes/js/jquery/ui/ 35 KB
10 KB 132ms
128ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c

Request headers

:path: /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.12.1
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Sat, 31 Jul 2021 03:02:55 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"6104bd5f-8d34"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 script.js Show response
www.dominionpost.com/wp-content/plugins/leaky-paywall-invoices/includes/js/ 641 B
926 B 133ms
129ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/leaky-paywall-invoices/includes/js/script.js?ver=5.8
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 284fb6cb9d91efd26afad6ef4ab6486cb1e0b0c4b1c6e8ab2b6f391a0f0669b6

Request headers

:path: /wp-content/plugins/leaky-paywall-invoices/includes/js/script.js?ver=5.8
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Thu, 18 Feb 2021 15:58:20 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "602e8e9c-281"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 641

GET
H2 200 mediaelement-and-player.min.js Show response
www.dominionpost.com/wp-includes/js/mediaelement/ 154 KB
35 KB 148ms
144ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008

Request headers

:path: /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.16
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Thu, 10 Dec 2020 19:34:09 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5fd27831-267aa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 mediaelement-migrate.min.js Show response
www.dominionpost.com/wp-includes/js/mediaelement/ 1 KB
1 KB 152ms
149ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee

Request headers

:path: /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=5.8
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Thu, 11 Feb 2021 20:59:59 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "60259acf-4a9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 1193

GET
H2 200 wp-mediaelement.min.js Show response
www.dominionpost.com/wp-includes/js/mediaelement/ 906 B
1 KB 153ms
149ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.8
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550

Request headers

:path: /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=5.8
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Thu, 11 Feb 2021 20:59:59 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "60259acf-38a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 906

GET
H2 200 hoverIntent.min.js Show response
www.dominionpost.com/wp-includes/js/ 1 KB
938 B 153ms
150ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/hoverIntent.min.js?ver=1.8.1
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8

Request headers

:path: /wp-includes/js/hoverIntent.min.js?ver=1.8.1
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Sat, 31 Jul 2021 03:02:55 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"6104bd5f-5c8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 imagesloaded.min.js Show response
www.dominionpost.com/wp-includes/js/ 5 KB
2 KB 153ms
150ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

:path: /wp-includes/js/imagesloaded.min.js?ver=4.1.4
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Wed, 26 Aug 2020 22:48:05 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5f46e6a5-15fd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 frontend.min.js Show response
www.dominionpost.com/wp-content/themes/jnews/assets/dist/ 275 KB
73 KB 168ms
165ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/frontend.min.js?ver=7.0.9
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 30a2d58e5bc99ec6b7e4922f95da03b885b1273f0fd9d5a4fd8dc747780bc83f

Request headers

:path: /wp-content/themes/jnews/assets/dist/frontend.min.js?ver=7.0.9
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Wed, 26 Aug 2020 22:42:54 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5f46e56e-44c13"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 plugin.js Show response
www.dominionpost.com/wp-content/plugins/jnews-social-share/assets/js/ 3 KB
1 KB 177ms
174ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/jnews-social-share/assets/js/plugin.js
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 5cb834c20a13b0051afad7ca7b33e5f1f48c0596431f5d31d47135659ee769d8

Request headers

:path: /wp-content/plugins/jnews-social-share/assets/js/plugin.js
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Wed, 26 Aug 2020 22:45:12 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5f46e5f8-d7d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 wp-embed.min.js Show response
www.dominionpost.com/wp-includes/js/ 1 KB
946 B 177ms
175ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Thu, 11 Feb 2021 20:59:59 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"60259acf-592"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 js_composer_front.min.js Show response
www.dominionpost.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 178ms
175ms Script
application/javascript 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.2.0
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 9be6923457d76debf4c512fac0a2173aaa94748868d26566515ce2a4156d083d

Request headers

:path: /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.2.0
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: br
last-modified: Wed, 26 Aug 2020 22:46:52 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: W/"5f46e65c-5075"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=2592000, stale-while-revalidate=86400, stale-if-error=604800

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 20ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25940
x-xss-protection: 0
pragma: public
x-fb-debug: jIsqAGr0hkz2lWfOe1/6m3ptp7vdwxCicy1h5AqRLhau7c3GWEPbbUb34piDYjuMdXayLMWq/7EuYAMfP3xNBQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Thu, 19 Aug 2021 05:14:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 preloader.gif
www.dominionpost.com/wp-content/themes/jnews/assets/dist/image/ 4 KB
5 KB 168ms
168ms Image
image/gif 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/image/preloader.gif
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4

Request headers

:path: /wp-content/themes/jnews/assets/dist/image/preloader.gif
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Wed, 26 Aug 2020 22:42:54 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5f46e56e-112f"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 4399

GET
H2 200 jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhLsWkANDJ.woff2
fonts.gstatic.com/s/librefranklin/v7/ 14 KB
14 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v7/jizOREVItHgc8qDIbSTKq4XkRg8T88bjFuXOnduhLsWkANDJ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3Aregular%7CLora%3Areguler&display=swap&ver=1.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e9ff60e99eb7a8a449158073b0cb20b5227d53cd609d1488375ce41aed57649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dominionpost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:30:57 GMT
x-content-type-options: nosniff
age: 200641
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14060
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:06:45 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:30:57 GMT

GET
H2 200 fontawesome-webfont.woff2
www.dominionpost.com/wp-content/themes/jnews/assets/dist/font/ 75 KB
76 KB 166ms
164ms Font
font/woff2 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode: cors
origin: https://www.dominionpost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
:path: /wp-content/themes/jnews/assets/dist/font/fontawesome-webfont.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.dominionpost.com
Referer: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Wed, 26 Aug 2020 22:42:54 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5f46e56e-12d68"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 77160

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.gstatic.com/s/lora/v17/ 19 KB
19 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v17/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin%3Aregular%7CLora%3Areguler&display=swap&ver=1.2.4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b874445c1c5f287cca4f88a9b939270676c7ad03c9c7209a33a5907ae731fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dominionpost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 15:34:34 GMT
x-content-type-options: nosniff
age: 135624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19144
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:52:45 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 15:34:34 GMT

GET
H2 200 jeg-empty.png
www.dominionpost.com/wp-content/themes/jnews/assets/img/ 70 B
336 B 188ms
188ms Image
image/png 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dominionpost.com/wp-content/themes/jnews/assets/img/jeg-empty.png
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429

Request headers

:path: /wp-content/themes/jnews/assets/img/jeg-empty.png
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Wed, 26 Aug 2020 22:42:54 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5f46e56e-46"
vary: Accept-Encoding
content-type: image/png
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 70

GET
H3-29 200 625574061531493 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 59ms
59ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/625574061531493?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f45ced68b64b2a424229326b191ac09af7263528cc874d47d226afb91cea5fc5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: lKNZkqp0vAZXYx+yQK1jtaHHucL+SlqmgWq3NgbiuNxc2DNkgxgFGII8nyqkWtLUOj3K7K7uvTZcVglrf+BWLw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 19 Aug 2021 05:14:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/ 252 KB
93 KB 46ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3208745263388354&plah=www.dominionpost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95569
x-xss-protection: 0
server: cafe
etag: 15041329415598805064
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 19 Aug 2021 05:14:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame A011 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210812/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dominionpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dominionpost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 18 Aug 2021 20:11:15 GMT
expires: Wed, 01 Sep 2021 20:11:15 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 32623
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-116801467-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 77
date: Thu, 19 Aug 2021 05:13:41 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Thu, 19 Aug 2021 07:13:41 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=2120784474&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dominionpost.com%2F&ul=en-us&de=UTF-8&dt=The%20Dominion%20Post%20-%20Morgantown%20Area%20News%2C%20WVU%20News%20%26%20WVU%20Sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1094787231&gjid=1926968987&cid=804797133.1629350099&tid=UA-116801467-1&_gid=2096142285.1629350099&_r=1&gtm=2ou8g0&z=1411085401

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:14:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dominionpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021081201.js Show response
securepubads.g.doubleclick.net/gpt/ 329 KB
115 KB 108ms
55ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

01e51940762b45561e5a0c1ea5e5ad122f4c732178d0cb428f8f4409030efb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 08:42:15 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117424
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:14:58 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 80 B
105 B 101ms
51ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.dominionpost.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

f7fb93be25baab4c2b51d58b3f09f34dc9ed85b00116204fb2725992fbdee0ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:14:58 GMT

GET
H3-29 200 3043952625639485 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 82ms
82ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3043952625639485?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d25ef41e4b383c4e66725c7cd79f869f243b7a9945f07cfdb44ef248f1853ac4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: sMEsX70/xsAl/p0ao7r05SLEXUAE12TwaQt6XTjOMVrFl0dmvvwIzAQhZh/hpDIaIO3Tjhatpdp4llX43CTv9w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 19 Aug 2021 05:14:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=625574061531493&ev=PageView&dl=https%3A%2F%2Fwww.dominionpost.com%2F&rl=&if=false&ts=1629350098948&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629350098947.1029447635&it=1629350098809&coo=false&rqm=GET

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 19 Aug 2021 05:14:58 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
441 B 69ms
67ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.dominionpost.com&callback=_gfp_s_&client=ca-pub-3208745263388354

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3208745263388354&plah=www.dominionpost.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4a03569565580188b97a7086752c5493f347afee678e51c5b42de3f1cb78dafc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 38ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.dominionpost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 38ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dominionpost.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F3BA 9 KB
4 KB 384ms
370ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208745263388354&output=html&adk=1812271804&adf=3025194257&lmt=1629350098&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.dominionpost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629350098826&bpp=4&bdt=628&idt=131&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2272086393149&frm=20&pv=2&ga_vid=804797133.1629350099&ga_sid=1629350099&ga_hid=2120784474&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C21066435%2C20211866%2C21065724%2C31062297&oid=3&pvsid=4019862396282742&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=153

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa955ece10584a09c010bb4a7cb730fb531ed95c4f883c7481cfc74514b8891f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3208745263388354&output=html&adk=1812271804&adf=3025194257&lmt=1629350098&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.dominionpost.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629350098826&bpp=4&bdt=628&idt=131&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2272086393149&frm=20&pv=2&ga_vid=804797133.1629350099&ga_sid=1629350099&ga_hid=2120784474&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C21066435%2C20211866%2C21065724%2C31062297&oid=3&pvsid=4019862396282742&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=153
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dominionpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dominionpost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Aug 2021 05:14:59 GMT
server: cafe
content-length: 4016
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Aug-2021 05:29:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Aug 2021 05:14:59 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286089745720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27752
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:14:59 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 40ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-116801467-1&cid=804797133.1629350099&jid=1094787231&gjid=1926968987&_gid=2096142285.1629350099&_u=YEBAAUAAAAAAAC~&z=1526167250

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 19 Aug 2021 05:14:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.dominionpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
91 B 14ms
13ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3043952625639485&ev=PageView&dl=https%3A%2F%2Fwww.dominionpost.com%2F&rl=&if=false&ts=1629350099060&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629350098947.1029447635&it=1629350098809&coo=false&rqm=GET

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 05:14:59 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 14ms
14ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=625574061531493&ev=Subscribe&dl=https%3A%2F%2Fwww.dominionpost.com%2F&rl=&if=false&ts=1629350099061&cd[value]=0.00&cd[currency]=USD&cd[predicted_ltv]=0.00&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629350098947.1029447635&it=1629350098809&coo=false&rqm=GET

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 05:14:59 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 14ms
14ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3043952625639485&ev=Subscribe&dl=https%3A%2F%2Fwww.dominionpost.com%2F&rl=&if=false&ts=1629350099061&cd[value]=0.00&cd[currency]=USD&cd[predicted_ltv]=0.00&sw=1600&sh=1200&v=2.9.44&r=stable&ec=1&o=30&fbp=fb.1.1629350098947.1029447635&it=1629350098809&coo=false&rqm=GET

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 19 Aug 2021 05:14:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.dk/adsid/ 107 B
853 B 35ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.dk/adsid/integrator.js?domain=www.dominionpost.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dominionpost.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 185 KB
24 KB 572ms
572ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4019862396282742&correlator=3753031955918601&output=ldjh&impl=fifs&eid=20211866%2C21065724%2C31062297&vrg=2021081201&ptt=17&sc=1&sfv=1-0-38&ecs=20210819&iu_parts=22071097506%2Carticlebox%2CButtons%2CLeaderBoard%2Cmobileleaderboard%2Carticle-box-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x250%2C300x250%2C300x90%2C728x90%2C320x50%2C300x250&cookie=ID%3D0ab401c3cad7c07f-22ba094badc90055%3AT%3D1629350098%3ART%3D1629350098%3AS%3DALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA&bc=31&abxe=1&lmt=1629350099&dt=1629350099159&dlt=1629350098198&idt=932&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C-9%2C-9%2C436%2C-12245933%2C-9&adys=-9%2C-9%2C-9%2C0%2C-12245933%2C-9&adks=2674842463%2C1045680109%2C178645971%2C746932374%2C2264565800%2C4106093185&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.dominionpost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C1600x90%7C1600x90%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C728x-1%7C0x-1%7C0x-1&ga_vid=804797133.1629350099&ga_sid=1629350099&ga_hid=2120784474&ga_fc=false&fws=2%2C2%2C2%2C0%2C128%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C-1%7C-1%7C0%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

5ebb76c89c712be76bf7c476f4668ee670695d9add91560afc5af3b4b7ea9bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24813
x-xss-protection: 0
google-lineitem-id: 5748103413,5759873679,-2,5595413662,5754762369,5756540144
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138358038031,138359606794,-2,138337931314,138358618694,138358610318
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dominionpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
566f2125eaaa65a065d84d2a3258866b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F36C 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://566f2125eaaa65a065d84d2a3258866b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 566f2125eaaa65a065d84d2a3258866b.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dominionpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dominionpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Thu, 19 Aug 2021 05:14:59 GMT
expires: Fri, 19 Aug 2022 05:14:59 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 1990386 Show response
api.secondstreetapp.com/audience_signup_widgets/ 3 KB
1 KB 425ms
142ms Script
text/javascript 199.19.89.19
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.secondstreetapp.com/audience_signup_widgets/1990386?callback=secondStreetOptinWidget_1990386
Requested by: Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.19 , United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-19.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3b0ccbab7e407a286a142ec905f99a84bf089773406254f35b54558e0ef7eead

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 05:14:59 GMT
Content-Encoding: br
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 81
Content-Type: text/javascript; charset=utf-8
X-StackifyID: V2|871498ff-cb66-40a3-8a6b-15926b9ff713|C69601|CD14
Cache-Control: private
Expires: Thu, 19 Aug 2021 05:24:59 GMT

GET
H/1.1 200
OK 2077945 Show response
api.secondstreetapp.com/audience_signup_widgets/ 3 KB
1 KB 522ms
138ms Script
text/javascript 199.19.89.19
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.secondstreetapp.com/audience_signup_widgets/2077945?callback=secondStreetOptinWidget_2077945
Requested by: Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.19 , United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-19.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5d3bee2997787fe4e8cf9f818ad2770b23a9023cda01c3516f6afde3475eac3c

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 05:14:59 GMT
Content-Encoding: br
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 81
Content-Type: text/javascript; charset=utf-8
X-StackifyID: V2|ee1e7d5f-ae95-4f10-9a85-11af8585ca53|C69601|CD14
Cache-Control: private
Expires: Thu, 19 Aug 2021 05:24:59 GMT

GET
H2 200 7days-larger.gif
www.dominionpost.com/wp-content/uploads/2021/05/ 74 KB
74 KB 121ms
121ms Image
image/gif 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dominionpost.com/wp-content/uploads/2021/05/7days-larger.gif
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: e9c2854df4ed9f524becfad54e6195b5eda16c191275759d19186232bc624d75

Request headers

:path: /wp-content/uploads/2021/05/7days-larger.gif
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D; _ga=GA1.2.804797133.1629350099; _gid=GA1.2.2096142285.1629350099; _gat_gtag_UA_116801467_1=1; _fbp=fb.1.1629350098947.1029447635; __gads=ID=0ab401c3cad7c07f-22ba094badc90055:T=1629350098:RT=1629350098:S=ALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
last-modified: Thu, 27 May 2021 01:59:13 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "60aefcf1-12610"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 75280

GET
H/1.1 200
OK 1886128 Show response
api.secondstreetapp.com/audience_signup_widgets/ 4 KB
1 KB 1038ms
274ms Script
text/javascript 199.19.89.19
SSM-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.secondstreetapp.com/audience_signup_widgets/1886128?callback=secondStreetOptinWidget_1886128
Requested by: Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.19 , United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-19.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0144b081ca4b84f599c4d124a493835c3bcdb7cb21d813db67364eda9040d2ff

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 05:14:59 GMT
Content-Encoding: br
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-SS: 81
Content-Type: text/javascript; charset=utf-8
X-StackifyID: V2|e184641b-8664-42bc-bab3-f606b1001780|C69601|CD14
Cache-Control: private
Expires: Thu, 19 Aug 2021 05:25:00 GMT

GET
H2 200 BGXl9YxBUWo Show response
www.youtube.com/embed/ Frame 24D6 55 KB
24 KB 75ms
54ms Document
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f75ab8269e318de8cab63831d09f1364e13dddb927ff5ac183640c8d627bbc62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dominionpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dominionpost.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 19 Aug 2021 05:14:59 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, DPR
accept-ch-lifetime: 2592000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=vmk8LVwQ6_A; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=rd93-wD0c-o; Domain=.youtube.com; Expires=Tue, 15-Feb-2022 05:14:59 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+005; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.dominionpost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dominionpost.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9C32 26 KB
11 KB 439ms
439ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208745263388354&output=html&h=280&slotname=3926158833&adk=3670756789&adf=3251233310&pi=t.ma~as.3926158833&w=360&fwrn=4&fwrnh=100&lmt=1629350099&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.dominionpost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629350099454&bpp=4&bdt=1256&idt=4&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0ab401c3cad7c07f-22ba094badc90055%3AT%3D1629350098%3ART%3D1629350098%3AS%3DALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA&prev_fmts=0x0&nras=1&correlator=2272086393149&frm=20&pv=1&ga_vid=804797133.1629350099&ga_sid=1629350099&ga_hid=2120784474&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C21066435%2C20211866%2C21065724%2C31062297&oid=3&pvsid=4019862396282742&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=Im3Gpx7HG7&p=https%3A//www.dominionpost.com&dtd=12

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e3679bcb50fa3c8a2742fdf4b2aa7cbdff9ab13facb4486c3cf73035c33fa93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3208745263388354&output=html&h=280&slotname=3926158833&adk=3670756789&adf=3251233310&pi=t.ma~as.3926158833&w=360&fwrn=4&fwrnh=100&lmt=1629350099&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.dominionpost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629350099454&bpp=4&bdt=1256&idt=4&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0ab401c3cad7c07f-22ba094badc90055%3AT%3D1629350098%3ART%3D1629350098%3AS%3DALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA&prev_fmts=0x0&nras=1&correlator=2272086393149&frm=20&pv=1&ga_vid=804797133.1629350099&ga_sid=1629350099&ga_hid=2120784474&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C21066435%2C20211866%2C21065724%2C31062297&oid=3&pvsid=4019862396282742&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=Im3Gpx7HG7&p=https%3A//www.dominionpost.com&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dominionpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dominionpost.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 19 Aug 2021 05:14:59 GMT
server: cafe
content-length: 10829
x-xss-protection: 0
set-cookie: IDE=AHWqTUn8h_7iNtVu_en5bc0k5ew7Fe8sZqTiui0oozaKvoLkbMODd0rau2Y1Gjur7Tg; expires=Tue, 13-Sep-2022 05:14:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Aug 2021 05:14:59 GMT
cache-control: private

GET
H2 200 jegicon.woff
www.dominionpost.com/wp-content/themes/jnews/assets/dist/font/ 7 KB
7 KB 121ms
121ms Font
font/woff 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/font/jegicon.woff
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede

Request headers

sec-fetch-mode: cors
origin: https://www.dominionpost.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D; _ga=GA1.2.804797133.1629350099; _gid=GA1.2.2096142285.1629350099; _gat_gtag_UA_116801467_1=1; _fbp=fb.1.1629350098947.1029447635; __gads=ID=0ab401c3cad7c07f-22ba094badc90055:T=1629350098:RT=1629350098:S=ALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA
:path: /wp-content/themes/jnews/assets/dist/font/jegicon.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.dominionpost.com
Referer: https://www.dominionpost.com/wp-content/themes/jnews/assets/dist/frontend.min.css?ver=7.0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
last-modified: Wed, 26 Aug 2020 22:42:54 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5f46e56e-1be8"
vary: Accept-Encoding
content-type: font/woff
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 7144

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarymBFOxj5ReFZUkPhY

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 19 Aug 2021 05:14:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.dominionpost.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 78b842e6-0bd1-4154-ab05-d3dc82332d3c Show response
widget.secure.ownlocal.com/embed/ 19 KB
20 KB 239ms
187ms XHR
text/html 34.96.77.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.secure.ownlocal.com/embed/78b842e6-0bd1-4154-ab05-d3dc82332d3c?&min_featured_level=0&category=all&subcategory=all&business_centric=true&days_ago=30

Requested by

Host: widget.secure.ownlocal.com
URL: https://widget.secure.ownlocal.com/embed.js?uuid=78b842e6-0bd1-4154-ab05-d3dc82332d3c&?h=600&min_featured_level=0&category=all&subcategory=all&days_ago=30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.77.232 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

232.77.96.34.bc.googleusercontent.com

Software

nginx/1.17.2 /

Resource Hash

df067a8cca1dd4749bf66294fc7b4743ace97b6de46b324c4edda60a283935dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
via: 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
x-xss-protection: 1; mode=block
x-request-id: bd7707db-36a8-4569-83be-29ddf6215283
x-runtime: 0.032423
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.17.2
x-frame-options: ALLOWALL
etag: W/"df067a8cca1dd4749bf66294fc7b4743"
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: *
vary: Origin
cache-control: public, s-maxage=14400
access-control-expose-headers

GET
H2 200 Stats-Graphic-July2021-RGB-1015x1024.jpg
www.dominionpost.com/wp-content/uploads/2021/08/ 143 KB
143 KB 123ms
121ms Image
image/jpeg 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dominionpost.com/wp-content/uploads/2021/08/Stats-Graphic-July2021-RGB-1015x1024.jpg
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: ffb515a2fc50a3d371a95d30756783af50c5fa34b5488a422ade9e7ca0a21529

Request headers

:path: /wp-content/uploads/2021/08/Stats-Graphic-July2021-RGB-1015x1024.jpg
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D; _ga=GA1.2.804797133.1629350099; _gid=GA1.2.2096142285.1629350099; _gat_gtag_UA_116801467_1=1; _fbp=fb.1.1629350098947.1029447635; __gads=ID=0ab401c3cad7c07f-22ba094badc90055:T=1629350098:RT=1629350098:S=ALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
last-modified: Tue, 17 Aug 2021 15:54:36 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "611bdbbc-23b27"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 146215

GET
H2 200 m-outer-5564a2ae650989ada0dc7f7250ae34e9.html Show response
js.stripe.com/v3/ Frame DE65 215 B
533 B 28ms
28ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/?ver=5.8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dominionpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dominionpost.com/

Response headers

x-amz-id-2: T2QP8rZ9mpqAUTC5X48MJKtIxuemFj3wVxS0/xRlrVUwx2b0c7tuavEN+CtyCov3uz+mko/5Tm4=
x-amz-request-id: AEZH935P9AXMM919
last-modified: Tue, 29 Jun 2021 17:25:38 GMT
etag: "5564a2ae650989ada0dc7f7250ae34e9"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Thu, 19 Aug 2021 05:14:59 GMT
via: 1.1 varnish
age: 155
x-served-by: cache-fra19163-FRA
x-cache: HIT
x-cache-hits: 72
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 130

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarycMRDFq8qgB3ua99E

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Thu, 19 Aug 2021 05:14:59 GMT
content-type: text/plain
access-control-allow-origin: https://www.dominionpost.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 WVU_mask_study_2816247-750x375.jpg
www.dominionpost.com/wp-content/uploads/2020/12/ 67 KB
67 KB 122ms
121ms Image
image/jpeg 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dominionpost.com/wp-content/uploads/2020/12/WVU_mask_study_2816247-750x375.jpg
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: e655e07f82307e1c40cd3c9524d62cfaa59f9471920ed19665bdc1efd148b660

Request headers

:path: /wp-content/uploads/2020/12/WVU_mask_study_2816247-750x375.jpg
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D; _ga=GA1.2.804797133.1629350099; _gid=GA1.2.2096142285.1629350099; _gat_gtag_UA_116801467_1=1; _fbp=fb.1.1629350098947.1029447635; __gads=ID=0ab401c3cad7c07f-22ba094badc90055:T=1629350098:RT=1629350098:S=ALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
last-modified: Mon, 14 Dec 2020 00:26:57 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5fd6b151-10ae5"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 68325

GET
H2 200 SCHOOL-BUS-ROADEO-SEVEN-62118-RR-300x240.jpg
www.dominionpost.com/wp-content/uploads/2018/06/ 20 KB
20 KB 126ms
125ms Image
image/jpeg 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dominionpost.com/wp-content/uploads/2018/06/SCHOOL-BUS-ROADEO-SEVEN-62118-RR-300x240.jpg
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: ef70ecb4970df741ee9f2e9263c29566ec3c958852d64c71aa4fd7948261fd89

Request headers

:path: /wp-content/uploads/2018/06/SCHOOL-BUS-ROADEO-SEVEN-62118-RR-300x240.jpg
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D; _ga=GA1.2.804797133.1629350099; _gid=GA1.2.2096142285.1629350099; _gat_gtag_UA_116801467_1=1; _fbp=fb.1.1629350098947.1029447635; __gads=ID=0ab401c3cad7c07f-22ba094badc90055:T=1629350098:RT=1629350098:S=ALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
last-modified: Wed, 16 Oct 2019 22:44:43 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5da79d5b-4ed7"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 20183

GET
H2 200 Police-Lights-300x185.jpg
www.dominionpost.com/wp-content/uploads/2018/06/ 11 KB
11 KB 126ms
125ms Image
image/jpeg 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dominionpost.com/wp-content/uploads/2018/06/Police-Lights-300x185.jpg
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 1b968cde38087ecb1c5ece37ceed696941c3ec354aa42d20ce475012e9403798

Request headers

:path: /wp-content/uploads/2018/06/Police-Lights-300x185.jpg
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D; _ga=GA1.2.804797133.1629350099; _gid=GA1.2.2096142285.1629350099; _gat_gtag_UA_116801467_1=1; _fbp=fb.1.1629350098947.1029447635; __gads=ID=0ab401c3cad7c07f-22ba094badc90055:T=1629350098:RT=1629350098:S=ALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
last-modified: Wed, 16 Oct 2019 22:45:08 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5da79d74-2c92"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 11410

GET
H2 200 wvu-spring-practice-13281_scottie-young_27MAR21-ww-750x536.jpg
www.dominionpost.com/wp-content/uploads/2021/03/ 108 KB
108 KB 127ms
126ms Image
image/jpeg 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dominionpost.com/wp-content/uploads/2021/03/wvu-spring-practice-13281_scottie-young_27MAR21-ww-750x536.jpg
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: cd514e7bd8275d652f8a7d82f9f0ec20187bd78d3fef115b0804967b30ab4ba4

Request headers

:path: /wp-content/uploads/2021/03/wvu-spring-practice-13281_scottie-young_27MAR21-ww-750x536.jpg
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D; _ga=GA1.2.804797133.1629350099; _gid=GA1.2.2096142285.1629350099; _gat_gtag_UA_116801467_1=1; _fbp=fb.1.1629350098947.1029447635; __gads=ID=0ab401c3cad7c07f-22ba094badc90055:T=1629350098:RT=1629350098:S=ALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
last-modified: Sat, 27 Mar 2021 18:25:37 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "605f78a1-1af79"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 110457

GET
H2 200 4-16-17WVUFOOTBALLGENERIC2-600x400.jpg
www.dominionpost.com/wp-content/uploads/2018/07/ 48 KB
48 KB 130ms
129ms Image
image/jpeg 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dominionpost.com/wp-content/uploads/2018/07/4-16-17WVUFOOTBALLGENERIC2-600x400.jpg
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),
Reverse DNS: ip-40.132-29-23.securedserverspace.com
Software: nginx centminmod / centminmod
Resource Hash: 0a3b60432bf4b89573819a3aeec59cc40710dd9b19526325f619d83ffb4d571c

Request headers

:path: /wp-content/uploads/2018/07/4-16-17WVUFOOTBALLGENERIC2-600x400.jpg
pragma: no-cache
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D; _ga=GA1.2.804797133.1629350099; _gid=GA1.2.2096142285.1629350099; _gat_gtag_UA_116801467_1=1; _fbp=fb.1.1629350098947.1029447635; __gads=ID=0ab401c3cad7c07f-22ba094badc90055:T=1629350098:RT=1629350098:S=ALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
last-modified: Wed, 16 Oct 2019 22:55:40 GMT
server: nginx centminmod
x-powered-by: centminmod
etag: "5da79fec-bf5b"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, must-revalidate, proxy-revalidate, immutable, max-age=31536000, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 48987

GET
H2 200 admin-ajax.php Show response
www.dominionpost.com/wp-admin/ 25 KB
11 KB 215ms
215ms XHR
application/json 23.29.132.40
BIGSCOOTS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dominionpost.com/wp-admin/admin-ajax.php?action=get_basic_shipping_states

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.29.132.40 , United States, ASN394303 (BIGSCOOTS, US),

Reverse DNS

ip-40.132-29-23.securedserverspace.com

Software

nginx centminmod / centminmod

Resource Hash

a8c753c1cbe45800869cacead22b7abcb6971d9451a8173fec43c2a6946e12a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: lp_us_his=%5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D; _ga=GA1.2.804797133.1629350099; _gid=GA1.2.2096142285.1629350099; _gat_gtag_UA_116801467_1=1; _fbp=fb.1.1629350098947.1029447635; __gads=ID=0ab401c3cad7c07f-22ba094badc90055:T=1629350098:RT=1629350098:S=ALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA
:path: /wp-admin/admin-ajax.php?action=get_basic_shipping_states
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.dominionpost.com
referer: https://www.dominionpost.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://www.dominionpost.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
server: nginx centminmod
x-powered-by: centminmod
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
vary: Accept-Encoding
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/a00ed734/ Frame 24D6 328 KB
45 KB 22ms
7ms Stylesheet
text/css 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a00ed734/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

548f36a597b57180bc3864f066f7a67a4a12043d37ce9c7c7f20b3a790b4c8c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 16:32:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 18:31:22 GMT
server: sffe
age: 132151
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46139
x-xss-protection: 0
expires: Wed, 17 Aug 2022 16:32:28 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/a00ed734/www-embed-player.vflset/ Frame 24D6 193 KB
64 KB 31ms
15ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a00ed734/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30978fc0f98645c7f94fd30ab469ebd6587cd984a3f0810b884763376ff11e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 16:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 18:31:22 GMT
server: sffe
age: 132154
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65247
x-xss-protection: 0
expires: Wed, 17 Aug 2022 16:32:25 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/ Frame 24D6 2 MB
495 KB 449ms
435ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d9f2e6525695d9445cac8e8a41c888fbe641add11a37ca1f06ad67c4aa921bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 16:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 18:31:22 GMT
server: sffe
age: 132108
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 506922
x-xss-protection: 0
expires: Wed, 17 Aug 2022 16:33:12 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/a00ed734/fetch-polyfill.vflset/ Frame 24D6 8 KB
3 KB 30ms
15ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a00ed734/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 16:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 18:31:22 GMT
server: sffe
age: 132154
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Wed, 17 Aug 2022 16:32:25 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 24D6 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 21:27:21 GMT
x-content-type-options: nosniff
age: 200858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 21:27:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44D0 0
0 71ms
69ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHUsP8reo_-6rveXXFK5KgBYu-CuXUXm6To4AooYYCgxcxNssrObEU7-LtLEmkGetnv5ByqSwTjq4uX0e5Z1QEj0fco_k8_KWTU6fKKEGnwYHisdlYV_KVifX-y3gbl54ka019nYU9MkcydIZ0TGFdijjFILeF5j1wKeYKKTkUgMhUa9oA4HbfDR9omrbfKaKP-EvxbYemG6-3eWPBbX5oyb2bKozZZRmPmRq0mS1Pf64NKHGk4P5nIZYeQuo1YtSkIzDcOIkJP7zi3A4ryvFQVdrboLihR24cI8UsICsNFOf1BYWM_MAmoS5RRczW5CDUKYh2vQ&sai=AMfl-YTMq1m7FE6frnauXKOiY3-W_WVQOdcH2mcg2vNq-_ITRP0PriXvBmhGnkupAwn1pxq1xjWDU2tYxOVVpP_2TktCydIJkhxB6m_pFpRs5MSnTXZutYDcMQmSlQHXNIo&sig=Cg0ArKJSzDfHQBNA-EjEEAE&urlfix=1&adurl=

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:14:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 Aug 2021 05:14:59 GMT

GET
H2 200 ser.php Show response
ads.paywallproject.com/ Frame 44D0 1 KB
1 KB 354ms
309ms Script
text/javascript 2606:4700:3033::6815:3922
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.paywallproject.com/ser.php?t=AADIV41&f=41&psc=
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd89167bc390e6f556ca57b025be6e4bda27b1102ef1ae3fd4dcdd4eb6777f3a

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpQTPgmDNGs83Z7C1642xdg%2Fh4Rxsg4RX9sLXGN6RitvdhUDCDmwOwOxuC4mj419nDjlIVlJzk3PKjJ1Fy4UhRBSGbphDHaxxZQRFyQv81G5KmgLbuWVFYKRM7tUlNydKyMSXSIVVSBcNet0pUFrKBvtK%2BuM"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cf-ray: 6810e6cbec0e1f3d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44D0 124 KB
37 KB 125ms
111ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:14:59 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9C44 0
0 68ms
68ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssB_SxngBDpSbIn-jnYXaG5WECM_tsqd_NJoqtY1LwOvLaJiuXtZAiFSq-BzWz3n9ts8mM7XIjxsUQ7KPw3xe0K19mssjpRJymWQc0L1rvF2PdwromDdDBx805Az6eez3EH0jtw_hxs1tof6nwDptYhv9WUgPoZNEUkzJJBeZUbAABJZMAiyM_PHoQ4GWu_vfBWcntnLWuQMqNdy-fL9majTYtr5ldd5j4t23RzP3m8Z6z0WIT4LnVbZ3pZtg6Qj_WNpMjHuBWhc_n0PPEJs5_BhC8OxcmFHI7OADOSsj5o_L9rQGnJbBi_ws4lzoCOs3Q&sai=AMfl-YTIm-y6faISkHsqkT0HmeA8Qn4ZTMkYGw3UMPWii30tl7Yqr7HNOcyJTN11aNQjTr9Wnomo-2_nNBLZVFb5nGzwT-_07zxZhZL45pMncldg545WiTnKVt4KtaabHAo&sig=Cg0ArKJSzEGsjhNXqb9UEAE&adurl=

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:14:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 Aug 2021 05:14:59 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 9C44 18 KB
8 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 05:11:41 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 9C44 2 KB
1 KB 33ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 04:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 04:17:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C44 124 KB
37 KB 111ms
110ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:14:59 GMT

GET
H2 200 15729717846034969808
tpc.googlesyndication.com/simgad/ Frame 9C44 33 KB
33 KB 66ms
45ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15729717846034969808

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

307ebc1fc886fcfdf6f0d222db84172baaaab4b0d9a7d79b5c1d5fd1236081c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 May 2021 16:15:15 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33727
x-xss-protection: 0
expires: Fri, 19 Aug 2022 05:14:59 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF52 0
0 68ms
68ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1YNd4aNA3vca1Z7Y8xTk5IHqSvU5QVd9m8y5DeA8Uzh58rX1FGrXum2EGfpU3bAktDMKDRRggkNQ_jQbmcIERYaAXN8dMszbrBkCgyLLifaWO_nO9PhuEOGoa6XIXV9my3O-7QXCAmLDNn46sVM6Bz2nPIK434zI2kumOLrrP7RKItQcf4WAdc1FVsNzaQntSoAN8Ce5rg9OFDpAOLm7dDpSfb1Sl5VhQT0L5oOW7oz9Wv7tmVlC6DD-Rz16U0ZoTMBnGV4t8JfTWeTrD-M-qq5l_zoCgb34tGFHBY1NW4XmpbsOJ7ye8ONqC7S56G6M4_DOwsHUTMBTrmzQ&sai=AMfl-YRcUPDWw0D7QNnZXDUHJnN6BYRxRaLI9o2k5_oDQjVWgnz_c6f8v-nI_SdxwvyoTsbBbBsMSkEBy0etpN8UrtKgfxW9cYPOFSBkXFuNKe26-fYedgZsT6uDeUH9IAU&sig=Cg0ArKJSzA7PjeIyelagEAE&adurl=

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:14:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 Aug 2021 05:14:59 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame FF52 18 KB
8 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 05:11:41 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame FF52 2 KB
1 KB 26ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 04:17:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3476
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 04:17:03 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF52 124 KB
37 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:14:59 GMT

GET
H2 200 3557579551255545007
tpc.googlesyndication.com/simgad/ Frame FF52 11 KB
11 KB 32ms
17ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3557579551255545007

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ca57730b6dc80be86964ff6d9e3ab48874b328d6e7f0fdd31a5758bf52756f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 15 Aug 2021 20:07:28 GMT
x-content-type-options: nosniff
age: 292051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11198
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 20:45:54 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 Aug 2022 20:07:28 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 41FC 0
0 68ms
68ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQbuBWpsTOB8wMy4d_QST_NCkgjeBOVIEcuqwweiWeGPuR2msllf8beBDHo_ALuhDZ5B7_UzQ8C42XVE35J3tZ4b6ZXKqwZLcDKA0q6id6RlzTZ5sH-_MyXKRzafDpkZeD3LKSU25P3FvZsyOiMPx-z-QaTmSc8SNIEl959YLl-8aSt5utcE7N6pyTWMC1grywQsOt8Azga53ftALudbTO8Rs0cAKnMdB-48yF_K6Gb-bN9gpuwQx8--OBum65UyEHVy09qDqf8zXM1xSITDTsgmt6W8TVHqBptmbRvjImvrhBa91xKlIrLPceYZsDU9QYBu3cZiigXw&sai=AMfl-YQ32ITJM86Y8uCB8bRW5K9nprTU4OVsSmGv9gHV7JKvKQP4g9_fUDCdRwgf4hedsegJ7JWCK9gf4P9qvwk7SzzmTvsZXnA8T3rV3anxmTfPkPd24_WgyOIYP0dIVDg&sig=Cg0ArKJSzBjYwd6c73jNEAE&adurl=

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:14:59 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 Aug 2021 05:14:59 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 41FC 18 KB
8 KB 21ms
11ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 05:11:41 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 41FC 2 KB
1 KB 20ms
5ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 04:51:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 04:51:06 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 41FC 124 KB
37 KB 104ms
104ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:14:59 GMT

GET
H2 200 10644020580384864386
tpc.googlesyndication.com/simgad/ Frame 41FC 39 KB
39 KB 19ms
12ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10644020580384864386

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021081201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdc6bc53b137725de58a3b90330b871c0b219f03b0bc2e33a9abe75cbf5a3b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 01:23:11 GMT
x-content-type-options: nosniff
age: 273108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39819
x-xss-protection: 0
last-modified: Thu, 05 Aug 2021 20:45:55 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 01:23:11 GMT

GET
DATA 200
OK truncated
/ Frame E70C 11 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06c4cf51e21b3c2fc932ac10219f1b2e27d6387d7db1dc4665506325ecd6b9c2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 m-outer-60c368c1e1eddba7bd149e4b4f5408df.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DE65 1 KB
819 B 28ms
28ms Script
application/javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:14:59 GMT
content-encoding: br
vary: Accept-Encoding
age: 300
via: 1.1 varnish
x-cache: HIT
content-length: 637
x-amz-id-2: IFluHZRKEGzOoXDLqnDUwE9arH7C7k3XLxhOgxxGHvfA6W5BleDfebCwh+OHSiMCLlBmCWpn8C0=
x-served-by: cache-fra19163-FRA
timing-allow-origin: *
last-modified: Tue, 29 Jun 2021 17:25:39 GMT
server: AmazonS3
etag: "78581b5abad6c4e7b59c0f8ee45a8134"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: K69XVADA20VEB16K
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 130

GET
H3-29 200 css
fonts.googleapis.com/ Frame B651 2 KB
434 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700

Requested by

Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 04:33:17 GMT
server: ESF
date: Thu, 19 Aug 2021 05:14:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 05:14:59 GMT

GET
H/1.1 200
OK 2892041
media.secondstreetapp.com/ Frame B651 507 KB
507 KB 553ms
260ms Image
image/jpeg 199.19.89.14
SSM-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.secondstreetapp.com/2892041
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.14 , United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-14.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2eff29a7bc6c56c3c4e3d9bcc28df21859748a0327e359ba69d6b9c4ba71e368

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 05:14:59 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 81
Content-Type: image/jpeg
X-StackifyID: V2|8b656c19-c3de-4833-9aea-60db5425eba3|C69601|CD14
Cache-Control: private
Content-Length: 518686
Expires: Fri, 19 Aug 2022 05:15:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame F2B3 932 B
973 B 30ms
28ms Document
text/html 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

server: nginx
content-type: text/html; charset=utf-8
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
etag: W/"6114649b-3a4"
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=300
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 19 Aug 2021 05:14:59 GMT
age: 242
x-served-by: cache-sea4479-SEA, cache-fra19163-FRA
x-cache: HIT, HIT
x-cache-hits: 1, 130
x-timer: S1629350100.949115,VS0,VE0
vary: Accept-Encoding
content-length: 537

GET
H3-29 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame B651 30 KB
30 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dominionpost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:52:14 GMT
x-content-type-options: nosniff
age: 141765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:52:14 GMT

GET
H3-29 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame B651 30 KB
30 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dominionpost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:52:14 GMT
x-content-type-options: nosniff
age: 141765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:52:14 GMT

GET
DATA 200
OK truncated
/ Frame 44D0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa8566c3dd97cb071dcb3753289dc12af1eb74a69b9ccaecf6ffff16f90545cd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9C44 0
0 67ms
67ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstXtdDyE_wP5vZ_HD1nfM3j94ICgXP4Hms5bPe6RNE54KyL0dEijUULZGNODQDpOXtd89o6qi6VSCKhOxIP6BrNYp2MWlnH2MFhYTsuH-mmSCC4c8mSOn0bn08goJD5V86bUSAMJJU9FntnP4EJ8fcgP8DScqlCU79PJ1UW1KGvwhxTm7gk4xpfzgidvvfHvNSuYRyJyrUxWh_IDNKQMrkaaeg1Q7no59mg9r3uVqKUKy43Ff1Dn3LLuh-7d38VTPbGExIjQAZWjtjb5uu8X__Xjq0bx92WK0KvuTsyIyB0oHDCHsau98bvTVGpLei-Kmiy5g&sai=AMfl-YSRdU8cF2TGFQ8EWeyrdXpAnpmJF0BMbRspUFokW0U1yD5TsBPdGi25XDA3MgLGWd_0QP6oaZxvIx5aIAae3p62xXrxJmLiJqJ1xUCTTKxBT50F3XljFfO_JFFXBOU&sig=Cg0ArKJSzFJ6Wx7SjM9pEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:15:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
DATA 200
OK truncated
/ Frame 9C44 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1c14d1564a965b4f336c153d2cc21b2a2b2b6119de23fbb1164c2001b3f32c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF52 0
0 67ms
67ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssV07vspqCtvOCpLCcx90Lk-ytAt2lcKEf0b0yil2V3NGk6AGpSE0uBxduF9GyKui-UF7Wjkgmm3KcXYH_0RlR2atdPOFqF0C5s1QSBxc4eBL4Ob-EDBsBKfdQxAx8hYxJR_QxvdJPb68PaiuW_AvN64o9XogmOmWwWiGZBPBf0r9o_ZHyT25S9TDoeGRo3IrF9eUlMHC1xe8xg6gnJkQVzrBhD1hllzhQuHro9nJJ5dgED_22fDunZ7rxCRiTTYkJt6P0gbR9aFJ2X19JqSYF7pQU5tCDkdBQ6FCOXbn8eJZC60kF9Js4AhcvVmsLRMiDcx8j-YAODgSMv7D22UQ&sai=AMfl-YTZ5jWqMSKwjhNNsbM1wjw4VIZsVTwYdVZwsjFKTkmmghTQ3BNK0wBhqW6VgE8Jerjj2ApJp5JiVrNk87HTTY1IdzXHGJhv1d2kzeQnkntL3gZvjFEv-VStZ2-uBUo&sig=Cg0ArKJSzJpvx9ZvstAPEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:15:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 41FC 0
0 66ms
66ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubkNYWVG5aeU1AOSeIAZdhjKbAFKY-4cWiQtunhG84PuidUTxaqsQUJGISGYkbmU1-hSLONc31GJPf5VvGF5T4jXa-nEfTW5WyR4tG1Z-nlHc6OLiLL9MVjAeyZzNySsf2p0vvtH--ENITfUXnlE0unnyNGtMcigEko7hyMUm7YZMJDisC4UAatJV1orI51yQScY_Tlfjbjze37YsDMP2mn-gMyIn7YuxDGslZQZooIg-NErE_-IxyZGOmaQGX2URpn5W-_5jybEDdxuJhY9gfUARKZxNurwukuT0XFBjgekxh4FMzskIh4DdDuweVIx9dU7lRpdKpKw6g&sai=AMfl-YR4HIZBMmczHayluB5FDgcHu6WBX8qbedYHB1AX5AvlEU1CBKEiMKbSUjygrtIhagNUJtBQ8ICjerZvVfM9zNm7vZFjv1rz4Y_FmUeySt80OWJNI10D1dCzeXPcvV0&sig=Cg0ArKJSzHLLQ9wqbxe9EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:15:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
DATA 200
OK truncated
/ Frame 41FC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9b06202120f64c7f2847a194391a379fe2b034848e91a58a845f24b5557e624

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9915 0
0 17ms
17ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZe460-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTSAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64Z69oaJ_d15bfPOGQWxmFqniMYAG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMyMDg3NDUyNjMzODgzNTQYAA&sigh=-kVtdZnLFZ0

Requested by

Host: www.dominionpost.com
URL: https://www.dominionpost.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208745263388354&output=html&h=280&slotname=3926158833&adk=3670756789&adf=3251233310&pi=t.ma~as.3926158833&w=360&fwrn=4&fwrnh=100&lmt=1629350099&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.dominionpost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629350099454&bpp=4&bdt=1256&idt=4&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0ab401c3cad7c07f-22ba094badc90055%3AT%3D1629350098%3ART%3D1629350098%3AS%3DALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA&prev_fmts=0x0&nras=1&correlator=2272086393149&frm=20&pv=1&ga_vid=804797133.1629350099&ga_sid=1629350099&ga_hid=2120784474&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C21066435%2C20211866%2C21065724%2C31062297&oid=3&pvsid=4019862396282742&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=Im3Gpx7HG7&p=https%3A//www.dominionpost.com&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 19 Aug 2021 05:15:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 9915 0
0 32ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jkh5n012ks09az217spg2hvh2pdg1mzy9r4xhmkhtgbnyzgm4ehvcp5jmdy9v22a58gd31732ag2z9nt2sp8kbvhpf3tcmpcwwb9bd5zy40at44frw00046vt7bzb9t0vpqztaynzh5pyhq61253me6rdy4eqq3k7fct4g1bezpsvp50ks38dbb8wftwf4eahfakf2vath9789zmss7v1z0kzkq2945wwdn3wrvshdc0j7xcbscq7bjd1tg89219rvk9nyvv8c7xxh7343ps28rxwabmf6m1hwtfh1eksawq842g6bfsbzz7gjmvx711b7fharrmrwmfchmenswfde5r8xe16x5nnnaz7mnyvmeryt6x7sjn421w1p5ceh2rrg8xzrna4&b=YR3o0wAHYB8Kd5kNAA_z3iV5E0V3BpDXnJ13sg
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 19 Aug 2021 05:15:00 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
ad4m.at/ad/ Frame FF80 2 KB
2 KB 37ms
20ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dr?ed=1g74pp2wmstz56v12d4r8ssk4c5geqmtpepmv5r1y8etx28904qtkf9sajxkg0wc4dwh378sp94avamh6n3h17nfcfnztshezxz5h6vh0ce1w53jf03k7wg45h9z1a05m67sgnhpbb76qwkkya2satknwaspm7hwhje1wsbmw9y1f0xd4w0h55c6vb9vnkbgh7jxc00mkrykp92nfa8dghdd2v08ycb6yjqrzpkv2pjvkm1jvzr6n49a9y9a9wg3wneknk0tzv1a7gv732tv7x69cksq2b1hdn1rgtqnrjkxp8jpdecsrs53vs46td130xv4n79x433werz992jahyqbg4stnqm7rwzcjxfpjs2qa6ds6fx3shbsxvyb0e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%26client%3Dca-pub-3208745263388354%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208745263388354&output=html&h=280&slotname=3926158833&adk=3670756789&adf=3251233310&pi=t.ma~as.3926158833&w=360&fwrn=4&fwrnh=100&lmt=1629350099&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.dominionpost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629350099454&bpp=4&bdt=1256&idt=4&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0ab401c3cad7c07f-22ba094badc90055%3AT%3D1629350098%3ART%3D1629350098%3AS%3DALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA&prev_fmts=0x0&nras=1&correlator=2272086393149&frm=20&pv=1&ga_vid=804797133.1629350099&ga_sid=1629350099&ga_hid=2120784474&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C21066435%2C20211866%2C21065724%2C31062297&oid=3&pvsid=4019862396282742&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=Im3Gpx7HG7&p=https%3A//www.dominionpost.com&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55fc7d3913eae6fc93217cdb9a2951eadc23206418cc19bdc9e4672221fd07f2

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dr?ed=1g74pp2wmstz56v12d4r8ssk4c5geqmtpepmv5r1y8etx28904qtkf9sajxkg0wc4dwh378sp94avamh6n3h17nfcfnztshezxz5h6vh0ce1w53jf03k7wg45h9z1a05m67sgnhpbb76qwkkya2satknwaspm7hwhje1wsbmw9y1f0xd4w0h55c6vb9vnkbgh7jxc00mkrykp92nfa8dghdd2v08ycb6yjqrzpkv2pjvkm1jvzr6n49a9y9a9wg3wneknk0tzv1a7gv732tv7x69cksq2b1hdn1rgtqnrjkxp8jpdecsrs53vs46td130xv4n79x433werz992jahyqbg4stnqm7rwzcjxfpjs2qa6ds6fx3shbsxvyb0e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%26client%3Dca-pub-3208745263388354%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-wmp3
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6810e6cdfb4342c9-FRA
content-encoding: br

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 9915 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 04:51:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 04:51:06 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B782 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Aug 2021 03:09:05 GMT
expires: Fri, 20 Aug 2021 03:09:05 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 7555
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9915 124 KB
37 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 9915 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 765
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Sep 2021 05:02:15 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 891E 2 KB
434 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700

Requested by

Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 03:30:46 GMT
server: ESF
date: Thu, 19 Aug 2021 05:15:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H/1.1 200
OK 3345657
media.secondstreetapp.com/ Frame 891E 46 KB
46 KB 1044ms
266ms Image
image/jpeg 199.19.89.14
SSM-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.secondstreetapp.com/3345657
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.14 , United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-14.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 238fc04b52db186a35d27a1031b4a9d60886bd2c3b722ab1906ee6ea51ae9cbb

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 05:15:00 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 82
Content-Type: image/jpeg
X-StackifyID: V2|825936c7-cd10-4acf-9973-dca1e79a01e9|C69601|CD16
Cache-Control: private
Content-Length: 46819
Expires: Fri, 19 Aug 2022 05:15:00 GMT

GET
H2 200 out-4.5.40.js Show response
m.stripe.network/ Frame F2B3 85 KB
18 KB 46ms
46ms Script
application/x-javascript 151.101.12.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.40.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"6114649b-154bc"
age: 56
x-cache: HIT, HIT
content-length: 18452
x-served-by: cache-sea4452-SEA, cache-fra19163-FRA
last-modified: Thu, 12 Aug 2021 00:00:27 GMT
server: nginx
x-timer: S1629350100.178952,VS0,VE0
date: Thu, 19 Aug 2021 05:15:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 33

GET
H3-29 200 107_0.jpg
ads.paywallproject.com/data/dbimg/media/ Frame 44D0 53 KB
54 KB 276ms
264ms Image
image/jpeg 2606:4700:3033::6815:3922
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.paywallproject.com/data/dbimg/media/107_0.jpg
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3922 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42fd6acb3e316c99d4bedbe154a920255438a857471daaf44b6ee59762fb4407

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 11 Aug 2021 20:33:48 GMT
server: cloudflare
etag: "d44c-5c94e891de7c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dzviDr2qdy3HRaT8NrjVLPeWV5g0Kacvpx5k9qmVh1n1B5tuGDANp%2Bf9fb7Aj2TDfewjvip8FIxhVxKbt95Rx1H23VxZJDeVPw82OKEAGi66pUOiX7UmYWKcTsQg0XvjTS%2FSCWijljAgfpnaDgef7eOnBJh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6810e6ce0f284db8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 54348

GET
H2 200 dpixel
cms.quantserve.com/ Frame B782 35 B
464 B 29ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEE0rTIobtbTrwiGagu5lzvI&google_cver=1&google_push=AYg5qPIkcOUEFG6mVbo6sdBozn1hwMGEtKDORkqKbcPMj4KKF2uIhlX1SLwWJfRqWsm8j7Ldvp_I37_ym6mVQeVAuqvAHOa-XwMV

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:00 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B782
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL_WXlrCash25EaeT4Ye_twtJz62RGTm2gejaWcGaKdlAzjHpY1QprwikJ6McTNMWv_CQEBLUwCQxZ57J6Wx8YMX9K6dE3m&google_gid=CAESEI-yETP7M9vuIS1MFdEpnfg&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNTR94gGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMX1dYbHJDYXNoMjVFYWVUNFllX3R3dEp6NjJSR1RtMmdlamFXY0dhS2RsQXpqSHBZMVFwcndpa0o2TWNUTk1Xdl9DUUVCTFV3Q1F4WjU3Sj...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUmgzRzhVQVN3SVI0WjhvU0ZyZWw5TkhnX2NQUHBDanA0cXFsbkI1TUEzNA==&google_push

170 B
188 B

53ms
53ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUmgzRzhVQVN3SVI0WjhvU0ZyZWw5TkhnX2NQUHBDanA0cXFsbkI1TUEzNA==&google_push

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 19 Aug 2021 05:15:00 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUmgzRzhVQVN3SVI0WjhvU0ZyZWw5TkhnX2NQUHBDanA0cXFsbkI1TUEzNA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame B782 43 B
324 B 116ms
51ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEABFfdgDQJJszXkhtQwl4-c&google_push=AYg5qPJZ4R7ZnQn-RKNX50csiRHZs9ixS_pp4o9SuOl4SYOmCj35yVRpC_RvLcP_T2-o67XVjB2C1-ttxeTfJhFnyA-fHrBgods&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3208745263388354&output=html&h=280&slotname=3926158833&adk=3670756789&adf=3251233310&pi=t.ma~as.3926158833&w=360&fwrn=4&fwrnh=100&lmt=1629350099&rafmt=1&psa=0&format=360x280&url=https%3A%2F%2Fwww.dominionpost.com%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629350099454&bpp=4&bdt=1256&idt=4&shv=r20210812&mjsv=m202108100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0ab401c3cad7c07f-22ba094badc90055%3AT%3D1629350098%3ART%3D1629350098%3AS%3DALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA&prev_fmts=0x0&nras=1&correlator=2272086393149&frm=20&pv=1&ga_vid=804797133.1629350099&ga_sid=1629350099&ga_hid=2120784474&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1010&ady=2383&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44747620%2C21066435%2C20211866%2C21065724%2C31062297&oid=3&pvsid=4019862396282742&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&btvi=1&fsb=1&xpc=Im3Gpx7HG7&p=https%3A//www.dominionpost.com&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:00 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B782
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEANHcKn3cg1_xNkCk4rlpD0&google_cver=1&google_push=AYg5qPKa9Z5xoPEnM8epQr4iDnvRYTMsYRpxp_tENNwe5ocaK_HWupgI60EK0IfRY-nVXIiNaq-qgtzuvP1Uh3z2ZA9K3IwQiHLG
https://rtb.openx.net/sync/dds?google_gid=CAESEANHcKn3cg1_xNkCk4rlpD0&google_cver=1&google_push=AYg5qPKa9Z5xoPEnM8epQr4iDnvRYTMsYRpxp_tENNwe5ocaK_HWupgI60EK0IfRY-nVXIiNaq-qgtzuvP1Uh3z2ZA9K3IwQiHLG&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKa9Z5xoPEnM8epQr4iDnvRYTMsYRpxp_tENNwe5ocaK_HWupgI60EK0IfRY-nVXIiNaq-qgtzuvP1Uh3z2ZA9K3IwQiHLG&google_hm=E4tk_Zq1xVgG0d7eh1Tdyw==

170 B
188 B

54ms
54ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKa9Z5xoPEnM8epQr4iDnvRYTMsYRpxp_tENNwe5ocaK_HWupgI60EK0IfRY-nVXIiNaq-qgtzuvP1Uh3z2ZA9K3IwQiHLG&google_hm=E4tk_Zq1xVgG0d7eh1Tdyw==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:14:59 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKa9Z5xoPEnM8epQr4iDnvRYTMsYRpxp_tENNwe5ocaK_HWupgI60EK0IfRY-nVXIiNaq-qgtzuvP1Uh3z2ZA9K3IwQiHLG&google_hm=E4tk_Zq1xVgG0d7eh1Tdyw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: oa5mki3rlf7bee5uadiqcsdeercge9tk

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B782
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FcxonFmnRGKCTcj74qCCyA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

55ms
55ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FcxonFmnRGKCTcj74qCCyA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ0LBizhyKT_n1ZDP05uFTUNC48meInz88Egr-sC4M-nENjBMDbau8ehx-1V3hoA_ClfdwwFlFt6ub6bUqgAnpomZpxxGDU

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FcxonFmnRGKCTcj74qCCyA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ0LBizhyKT_n1ZDP05uFTUNC48meInz88Egr-sC4M-nENjBMDbau8ehx-1V3hoA_ClfdwwFlFt6ub6bUqgAnpomZpxxGDU
date: Thu, 19 Aug 2021 05:15:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B782
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFkRfwY50aU216adrPhDSWY&google_cver=1&google_push=AYg5qPKLqDp5r2mfAe4WTWSyAiBZaYKhTUvXv2GGNu-Igj2EPpUp8i07_-_h2WkHMdz7JRXHD6y...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NJR1pCSkMtUi1CUk9W&google_push=AYg5qPKLqDp5r2mfAe4WTWSyAiBZaYKhTUvXv2GGNu-Igj2EPpUp8i07_-_h2WkHMdz7JRXHD6yYUjBSyYZSchVSDztq-gpk_cXJ

170 B
188 B

63ms
63ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NJR1pCSkMtUi1CUk9W&google_push=AYg5qPKLqDp5r2mfAe4WTWSyAiBZaYKhTUvXv2GGNu-Igj2EPpUp8i07_-_h2WkHMdz7JRXHD6yYUjBSyYZSchVSDztq-gpk_cXJ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1NJR1pCSkMtUi1CUk9W&google_push=AYg5qPKLqDp5r2mfAe4WTWSyAiBZaYKhTUvXv2GGNu-Igj2EPpUp8i07_-_h2WkHMdz7JRXHD6yYUjBSyYZSchVSDztq-gpk_cXJ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame B782
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnH...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B782 0
244 B 153ms
52ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSD-CGhc8InNXrWi-rOUPrgjqnVbCDiCEvcpqtViIQ0lk7WMgrMU6pVrbL-q4a5W-nl2dB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 9915 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 076920c06c36cff84602923b47c5da27466fc48d3f35a5f0a346b83397abff66

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame 891E 30 KB
30 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dominionpost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:52:14 GMT
x-content-type-options: nosniff
age: 141766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:52:14 GMT

GET
H3-29 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame 891E 30 KB
30 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dominionpost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:52:14 GMT
x-content-type-options: nosniff
age: 141766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:52:14 GMT

GET
H3-29 200 default.css
ad4m.at/0.1.124-320/style/one-ad/ Frame FF80 58 KB
59 KB 24ms
15ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1g74pp2wmstz56v12d4r8ssk4c5geqmtpepmv5r1y8etx28904qtkf9sajxkg0wc4dwh378sp94avamh6n3h17nfcfnztshezxz5h6vh0ce1w53jf03k7wg45h9z1a05m67sgnhpbb76qwkkya2satknwaspm7hwhje1wsbmw9y1f0xd4w0h55c6vb9vnkbgh7jxc00mkrykp92nfa8dghdd2v08ycb6yjqrzpkv2pjvkm1jvzr6n49a9y9a9wg3wneknk0tzv1a7gv732tv7x69cksq2b1hdn1rgtqnrjkxp8jpdecsrs53vs46td130xv4n79x433werz992jahyqbg4stnqm7rwzcjxfpjs2qa6ds6fx3shbsxvyb0e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%26client%3Dca-pub-3208745263388354%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer: https://ad4m.at/ad/dr?ed=1g74pp2wmstz56v12d4r8ssk4c5geqmtpepmv5r1y8etx28904qtkf9sajxkg0wc4dwh378sp94avamh6n3h17nfcfnztshezxz5h6vh0ce1w53jf03k7wg45h9z1a05m67sgnhpbb76qwkkya2satknwaspm7hwhje1wsbmw9y1f0xd4w0h55c6vb9vnkbgh7jxc00mkrykp92nfa8dghdd2v08ycb6yjqrzpkv2pjvkm1jvzr6n49a9y9a9wg3wneknk0tzv1a7gv732tv7x69cksq2b1hdn1rgtqnrjkxp8jpdecsrs53vs46td130xv4n79x433werz992jahyqbg4stnqm7rwzcjxfpjs2qa6ds6fx3shbsxvyb0e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%26client%3Dca-pub-3208745263388354%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=/Fheiw==, md5=iazLgrLD9V76ltPySV8jTQ==
date: Thu, 19 Aug 2021 05:15:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4473762
cf-polished: origSize=59196
x-guploader-uploadid: ADPycdtkioITd9kON3MDPr-nVhtDYZvM5BcWwBJS7eF-ZszN4EdBaLdVcBmWoP0vGtgvogL9Lz8Tib9QpKYbbvav9lA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 58969
last-modified: Mon, 28 Jun 2021 10:31:59 GMT
server: cloudflare
etag: "89accb82b2c3f55efa96d3f2495f234d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSePYg489piP9r8%2FGQ52iMpIplxJTPZ0AcFHpAAetILWkq5uQIzS2K%2FNm9Vr09vmQkuqPVdSo%2FbkfkRpbHOdJ0Dr%2BXNwINFt1bdfqV0pwR2mwRvSYoGxP5Xd%2BwODkm0jKSogYvQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1624876319573767
content-type: text/css
expires: Tue, 28 Jun 2022 10:32:18 GMT
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 6688
accept-ranges: bytes
cf-ray: 6810e6ce7fda4e1a-FRA
cf-bgj: minify

GET
H3-29 200 fxpcopuw.js Show response
ad4m.at/ Frame FF80 36 KB
13 KB 30ms
21ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1g74pp2wmstz56v12d4r8ssk4c5geqmtpepmv5r1y8etx28904qtkf9sajxkg0wc4dwh378sp94avamh6n3h17nfcfnztshezxz5h6vh0ce1w53jf03k7wg45h9z1a05m67sgnhpbb76qwkkya2satknwaspm7hwhje1wsbmw9y1f0xd4w0h55c6vb9vnkbgh7jxc00mkrykp92nfa8dghdd2v08ycb6yjqrzpkv2pjvkm1jvzr6n49a9y9a9wg3wneknk0tzv1a7gv732tv7x69cksq2b1hdn1rgtqnrjkxp8jpdecsrs53vs46td130xv4n79x433werz992jahyqbg4stnqm7rwzcjxfpjs2qa6ds6fx3shbsxvyb0e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%26client%3Dca-pub-3208745263388354%26adurl%3D
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Referer: https://ad4m.at/ad/dr?ed=1g74pp2wmstz56v12d4r8ssk4c5geqmtpepmv5r1y8etx28904qtkf9sajxkg0wc4dwh378sp94avamh6n3h17nfcfnztshezxz5h6vh0ce1w53jf03k7wg45h9z1a05m67sgnhpbb76qwkkya2satknwaspm7hwhje1wsbmw9y1f0xd4w0h55c6vb9vnkbgh7jxc00mkrykp92nfa8dghdd2v08ycb6yjqrzpkv2pjvkm1jvzr6n49a9y9a9wg3wneknk0tzv1a7gv732tv7x69cksq2b1hdn1rgtqnrjkxp8jpdecsrs53vs46td130xv4n79x433werz992jahyqbg4stnqm7rwzcjxfpjs2qa6ds6fx3shbsxvyb0e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%26client%3Dca-pub-3208745263388354%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Thu, 19 Aug 2021 05:15:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78705
x-guploader-uploadid: ADPycdtbm5HZ6tZ2a49vLW4oHo5Y2VTbyNWKulUbx6169BTxjkLd7GvsJmKrHg2B3vcV0e4J7QXZdq3OJPPym_ks9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Tue, 10 Aug 2021 10:08:16 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkVIHTxgNIXDFi2b7Rm25cgPOY14KGHJzfJr1XQHTMF5Pq%2BN5FcoBmVHPtEB2qfncRJKIn%2FFv2K%2FRwNQZ0aVrbeAsaI32hEpDFIGX0XxdfF%2Fz69r1Mji%2FXugH%2BNE5rGmSzCeeLo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1628590096242097
content-type: application/javascript; charset=utf-8
expires: Wed, 18 Aug 2021 07:23:15 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6810e6ce6fd84e1a-FRA
cf-bgj: minify

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 24D6 113 B
159 B 14ms
14ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff3a49ad133dd749cef26307962704405fff5878cdd8820e80d36fd45c0447f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 24D6 29 B
523 B 25ms
6ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:10:36 GMT
x-content-type-options: nosniff
age: 264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Aug 2021 05:25:36 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame FF80 3 KB
4 KB 50ms
32ms Image
image/png 2606:4700:3032::ac43:aa7a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: ad4m.at
URL: https://ad4m.at/0.1.124-320/style/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer: https://ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Thu, 19 Aug 2021 05:15:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6107718
x-guploader-uploadid: ABg5-UzzLZaEcDbjdbhukLGh7tDKAZOMFJOiU4iHwOPl8QLDCjazkiciYkkK8qFWGCtZPjDfwbZeIl1PxPDK-jxIb2s
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRY5oZ3kgT1h8CWmERkXLVFpvKWYD%2FM9Bi4XnMVt1OxPyQ1KquKb%2BNR5f1LdPL%2FFd72nw9DJTy1cAZbTriV7gKQ1vYfmqIZGOhMwwqZn%2BNjzXd4pbKZVXydYCGMT787juABbN7ISVdMKkIFnfb4eyZgQWg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6810e6cfd9babec4-FRA
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H2 200 qAwJrio5YLmbxwIbUBkEdCx778dpO2gpv2aX72zM0-c.js Show response
www.google.com/js/th/ Frame 24D6 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/qAwJrio5YLmbxwIbUBkEdCx778dpO2gpv2aX72zM0-c.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a80c09ae2a3960b99bc7021b501904742c7befc7693b6829bf6697ef6cccd3e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 05:11:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13349
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 15:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 05:11:53 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/ Frame 24D6 25 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

045f7c48ba7cdf177bc78ad8944d9e4298e64063ebf5144156b8c6f3ad6c46ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 16:33:17 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 18:31:22 GMT
server: sffe
age: 132103
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7489
x-xss-protection: 0
expires: Wed, 17 Aug 2022 16:33:17 GMT

POST
H3-29 200 player Show response
www.youtube.com/youtubei/v1/ Frame 24D6 78 KB
19 KB 95ms
95ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1f54e15ab921f8f4b22953fd81a07b5dc0872a6cd44dc359bd7c3ce36379c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210816.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: CgtyZDkzLXdEMGMtbyjT0feIBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19499
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
DATA 200
OK truncated
/ Frame 24D6 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLRD_Wo0vs8nx5CDm-_isjF6CN0WWyt7sSH5t7_7hw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 24D6 3 KB
3 KB 40ms
20ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLRD_Wo0vs8nx5CDm-_isjF6CN0WWyt7sSH5t7_7hw=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0ffdc2acbb29237e892c57264b5f2551547b743ea32292f6c1dc1476abd2dee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3160
x-xss-protection: 0
server: fife
etag: "vc52"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 07 Jul 2021 04:36:15 GMT

GET
DATA 200
OK truncated
/ Frame 24D6 283 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 10bbbb5c5ae22683c47f305bb0f2987078bf85ee76cb85e6d9bb36947e4fb3a9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 6 Show response
m.stripe.com/ Frame F2B3 156 B
518 B 554ms
186ms XHR
text/plain 34.215.192.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.40.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.192.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-192-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e30ce2bbde86d41585402b26d72be14a4d5901927f25a7648593fb8be6e7bcea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 19 Aug 2021 05:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H3-29 200 frame.html Show response
ad4m.at/ Frame 6B64 2 KB
2 KB 13ms
13ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad4m.at/ad/dr?ed=1g74pp2wmstz56v12d4r8ssk4c5geqmtpepmv5r1y8etx28904qtkf9sajxkg0wc4dwh378sp94avamh6n3h17nfcfnztshezxz5h6vh0ce1w53jf03k7wg45h9z1a05m67sgnhpbb76qwkkya2satknwaspm7hwhje1wsbmw9y1f0xd4w0h55c6vb9vnkbgh7jxc00mkrykp92nfa8dghdd2v08ycb6yjqrzpkv2pjvkm1jvzr6n49a9y9a9wg3wneknk0tzv1a7gv732tv7x69cksq2b1hdn1rgtqnrjkxp8jpdecsrs53vs46td130xv4n79x433werz992jahyqbg4stnqm7rwzcjxfpjs2qa6ds6fx3shbsxvyb0e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%26client%3Dca-pub-3208745263388354%26adurl%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad4m.at/ad/dr?ed=1g74pp2wmstz56v12d4r8ssk4c5geqmtpepmv5r1y8etx28904qtkf9sajxkg0wc4dwh378sp94avamh6n3h17nfcfnztshezxz5h6vh0ce1w53jf03k7wg45h9z1a05m67sgnhpbb76qwkkya2satknwaspm7hwhje1wsbmw9y1f0xd4w0h55c6vb9vnkbgh7jxc00mkrykp92nfa8dghdd2v08ycb6yjqrzpkv2pjvkm1jvzr6n49a9y9a9wg3wneknk0tzv1a7gv732tv7x69cksq2b1hdn1rgtqnrjkxp8jpdecsrs53vs46td130xv4n79x433werz992jahyqbg4stnqm7rwzcjxfpjs2qa6ds6fx3shbsxvyb0e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%26client%3Dca-pub-3208745263388354%26adurl%3D

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires: Thu, 19 Aug 2021 06:15:00 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2189942
cache-control: public, max-age=3600
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tqgxWwHjsziooqr3Sb75q7bXQNyiQS%2BTU7hwuCVfereDPnaG5Y0fZcHZ9ZYJr2kTreSJVr0ILSyq4uvFbdpUXaqneWOXYg%2FfcinVFLq50y6pFUt%2BiuCnVwipbgisHmicuxSz7I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6810e6d0ec5b4e1a-FRA
content-encoding: br

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 44D0 0
0 65ms
65ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGlTn4bmBSjMq3GG1oEg55lRoLsfHdokB7Hs-fG5GBV0jc0mXvJuPckUCGPair2nl0BtW28adNC5YmnZEI_dfQ6uxkvXtmjvbjX7CwTa9b5cOz3-GK9zzgmq0rX3hH1mCmYhXgIarP1-uUUVbIBthQqUo3JIGjKIMfja3d2rKrjY68ZDcdb0IcEBr0VgMx_Ww6GoSzYbU1bc39wBKYWbf4PuM4JiKXIp6OuPaN1MOMlEV5q_mYuC0LslMBjlz2A4YrbDNvigYB_pJjYpgB4-_2Yc-xczdxuOwG6TJeq9BxxMLLnTHMAUSWOhWRuxfY2L9cE_4igWvd&sai=AMfl-YR08A86Ruwut6-yNJ_XQmTJBY0Jm2Qxu0x65AIUumRU8DKz4nTwHq8KUNnBJfr0fr8YLS0FYTYjvh_dzxzMVT2d6S1xUGkTwuyIFexwzGLWgWzovyR-9wjpIi03fE8&sig=Cg0ArKJSzAqCMXDiibkCEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:15:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 0D29 2 KB
434 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700

Requested by

Host: embed.secondstreetapp.com
URL: https://embed.secondstreetapp.com/Scripts/dist/optin.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 03:57:56 GMT
server: ESF
date: Thu, 19 Aug 2021 05:15:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H/1.1 200
OK 2660434
media.secondstreetapp.com/ Frame 0D29 35 KB
35 KB 1297ms
148ms Image
image/png 199.19.89.14
SSM-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.secondstreetapp.com/2660434
Requested by: Host: www.dominionpost.com
URL: https://www.dominionpost.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 199.19.89.14 , United States, ASN54105 (SSM-NET, US),
Reverse DNS: 199-19-89-14.secondstreetmedia.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f099253d396ffa25675a48e190ed131f5cf0047f762790a544c2e070fee65aca

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 05:15:00 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-SS: 82
Content-Type: image/png
X-StackifyID: V2|b22745ea-7197-44f0-9747-2e5f25f11d02|C69601|CD16
Cache-Control: private
Content-Length: 35718
Expires: Fri, 19 Aug 2022 05:15:01 GMT

POST
H3-29 204 qoe
www.youtube.com/api/stats/ Frame 24D6 0
19 B 15ms
15ms Ping
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=FJGeX1Kddp6_-PNP&ei=1OgdYYKcIcPI1gKd0pWYAw&el=embedded&docid=BGXl9YxBUWo&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24053866%2C24060922%2C24080738%2C24082661%2C24084071%2C24090769&cl=391075789&seq=1&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210816.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.010:B,0.174:B,0.174:B&cmt=0.010:0.000,0.174:0.000&ctmp=cc:t.162;useVodTrack&afs=0.174:251::i&vfs=0.174:243:243::r&view=0.174:300:315&bwe=0.174:130000&bat=0.174:1:1&vis=0.174:0&bh=0.174:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:00 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r3---sn-4g5e6nzs.googlevideo.com/ Frame 24D6 74 KB
75 KB 51ms
32ms XHR
video/webm 2a00:1450:4001:4c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1629371700&ei=1OgdYYKcIcPI1gKd0pWYAw&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AIwz_w-40qSndf1Fx0TWEM3GFv1Vx4w_YbIwNBzYC8RS&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=jE&mm=31%2C29&mn=sn-4g5e6nzs%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=3&pl=50&initcwndbps=528750&vprv=1&mime=video%2Fwebm&ns=4fcxh4X01uggFtsfWa6P1pEG&gir=yes&clen=651409&dur=30.029&lmt=1628266151639366&mt=1629349980&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5316224&n=OYVIOVJQApT7kA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAP3VaJRVK63VFfAaRWVzFtHWwz2KEDTmVyT8UEYCrRujAiAn3hpUn9LMWzMBm8hT8In_arw1UTS1olwUlBFKnS86ag%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgG6IG-K-OTi2PnzrxMCLv8AAraFTxFrOUAWykHYgXH-kCIQDRcZCF-0xuW4qXUwuTNq2v13EULY0-n2G2WPO6d6bs4g%3D%3D&alr=yes&cpn=FJGeX1Kddp6_-PNP&cver=1.20210816.0.0&range=0-75273&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3ab7f5668e19a72b8674eb4979d70ad94f2fb339614bd82efde11d23e282e12f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 05:15:00 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 75274
Last-Modified: Fri, 06 Aug 2021 16:09:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r3---sn-4g5e6nzs.googlevideo.com/ Frame 24D6 64 KB
65 KB 38ms
21ms XHR
audio/webm 2a00:1450:4001:4c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1629371700&ei=1OgdYYKcIcPI1gKd0pWYAw&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AIwz_w-40qSndf1Fx0TWEM3GFv1Vx4w_YbIwNBzYC8RS&itag=251&source=youtube&requiressl=yes&mh=jE&mm=31%2C29&mn=sn-4g5e6nzs%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=3&pl=50&initcwndbps=528750&vprv=1&mime=audio%2Fwebm&ns=4fcxh4X01uggFtsfWa6P1pEG&gir=yes&clen=526596&dur=30.061&lmt=1628266148717896&mt=1629349980&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=OYVIOVJQApT7kA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALIRbi8FLs0vaJGKQKrebin3st9znPvqq5kl7UwJSnx8AiBzpmT7e20nkvJ3ECPc_htnBegc8OYy5NeHPzapo0l2cQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgG6IG-K-OTi2PnzrxMCLv8AAraFTxFrOUAWykHYgXH-kCIQDRcZCF-0xuW4qXUwuTNq2v13EULY0-n2G2WPO6d6bs4g%3D%3D&alr=yes&cpn=FJGeX1Kddp6_-PNP&cver=1.20210816.0.0&range=0-65868&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c38888888f27fd10160e834ac4f749361577e7019c2be52d641e24ee2c48dbd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 05:15:00 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 65869
Last-Modified: Fri, 06 Aug 2021 16:09:08 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/ Frame 24D6 95 KB
29 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9689b61f6e12ea46d19b7cc10ca575ae3f6e6cfcffbaddb155f00972fa6a7970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 16:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 131966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29754
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 18:31:22 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 16:35:34 GMT

GET
H3-29 200 captions.js Show response
www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/ Frame 24D6 63 KB
24 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b360dc0f7b620d85a01b221bbda071a1d681af8f1799e64e425e4b48b51af0dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 16:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 18:31:22 GMT
server: sffe
age: 131967
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24285
x-xss-protection: 0
expires: Wed, 17 Aug 2022 16:35:33 GMT

GET
H3-29 200 endscreen.js Show response
www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/ Frame 24D6 26 KB
7 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19841294d3dc8c573d52d514fed5646f5bd54c434c5760997385131e9b9ab34d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 16:35:34 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 16 Aug 2021 18:31:22 GMT
server: sffe
age: 131966
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7203
x-xss-protection: 0
expires: Wed, 17 Aug 2022 16:35:34 GMT

POST
H3-29 200 next Show response
www.youtube.com/youtubei/v1/ Frame 24D6 64 KB
5 KB 195ms
195ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b7035bdca697394ef695868eb9bd52a256f573e8e8289ba0493b1924989275f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20210816.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Goog-Visitor-Id: CgtyZDkzLXdEMGMtbyjT0feIBg%3D%3D
Content-Type: application/json

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5375
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H3-29 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame 0D29 30 KB
30 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dominionpost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:52:14 GMT
x-content-type-options: nosniff
age: 141766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:52:14 GMT

GET
H3-29 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame 0D29 30 KB
30 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dominionpost.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 13:52:14 GMT
x-content-type-options: nosniff
age: 141766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:52:14 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 24D6 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?d0mssA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzs.googlevideo.com/ Frame 24D6 108 KB
109 KB 14ms
6ms XHR
video/webm 2a00:1450:4001:4c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9e83b410f9fe615ae14fa0e636706a8d0ed94f7e9baea34f1af705d6ddfe6561

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111079
client-protocol: quic
last-modified: Fri, 06 Aug 2021 16:09:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 33ms
19ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e58dbc4a774404082c9927b6ea75caf3ebc68127203e904108738351452791c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 19 Aug 2021 05:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8559
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 24D6 4 KB
2 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzs.googlevideo.com/ Frame 24D6 67 KB
67 KB 7ms
6ms XHR
audio/webm 2a00:1450:4001:4c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1629371700&ei=1OgdYYKcIcPI1gKd0pWYAw&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AIwz_w-40qSndf1Fx0TWEM3GFv1Vx4w_YbIwNBzYC8RS&itag=251&source=youtube&requiressl=yes&mh=jE&mm=31%2C29&mn=sn-4g5e6nzs%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=3&pl=50&initcwndbps=528750&vprv=1&mime=audio%2Fwebm&ns=4fcxh4X01uggFtsfWa6P1pEG&gir=yes&clen=526596&dur=30.061&lmt=1628266148717896&mt=1629349980&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=OYVIOVJQApT7kA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALIRbi8FLs0vaJGKQKrebin3st9znPvqq5kl7UwJSnx8AiBzpmT7e20nkvJ3ECPc_htnBegc8OYy5NeHPzapo0l2cQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgG6IG-K-OTi2PnzrxMCLv8AAraFTxFrOUAWykHYgXH-kCIQDRcZCF-0xuW4qXUwuTNq2v13EULY0-n2G2WPO6d6bs4g%3D%3D&alr=yes&cpn=FJGeX1Kddp6_-PNP&cver=1.20210816.0.0&range=65869-134630&rn=4&rbuf=3813

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9fe5d92227a51fae1d844f62a322c12a1996984100ed243b0fab0f1a0b847436

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68762
client-protocol: quic
last-modified: Fri, 06 Aug 2021 16:09:08 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H3-29 204 playback
www.youtube.com/api/stats/ Frame 24D6 0
17 B 19ms
19ms Image
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=FJGeX1Kddp6_-PNP&docid=BGXl9YxBUWo&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FBGXl9YxBUWo%3Fautoplay%3D1%26%2Cloop%3D1%26mute%3D1%26%2522&cmt=0.007&ei=1OgdYYKcIcPI1gKd0pWYAw&fmt=243&fs=0&rt=0.4&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fwww.dominionpost.com%2F&lact=426&cl=391075789&mos=1&vm=CAEQABgEOjJBS1JhaHdER083UWVjV3loMGdPOEpDajMtSzlSRFdWOXhyUTdkQndEODhxZXZmNk9iZ2JMQUh3MUlTOGxJTGxwUVAtdHotTUFzSkY5YnlwUThxVnh5VTRwYTd6cjVic19jZmtsaGNac09CVVlBRTZzVXhvTVFlRHVmLVJpdmJiUw&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210816.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=DE&len=30.061&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24053866%2C24060922%2C24080738%2C24082661%2C24084071%2C24090769&rtn=4&afmt=251&size=300%3A315&inview=1&muted=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:00 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 ptracking
www.youtube.com/ Frame 24D6 0
19 B 14ms
14ms Image
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=BGXl9YxBUWo&cpn=FJGeX1Kddp6_-PNP&ei=1OgdYYKcIcPI1gKd0pWYAw&ptk=youtube_none&pltype=contentugc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:00 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzs.googlevideo.com/ Frame 24D6 138 KB
138 KB 7ms
6ms XHR
audio/webm 2a00:1450:4001:4c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1629371700&ei=1OgdYYKcIcPI1gKd0pWYAw&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AIwz_w-40qSndf1Fx0TWEM3GFv1Vx4w_YbIwNBzYC8RS&itag=251&source=youtube&requiressl=yes&mh=jE&mm=31%2C29&mn=sn-4g5e6nzs%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=3&pl=50&initcwndbps=528750&vprv=1&mime=audio%2Fwebm&ns=4fcxh4X01uggFtsfWa6P1pEG&gir=yes&clen=526596&dur=30.061&lmt=1628266148717896&mt=1629349980&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=OYVIOVJQApT7kA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALIRbi8FLs0vaJGKQKrebin3st9znPvqq5kl7UwJSnx8AiBzpmT7e20nkvJ3ECPc_htnBegc8OYy5NeHPzapo0l2cQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgG6IG-K-OTi2PnzrxMCLv8AAraFTxFrOUAWykHYgXH-kCIQDRcZCF-0xuW4qXUwuTNq2v13EULY0-n2G2WPO6d6bs4g%3D%3D&alr=yes&cpn=FJGeX1Kddp6_-PNP&cver=1.20210816.0.0&range=134631-275539&rn=5&rbuf=7813

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b1adb8994b89709b54e755efc81c5ff10f116e9e7f2303df90d8775ff903306e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140909
client-protocol: quic
last-modified: Fri, 06 Aug 2021 16:09:08 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 19 Aug 2021 05:15:00 GMT

POST
H3-29 200 rs Show response
ad4m.at/ Frame FF80 1 KB
2 KB 38ms
37ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1476fa183bce64dbf681668acb7066773d34e31a61478c4a882c9716cb37e8e4

Request headers

Referer: https://ad4m.at/ad/dr?ed=1g74pp2wmstz56v12d4r8ssk4c5geqmtpepmv5r1y8etx28904qtkf9sajxkg0wc4dwh378sp94avamh6n3h17nfcfnztshezxz5h6vh0ce1w53jf03k7wg45h9z1a05m67sgnhpbb76qwkkya2satknwaspm7hwhje1wsbmw9y1f0xd4w0h55c6vb9vnkbgh7jxc00mkrykp92nfa8dghdd2v08ycb6yjqrzpkv2pjvkm1jvzr6n49a9y9a9wg3wneknk0tzv1a7gv732tv7x69cksq2b1hdn1rgtqnrjkxp8jpdecsrs53vs46td130xv4n79x433werz992jahyqbg4stnqm7rwzcjxfpjs2qa6ds6fx3shbsxvyb0e0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%26client%3Dca-pub-3208745263388354%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6810e6d2df9e4e1a-FRA
date: Thu, 19 Aug 2021 05:15:00 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ck2bOqqMbaoTdSizyY9bklLJjuSsuP3LIriDxqPZ2%2FiCKaAj%2B3XHVq2s9Dt2InSMniHd48upySBam2nSVmUHKDzDi28%2BoBzK5UPP1rDVv15P293A77OHpeWSKOkVZvU14oHKuDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://ad4m.at
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: rs-v23g

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C41C 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dominionpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dominionpost.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 18 Aug 2021 18:58:00 GMT
expires: Thu, 18 Aug 2022 18:58:00 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 37020
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 376B 783 B
533 B 16ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6daf45b6020a60a8fb30ec41f36e4fd39c71542ebc0df9fae405b02f632abebc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8bCJsaMX6G9zkUqewa4MfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dominionpost.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dominionpost.com/

Response headers

expires: Thu, 19 Aug 2021 05:15:00 GMT
date: Thu, 19 Aug 2021 05:15:00 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-8bCJsaMX6G9zkUqewa4MfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzs.googlevideo.com/ Frame 24D6 222 KB
222 KB 7ms
7ms XHR
video/webm 2a00:1450:4001:4c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

069d53f87e828d4866f6907a145ac5a8fcf3a2139d3cb5b7509aaab090e23030

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:00 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226971
client-protocol: quic
last-modified: Fri, 06 Aug 2021 16:09:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 19 Aug 2021 05:15:00 GMT

GET
H3-29 200 2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js Show response
pagead2.googlesyndication.com/bg/ Frame C41C 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2Mamy1gctW5X5kkoV06eENoOKaZzKSb08nEhfCw43oY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 01:47:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13268
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 01:47:07 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 1C0D 9 KB
4 KB 20ms
19ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=sMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepx&g=95e810713a62af15cde1a7c0a2683caf%2F2999403134066262003&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629350100962&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23j2t0ftm9pjmdrrcg3hamsh1rxm97kr62vechtde21kwrxnc2q581tzamqyw04qq2ktpzw17har6d18rsq3cyq5rd95y5s44cry00may5n756h2f51aa72f0wgwp9q4n9fdhrqpv52387ch64rax5mx95faxfzzb9r7b3bcd9vh60yf5g8mqeax79cj3vtdgrxxkpyw83eq920kt4crqekhwccf1qy2056sc8ew9cy7sbq7k0qdhsqjf9135dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%2526client%253Dca-pub-3208745263388354%2526adurl%253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1e6797ef853c0408c3a1f051c086f29e35954509ddddbbdf8128a5470747b37

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=sMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepx&g=95e810713a62af15cde1a7c0a2683caf%2F2999403134066262003&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629350100962&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23j2t0ftm9pjmdrrcg3hamsh1rxm97kr62vechtde21kwrxnc2q581tzamqyw04qq2ktpzw17har6d18rsq3cyq5rd95y5s44cry00may5n756h2f51aa72f0wgwp9q4n9fdhrqpv52387ch64rax5mx95faxfzzb9r7b3bcd9vh60yf5g8mqeax79cj3vtdgrxxkpyw83eq920kt4crqekhwccf1qy2056sc8ew9cy7sbq7k0qdhsqjf9135dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%2526client%253Dca-pub-3208745263388354%2526adurl%253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:01 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6810e6d3381442c9-FRA
content-encoding: br

GET
H3-29 200 default.css
as.ad4m.at/ad/style/0.1.8/one-ad/ Frame 1C0D 64 KB
8 KB 15ms
14ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=sMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepx&g=95e810713a62af15cde1a7c0a2683caf%2F2999403134066262003&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629350100962&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23j2t0ftm9pjmdrrcg3hamsh1rxm97kr62vechtde21kwrxnc2q581tzamqyw04qq2ktpzw17har6d18rsq3cyq5rd95y5s44cry00may5n756h2f51aa72f0wgwp9q4n9fdhrqpv52387ch64rax5mx95faxfzzb9r7b3bcd9vh60yf5g8mqeax79cj3vtdgrxxkpyw83eq920kt4crqekhwccf1qy2056sc8ew9cy7sbq7k0qdhsqjf9135dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%2526client%253Dca-pub-3208745263388354%2526adurl%253D&y=1&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=sMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepx&g=95e810713a62af15cde1a7c0a2683caf%2F2999403134066262003&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629350100962&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23j2t0ftm9pjmdrrcg3hamsh1rxm97kr62vechtde21kwrxnc2q581tzamqyw04qq2ktpzw17har6d18rsq3cyq5rd95y5s44cry00may5n756h2f51aa72f0wgwp9q4n9fdhrqpv52387ch64rax5mx95faxfzzb9r7b3bcd9vh60yf5g8mqeax79cj3vtdgrxxkpyw83eq920kt4crqekhwccf1qy2056sc8ew9cy7sbq7k0qdhsqjf9135dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%2526client%253Dca-pub-3208745263388354%2526adurl%253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:01 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 48263
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6810e6d3d9524e1a-FRA
expires: 0

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 1C0D 18 KB
19 KB 29ms
25ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=sMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepx&g=95e810713a62af15cde1a7c0a2683caf%2F2999403134066262003&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629350100962&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23j2t0ftm9pjmdrrcg3hamsh1rxm97kr62vechtde21kwrxnc2q581tzamqyw04qq2ktpzw17har6d18rsq3cyq5rd95y5s44cry00may5n756h2f51aa72f0wgwp9q4n9fdhrqpv52387ch64rax5mx95faxfzzb9r7b3bcd9vh60yf5g8mqeax79cj3vtdgrxxkpyw83eq920kt4crqekhwccf1qy2056sc8ew9cy7sbq7k0qdhsqjf9135dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%2526client%253Dca-pub-3208745263388354%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Thu, 19 Aug 2021 05:15:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30444
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdu3ZfKkJsoICWMZ3oWVwN0wJV-MOmSkGpS-sg-bzgC0H2JyYoOG2H6RRGBDugvtK0swUDmCRZw5CnnhDtp6VfSq50LT7g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlIEdirfkimXck4AM7%2Bz6Irn2w8QbtBt31eyycWOllbvzPMWX7%2FWx6v%2By9qK6KhBWV2Np4HY3tozFFQHwSo%2BNIIrTed5qe1tjS1JB%2FbVswje3k9uiUTk1HhKRjJJrbfrJguhbST%2BbV6Qaf%2B5"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Fri, 20 Aug 2021 05:15:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6810e6d3d9a442c9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 1C0D 2 KB
2 KB 22ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=sMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepx&g=95e810713a62af15cde1a7c0a2683caf%2F2999403134066262003&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629350100962&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23j2t0ftm9pjmdrrcg3hamsh1rxm97kr62vechtde21kwrxnc2q581tzamqyw04qq2ktpzw17har6d18rsq3cyq5rd95y5s44cry00may5n756h2f51aa72f0wgwp9q4n9fdhrqpv52387ch64rax5mx95faxfzzb9r7b3bcd9vh60yf5g8mqeax79cj3vtdgrxxkpyw83eq920kt4crqekhwccf1qy2056sc8ew9cy7sbq7k0qdhsqjf9135dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%2526client%253Dca-pub-3208745263388354%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Thu, 19 Aug 2021 05:15:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33904
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdtzW_cNBwJwx0PzFPvyPGdOpkWfR5x3pALA_j6DOJ0GFi_CLdzTtInGIndFuzwze4QywgPbgOJAUYMCKuceAVgyaxmXyw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37%2BP1TMsB9m6kP7%2FroWlAvQN%2B%2FmojBtAVWuYpmIkRuLx9%2F%2FgeZWZ77IwUrgUvLIunNhZX1hQ0iwm2DpVNDYnN93VkFA%2By%2BvMEIraBnL0E5zPAS87cr%2BTDFXFgxqbfV1CL%2BWikn5eaPtqgErW"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Fri, 20 Aug 2021 05:15:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 6810e6d3d9a642c9-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1C0D 43 B
704 B 100ms
36ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuidsMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepxasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 05:15:01 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 1C0D 38 KB
39 KB 22ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=sMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepx&g=95e810713a62af15cde1a7c0a2683caf%2F2999403134066262003&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629350100962&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23j2t0ftm9pjmdrrcg3hamsh1rxm97kr62vechtde21kwrxnc2q581tzamqyw04qq2ktpzw17har6d18rsq3cyq5rd95y5s44cry00may5n756h2f51aa72f0wgwp9q4n9fdhrqpv52387ch64rax5mx95faxfzzb9r7b3bcd9vh60yf5g8mqeax79cj3vtdgrxxkpyw83eq920kt4crqekhwccf1qy2056sc8ew9cy7sbq7k0qdhsqjf9135dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%2526client%253Dca-pub-3208745263388354%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Thu, 19 Aug 2021 05:15:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33456
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdutskbNwQUtE4yJR_IfkxwIZQCKxWAx5FuAxSG_6lIUWFWM0OebZ0dDVYDizjhDfwGiCWerGud1zIhymA2bEUU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oV2PHr6qJC3oXIBNGF0DHA9PrFBzTy7kwEE9YXhCGsSv8e8Fw2ZnlBsl3fwOaxglaDeyyTUrq9fPJEKbgp1Dwe40zUXaniKsiuxjHWQWqWmEf%2BusjUPB4t0e98mBYtJGIFerFignRGYN632D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Fri, 20 Aug 2021 05:15:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6810e6d3d9ab42c9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 1C0D 113 KB
113 KB 29ms
27ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=sMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepx&g=95e810713a62af15cde1a7c0a2683caf%2F2999403134066262003&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629350100962&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23j2t0ftm9pjmdrrcg3hamsh1rxm97kr62vechtde21kwrxnc2q581tzamqyw04qq2ktpzw17har6d18rsq3cyq5rd95y5s44cry00may5n756h2f51aa72f0wgwp9q4n9fdhrqpv52387ch64rax5mx95faxfzzb9r7b3bcd9vh60yf5g8mqeax79cj3vtdgrxxkpyw83eq920kt4crqekhwccf1qy2056sc8ew9cy7sbq7k0qdhsqjf9135dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%2526client%253Dca-pub-3208745263388354%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Thu, 19 Aug 2021 05:15:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27791
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdtGGY-TfdEBONaJWMJpwiQgyfp9ni87daPKpZZspWZ_tABGTaEHVPnClI4SlgW2BDYb9FqxdwZeTAj-6Gqcxg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kv8lWkHD%2BAj1q5bD0NkJAOkJ5ZMuT6GcoOOupb7rGf1Yl2fcLNLi8Pb%2FnXX82GFdV1c2b%2BIYQTOdm5FhTLJI7YgQpBlK7WI4yFIi0pXBtdKXzmwV7goVmOlMnc9iV7eESs9PDp2Wd5vrz9N9"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Fri, 20 Aug 2021 05:15:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6810e6d3d9ac42c9-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 1C0D 43 B
704 B 99ms
36ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuidsMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepxasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 05:15:01 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 1C0D 8 KB
9 KB 28ms
26ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=sMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepx&g=95e810713a62af15cde1a7c0a2683caf%2F2999403134066262003&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629350100962&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23j2t0ftm9pjmdrrcg3hamsh1rxm97kr62vechtde21kwrxnc2q581tzamqyw04qq2ktpzw17har6d18rsq3cyq5rd95y5s44cry00may5n756h2f51aa72f0wgwp9q4n9fdhrqpv52387ch64rax5mx95faxfzzb9r7b3bcd9vh60yf5g8mqeax79cj3vtdgrxxkpyw83eq920kt4crqekhwccf1qy2056sc8ew9cy7sbq7k0qdhsqjf9135dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%2526client%253Dca-pub-3208745263388354%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Thu, 19 Aug 2021 05:15:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 400508
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdtxzSVIJa5wj3PhN0y8BU0kW3aZvFumakmQJSXhWlpBfaVvoT0Dj1OBDv_OZQFr8a89Gelq79MufLskX2eTfA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qf10TdVVkq0dy2XXnGzpes6HZwNWnZXCa2oJSpgQ5UohhT1XKQW2%2F2hi5nXaA4RRTGK00v7JnKI3zYgkeK7vwOvOqVUvSgQ1iEJ%2F3i4Urasn9lfVXDuM7P196chbDIdne8jbZUXQenzZAj1f"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Fri, 20 Aug 2021 05:15:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6810e6d3d9ad42c9-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame 1C0D 35 KB
35 KB 28ms
27ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=sMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepx&g=95e810713a62af15cde1a7c0a2683caf%2F2999403134066262003&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629350100962&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23j2t0ftm9pjmdrrcg3hamsh1rxm97kr62vechtde21kwrxnc2q581tzamqyw04qq2ktpzw17har6d18rsq3cyq5rd95y5s44cry00may5n756h2f51aa72f0wgwp9q4n9fdhrqpv52387ch64rax5mx95faxfzzb9r7b3bcd9vh60yf5g8mqeax79cj3vtdgrxxkpyw83eq920kt4crqekhwccf1qy2056sc8ew9cy7sbq7k0qdhsqjf9135dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%2526client%253Dca-pub-3208745263388354%2526adurl%253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
date: Thu, 19 Aug 2021 05:15:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 623484
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ADPycdvvB6uzlBf85gejyOnLrDvuwZhKKXK1VpRUY0xBynHYzO5RBpdKXBT98Jm2FqkCYGe3d9ZkzSmbZtG7j1wbF8ydhTdT7A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 35504
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSkewTAiC0301NOqvgI0eP8%2FI6yqeShn8ne7TXqzW76rawQe7XJulu006Sf2uKXsJg96tPhMCVj6y9OgA0Q8adh9jkQIzZMDQeoB8HeZjbVXY4uOH%2BpRdOxvGxSNeYDBW4yxhWh8KUY0G%2Bml"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1582133835673152
content-type: image/webp
expires: Fri, 20 Aug 2021 05:15:01 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
cf-ray: 6810e6d3d9b042c9-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 1C0D
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKCs_Y-qvPICFcjvdwodtRICOg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidsMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepxasuid__dc_reach_suite02wkz&gdpr_cons...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629350101_6795d3d0-00ac-11ec-b149-692d057bce79

0
518 B

100ms
32ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629350101_6795d3d0-00ac-11ec-b149-692d057bce79
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=sMTIp0mZ4c1Xzsh55BKaErtFQ3tvGepx&g=95e810713a62af15cde1a7c0a2683caf%2F2999403134066262003&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1629350100962&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D23j2t0ftm9pjmdrrcg3hamsh1rxm97kr62vechtde21kwrxnc2q581tzamqyw04qq2ktpzw17har6d18rsq3cyq5rd95y5s44cry00may5n756h2f51aa72f0wgwp9q4n9fdhrqpv52387ch64rax5mx95faxfzzb9r7b3bcd9vh60yf5g8mqeax79cj3vtdgrxxkpyw83eq920kt4crqekhwccf1qy2056sc8ew9cy7sbq7k0qdhsqjf9135dg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCAoX80-gdYZ_AHY2y3gPe57-YBJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItMzIwODc0NTI2MzM4ODM1NKABwq7o3QPIAQmpAlGGSccAp7M-qAMBqgTVAU_QhD6gD5bvXVMZQRMqcWWYmsJDvXD4AmLyGwMAOcwzW3nXKrbASkAPNRZ7YZcBntIZ5rBZAmwzQhgl9cO7MnNVbhGTV2VPh_03w3ORm09nREqpfS7x96fOYmvUpRRAq-GASP6_v2nnJim9yIHAjFmsMibCOhmn56RCC58MaHf98sb9pXrV6KKUPKaTlcRSXj4IBqkeK_X2eMe52vUeN7GVLqLJ8c8sRbwPS63qWvnJgL8Kw-24-7-bk7MHh9M64dy_rDCootkbtHTO17YvhFvbJa4Cn4AG8bq-wcyDn7X8AaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BuoB6qbsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3XRb_ZUG8h_sBo808ONQlW6sEXZA%2526client%253Dca-pub-3208745263388354%2526adurl%253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 19 Aug 2021 05:15:00 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Thu, 19 Aug 2021 05:15:01 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1629350101_6795d3d0-00ac-11ec-b149-692d057bce79
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9C44 42 B
64 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEdd_BsllwbPm4brqt6DaqQsJ2FNPYwCS1asQnamQiN0Jkz_G06ZPhhsDuZvf49kWZRDGFoorKvuvX0ZO0ToESEN83q2-dCGeCJy3mU0ISDvgAfgh2&sig=Cg0ArKJSzI8DaY6qhJ8CEAE&id=lidar2&mcvt=1024&p=0,436,90,1164&asp=0,436,90,1164&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20210818&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=746932374&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629350099802&rpt=233&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 28ms
28ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=4019862396282742&bg=!f3ylfDjNAAZvV8FTb1c7ACkAdvg8WlLzlu4SZ6ND2Db5osVrBI90NuW5AIR63_tNbiNrGZJXKJJxrAIAAAF_UgAAAERoAQcKADSf8fzNA4Oar7OoJYfn8LkoCZxMOGTiEqXoSCE3NqTrhojZlUQuqktmMD1jMRjmeozS_CKemQKCA2ry8cHAcJLMJaSkM3Pu_e-L_0fYPFDjSMH0sZcrwGOSo0_jhoFGQeA0uleXoSPZP_HCU4hdTBvfAuOh_Im-ZXLdW9nhbTWVhwb8Odn4H_uVTadNmL_v_MORxM0Mw0YCxmYRzgJddShV3jDsIbIhl0SqLB7Zv9UGb5Q_QL4KHN7W7Vfcyu0800ssnpDpFylhmUPm38ClGarprYlX_y_6OQyQAs9sgGoUnvsupC5gh_H6R2fM0KMwMQrDipy7a0CAsJLxCqfMOywuOvnqS8X3TNPI5aPpAVE2JwGQNGnDEE-eU7liIbh5mQwEr45fNOQJ6JVbQXzaYSAuYLy-6PpM9tIUOPRMVH9ey7v7eIODTUllECBqPZ-S0soyM2LopqIRSBwPb9dsbzRdnDXty7gHsy_xSgV2V0l8QdK3lZpG7qk8Q9KFLMjEpah6hgh1VVOBZag7gTRE2vAkDjP-l49TUQ8MrHvIfvM0-TMamAIkBKURbhmfYX9irioyHFgKhjoQOoFUqvy6kNaIcbur-qCuXTZ98-kkPo1MjLSz1gku_SDnmNx6EUJR7QP0WhOCBrD_j44SgfjYilHkAThPwPiP8C6Jw1XCSWJF57wcWwLRCLkRUf41eREBnKDiMSfSP1_DqysJSf8K1UXc184E22bJclk-f2dADFdKAEkHYGoyC2vYC5bhcfrCfopUO4KmZxv7x-9FdjWIeRpY_56jcGR_Q93-reku27NHvFcUU6Z8q1Al8eppSPnJlApqngnPB67c9EhZz6tSUrmyxQxFgjit-X7DU0xENE31jNp0vMIzA1MWauumHd_EBT4UoFFIxMmfM4-cC8nR5rdbbXuuyEIMf7G_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44D0 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuAcoDLG1lFwHJP4vG-QCI7sktfvrls3QLwm7AkXXglw-o0pqN9ifxyuU5osvNJEc0vBSOG0qQJOk37BNMgwUo-a3In2x2oxe_t7e9X446-28pO5xxu&sig=Cg0ArKJSzAZ-MCj7QZJDEAE&id=lidar2&mcvt=1025&p=1009,1010,1263,1310&asp=1009,1010,1263,1310&mtos=0,1025,1025,1025,1025&tos=0,1025,0,0,0&v=20210818&bin=7&avms=nio&bs=1600,1200&mc=0.75&app=0&itpl=19&adk=1045680109&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629350099772&rpt=856&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dominionpost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 24D6 28 B
321 B 25ms
24ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
X-YouTube-Client-Version: 1.20210816.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtyZDkzLXdEMGMtbyjT0feIBg%3D%3D
X-YouTube-Ad-Signals: dt=1629350099887&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKpPU1TsePhDiUWEGXfChLRRnDnCjakcAzm9Haw9b3tFGPGNcHMtfX9nYNHC52YbNPn73o1kYQ6Pw51_mrdMTWRYfWjd6Q

Response headers

date: Thu, 19 Aug 2021 05:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:15:02 GMT

GET
H/1.1 200
OK videoplayback Show response
r3---sn-4g5e6nzs.googlevideo.com/ Frame 24D6 220 KB
221 KB 6ms
6ms XHR
audio/webm 2a00:1450:4001:4c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1629371700&ei=1OgdYYKcIcPI1gKd0pWYAw&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AIwz_w-40qSndf1Fx0TWEM3GFv1Vx4w_YbIwNBzYC8RS&itag=251&source=youtube&requiressl=yes&mh=jE&mm=31%2C29&mn=sn-4g5e6nzs%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=3&pl=50&initcwndbps=528750&vprv=1&mime=audio%2Fwebm&ns=4fcxh4X01uggFtsfWa6P1pEG&gir=yes&clen=526596&dur=30.061&lmt=1628266148717896&mt=1629349980&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=OYVIOVJQApT7kA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALIRbi8FLs0vaJGKQKrebin3st9znPvqq5kl7UwJSnx8AiBzpmT7e20nkvJ3ECPc_htnBegc8OYy5NeHPzapo0l2cQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgG6IG-K-OTi2PnzrxMCLv8AAraFTxFrOUAWykHYgXH-kCIQDRcZCF-0xuW4qXUwuTNq2v13EULY0-n2G2WPO6d6bs4g%3D%3D&alr=yes&cpn=FJGeX1Kddp6_-PNP&cver=1.20210816.0.0&range=275540-501210&rn=7&rbuf=12513

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

94825fd7446f4da0fdaebcd3b331d8ae1b1029b53dea8445c454701f76ec1715

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 05:15:04 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 225671
Last-Modified: Fri, 06 Aug 2021 16:09:08 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21296
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 19 Aug 2021 05:15:04 GMT

GET
H3-29 200 videoplayback Show response
r3---sn-4g5e6nzs.googlevideo.com/ Frame 24D6 233 KB
233 KB 6ms
6ms XHR
video/webm 2a00:1450:4001:4c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

74bb6d17f6c285474320bf25cf6902e12bd549c6a66676554ce99e26f4c5083e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 05:15:04 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238085
client-protocol: quic
last-modified: Fri, 06 Aug 2021 16:09:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21296
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Thu, 19 Aug 2021 05:15:04 GMT

GET
H3-29 204 watchtime
www.youtube.com/api/stats/ Frame 24D6 0
17 B 15ms
14ms Image
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=FJGeX1Kddp6_-PNP&docid=BGXl9YxBUWo&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FBGXl9YxBUWo%3Fautoplay%3D1%26%2Cloop%3D1%26mute%3D1%26%2522&cmt=3.576&ei=1OgdYYKcIcPI1gKd0pWYAw&fmt=243&fs=0&rt=4.002&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fwww.dominionpost.com%2F&lact=4028&cl=391075789&state=playing&vm=CAEQABgEOjJBS1JhaHdER083UWVjV3loMGdPOEpDajMtSzlSRFdWOXhyUTdkQndEODhxZXZmNk9iZ2JMQUh3MUlTOGxJTGxwUVAtdHotTUFzSkY5YnlwUThxVnh5VTRwYTd6cjVic19jZmtsaGNac09CVVlBRTZzVXhvTVFlRHVmLVJpdmJiUw&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210816.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=DE&len=31&rtn=14&afmt=251&idpj=-7&ldpj=-33&rti=4&size=300%3A315&inview=1&st=0&et=3.576&muted=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:04 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 atr Show response
www.youtube.com/api/stats/ Frame 24D6 0
19 B 17ms
17ms XHR
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=FJGeX1Kddp6_-PNP&docid=BGXl9YxBUWo&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FBGXl9YxBUWo%3Fautoplay%3D1%26%2Cloop%3D1%26mute%3D1%26%2522&cmt=4.492&ei=1OgdYYKcIcPI1gKd0pWYAw&fmt=243&fs=0&rt=4.919&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fwww.dominionpost.com%2F&lact=4945&cl=391075789&mos=1&vm=CAEQABgEOjJBS1JhaHdER083UWVjV3loMGdPOEpDajMtSzlSRFdWOXhyUTdkQndEODhxZXZmNk9iZ2JMQUh3MUlTOGxJTGxwUVAtdHotTUFzSkY5YnlwUThxVnh5VTRwYTd6cjVic19jZmtsaGNac09CVVlBRTZzVXhvTVFlRHVmLVJpdmJiUw&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210816.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=DE&len=31&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24053866%2C24060922%2C24080738%2C24082661%2C24084071%2C24090769&afmt=251&muted=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
X-YouTube-Client-Version: 1.20210816.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-YouTube-Ad-Signals: dt=1629350100333&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKpPU1TsePhDiUWEGXfChLRRnDnCjakcAzm9Haw9b3tFGPGNcHMtfX9nYNHC52YbNPn73o1kYQ6Pw51_mrdMTWRYfWjd6Q

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:05 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 24D6 28 B
197 B 16ms
16ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
X-YouTube-Client-Version: 1.20210816.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtyZDkzLXdEMGMtbyjT0feIBg%3D%3D
X-YouTube-Ad-Signals: dt=1629350100333&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C315&vis=1&wgl=true&ca_type=image&bid=ANyPxKpPU1TsePhDiUWEGXfChLRRnDnCjakcAzm9Haw9b3tFGPGNcHMtfX9nYNHC52YbNPn73o1kYQ6Pw51_mrdMTWRYfWjd6Q

Response headers

date: Thu, 19 Aug 2021 05:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Thu, 19 Aug 2021 05:15:07 GMT

GET
H/1.1 200
OK videoplayback Show response
r3---sn-4g5e6nzs.googlevideo.com/ Frame 24D6 25 KB
26 KB 6ms
6ms XHR
audio/webm 2a00:1450:4001:4c::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1629371700&ei=1OgdYYKcIcPI1gKd0pWYAw&ip=2a01%3A4f8%3A192%3A5414%3A%3A2&id=o-AIwz_w-40qSndf1Fx0TWEM3GFv1Vx4w_YbIwNBzYC8RS&itag=251&source=youtube&requiressl=yes&mh=jE&mm=31%2C29&mn=sn-4g5e6nzs%2Csn-4g5ednsr&ms=au%2Crdu&mv=m&mvi=3&pl=50&initcwndbps=528750&vprv=1&mime=audio%2Fwebm&ns=4fcxh4X01uggFtsfWa6P1pEG&gir=yes&clen=526596&dur=30.061&lmt=1628266148717896&mt=1629349980&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5311224&n=OYVIOVJQApT7kA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALIRbi8FLs0vaJGKQKrebin3st9znPvqq5kl7UwJSnx8AiBzpmT7e20nkvJ3ECPc_htnBegc8OYy5NeHPzapo0l2cQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgG6IG-K-OTi2PnzrxMCLv8AAraFTxFrOUAWykHYgXH-kCIQDRcZCF-0xuW4qXUwuTNq2v13EULY0-n2G2WPO6d6bs4g%3D%3D&alr=yes&cpn=FJGeX1Kddp6_-PNP&cver=1.20210816.0.0&range=501211-526595&rn=9&rbuf=19191

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

36aed433b74b0fd74d067f78854035ee074086c356768e015dc7d63e0e1933fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 19 Aug 2021 05:15:10 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 25385
Last-Modified: Fri, 06 Aug 2021 16:09:08 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21290
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Thu, 19 Aug 2021 05:15:10 GMT

POST
H2 204 qoe
www.youtube.com/api/stats/ Frame 24D6 0
178 B 15ms
15ms Ping
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?event=streamingstats&fmt=243&afmt=251&cpn=FJGeX1Kddp6_-PNP&ei=1OgdYYKcIcPI1gKd0pWYAw&el=embedded&docid=BGXl9YxBUWo&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002922%2C24004644%2C24007246%2C24053866%2C24060922%2C24080738%2C24082661%2C24084071%2C24090769&cl=391075789&seq=2&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210816.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=itdrm&cmt=0.395:0.007,1.170:0.744,10.001:9.574&vps=0.395:PL,10.001:PL&user_intent=0&bwm=10.001:1178005:0.500&bwe=10.001:7080802&bat=10.001:1:1&bh=10.001:30.030&df=10.001:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/a00ed734/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:10 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 watchtime
www.youtube.com/api/stats/ Frame 24D6 0
54 B 14ms
14ms Image
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=FJGeX1Kddp6_-PNP&docid=BGXl9YxBUWo&ver=2&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FBGXl9YxBUWo%3Fautoplay%3D1%26%2Cloop%3D1%26mute%3D1%26%2522&cmt=13.573&ei=1OgdYYKcIcPI1gKd0pWYAw&fmt=243&fs=0&rt=14&of=-_xhI4eL4MjOL53E0nwGhA&euri=https%3A%2F%2Fwww.dominionpost.com%2F&lact=14026&cl=391075789&state=playing&vm=CAEQABgEOjJBS1JhaHdER083UWVjV3loMGdPOEpDajMtSzlSRFdWOXhyUTdkQndEODhxZXZmNk9iZ2JMQUh3MUlTOGxJTGxwUVAtdHotTUFzSkY5YnlwUThxVnh5VTRwYTd6cjVic19jZmtsaGNac09CVVlBRTZzVXhvTVFlRHVmLVJpdmJiUw&volume=100&cbr=Chrome&cbrver=89.0.4389.72&c=WEB_EMBEDDED_PLAYER&cver=1.20210816.0.0&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&hl=en_US&cr=DE&len=31&rtn=24&afmt=251&idpj=-7&ldpj=-33&rti=14&size=300%3A315&inview=1&st=3.576&et=13.573&muted=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/BGXl9YxBUWo?autoplay=1&,loop=1&mute=1&%22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 19 Aug 2021 05:15:14 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YR3o1LY6TkgovJ3D75U9kwAAASMAAAIB&google_gid=CAESEIvkeHm18cvqWrWoOmABBjE&google_cver=1&google_push=AYg5qPJkpSnDdS4doyb4EXUEFySeo6c8d4dnHvTkSPEYzrXiuQ1qpvScscSvYiFXDo9p6C79oODoaqRFBad14W270nnXPnOonpJc&google_tc=

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: vmk8LVwQ6_A
.doubleclick.net/	1970-01-20 05:57:26	Name: IDE Value: AHWqTUn8h_7iNtVu_en5bc0k5ew7Fe8sZqTiui0oozaKvoLkbMODd0rau2Y1Gjur7Tg
.dominionpost.com/	1970-01-20 05:57:26	Name: __gads Value: ID=0ab401c3cad7c07f-22ba094badc90055:T=1629350098:S=ALNI_MaXtI0v-lr-ND58e2dMVkkFc8j8WA
www.dominionpost.com/	1970-01-19 21:19:02	Name: lp_us_his Value: %5B%7B%220%22%3A%7B%22current_time%22%3A1629335698%2C%22id%22%3A%22ref%22%2C%22url%22%3A%22Direct%20Traffic%22%7D%2C%22current_time%22%3A1629335698%2C%22id%22%3A134929%2C%22url%22%3A%22%5C%2F%5C%2Fwww.dominionpost.com%5C%2F%22%7D%5D
.dominionpost.com/	1970-01-19 22:45:26	Name: _fbp Value: fb.1.1629350098947.1029447635
.youtube.com/	1970-01-20 00:55:02	Name: VISITOR_INFO1_LIVE Value: rd93-wD0c-o
.dominionpost.com/	1970-01-20 14:07:02	Name: _ga Value: GA1.2.804797133.1629350099
.dominionpost.com/	1970-01-19 20:35:50	Name: _gat_gtag_UA_116801467_1 Value: 1
.dominionpost.com/	1970-01-19 20:37:16	Name: _gid Value: GA1.2.2096142285.1629350099

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.dominionpost.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://www.dominionpost.com/wp-content/plugins/simple-file-list/js/eeJavacripts-head.js?ver=30(Line 3) Message: eeSFL Frontside Head JS Loaded
console-api	log	URL: https://www.dominionpost.com/wp-content/plugins/simple-file-list/js/eeJavacripts-footer.js?ver=30(Line 3) Message: eeSFL Frontside Footer JS Loaded
console-api	log	URL: https://www.dominionpost.com/wp-content/plugins/simple-file-list/js/eeJavacripts-footer.js?ver=30(Line 9) Message: eeSFL Document Ready

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

566f2125eaaa65a065d84d2a3258866b.safeframe.googlesyndication.com
ad.doubleclick.net
ad4m.at
ads.paywallproject.com
adservice.google.com
adservice.google.de
adservice.google.dk
ajax.googleapis.com
api.secondstreetapp.com
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
embed.secondstreetapp.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
js.stripe.com
m.stripe.com
m.stripe.network
media.secondstreetapp.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
plausible.io
prod-rtb.ad4mat.net
r3---sn-4g5e6nzs.googlevideo.com
rtb.openx.net
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
widget.secure.ownlocal.com
www.awin1.com
www.dominionpost.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
cm.g.doubleclick.net
104.111.239.217
142.250.184.226
142.250.185.230
142.250.186.66
148.251.139.77
151.101.12.176
185.64.190.78
199.19.89.14
199.19.89.19
23.29.132.40
2600:1901:0:76b9::
2606:4700:20::ac43:4a81
2606:4700:3032::ac43:aa7a
2606:4700:3033::6815:3922
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:4c::8
2a00:1450:4001:802::2002
2a00:1450:4001:803::200e
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2001
2a00:1450:4001:811::2003
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:b0c0:3:d0::d23:4001
34.215.192.98
34.96.77.232
34.98.67.61
35.186.253.211
35.244.174.68
69.173.144.165
0144b081ca4b84f599c4d124a493835c3bcdb7cb21d813db67364eda9040d2ff
01e51940762b45561e5a0c1ea5e5ad122f4c732178d0cb428f8f4409030efb13
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
045f7c48ba7cdf177bc78ad8944d9e4298e64063ebf5144156b8c6f3ad6c46ef
051d1627bf4de5c0a0ab18cba5e980047bc3ab87d8afb5acd929b0894e93b6ff
069d53f87e828d4866f6907a145ac5a8fcf3a2139d3cb5b7509aaab090e23030
06c4cf51e21b3c2fc932ac10219f1b2e27d6387d7db1dc4665506325ecd6b9c2
076920c06c36cff84602923b47c5da27466fc48d3f35a5f0a346b83397abff66
0a3b60432bf4b89573819a3aeec59cc40710dd9b19526325f619d83ffb4d571c
0a4d3e7c518e0771ed59584e8621048d529d18bac487045f0c4bbe8da1822bd2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8c99dc7ef4a98825b029ff8a3e377e4b862647c1877794566923f64ae3fadc
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0ffdc2acbb29237e892c57264b5f2551547b743ea32292f6c1dc1476abd2dee3
10bbbb5c5ae22683c47f305bb0f2987078bf85ee76cb85e6d9bb36947e4fb3a9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13477a1af9cf16a992c9a8d1ea7ad871fa568b3bbdb9edb07edea3572c3804a5
1351b8e0d48b23b501977d5e5f33985307bcb42234c1936477aac36486e8b461
137bdadd875cc13a2fd1fedba8caafe72fb14e7fa3418504763bba06bf27f500
1476fa183bce64dbf681668acb7066773d34e31a61478c4a882c9716cb37e8e4
176b638c389c39c6a3eb3ad45cb22f33d0519aea04a25457e1cbf5fcabb76020
19841294d3dc8c573d52d514fed5646f5bd54c434c5760997385131e9b9ab34d
1a3f90cf75bccc938a5f0ac1af695aa111f25a57e63dcf96c7cdc63e353a53ad
1b968cde38087ecb1c5ece37ceed696941c3ec354aa42d20ce475012e9403798
1ca57730b6dc80be86964ff6d9e3ab48874b328d6e7f0fdd31a5758bf52756f9
1caaede84b0f251f30c7217a0102496739ee3498a8277acf4f3fc1fc1ce8f171
1dac2fbbfdf9a879919b69f21033a56d599d7f404776bb2815942c8a0384f817
238fc04b52db186a35d27a1031b4a9d60886bd2c3b722ab1906ee6ea51ae9cbb
24d425393f58f5167d68f36736be1ae57f40c77771f5de106179e333b356baa4
25c39225990bcadc17dc5724ec591bf56641bd59ead723361f7cc2ee579aaa24
284fb6cb9d91efd26afad6ef4ab6486cb1e0b0c4b1c6e8ab2b6f391a0f0669b6
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2eff29a7bc6c56c3c4e3d9bcc28df21859748a0327e359ba69d6b9c4ba71e368
2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3
307ebc1fc886fcfdf6f0d222db84172baaaab4b0d9a7d79b5c1d5fd1236081c2
30978fc0f98645c7f94fd30ab469ebd6587cd984a3f0810b884763376ff11e0b
30a2d58e5bc99ec6b7e4922f95da03b885b1273f0fd9d5a4fd8dc747780bc83f
36aed433b74b0fd74d067f78854035ee074086c356768e015dc7d63e0e1933fa
3920943abe8f70b62b3bcb24c2bd488059143d0115adb0736415f787ec386ed0
3ab7f5668e19a72b8674eb4979d70ad94f2fb339614bd82efde11d23e282e12f
3b0ccbab7e407a286a142ec905f99a84bf089773406254f35b54558e0ef7eead
3c00b719d453f5357d67bd0131c02e387e229bc1fbda0e49588f04c9408f42c1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
4028b12fd513a81a4e16d23e14c06ea331e813a63ea3a82025d6e01c68ab54fb
416172d847c270c8715b04a4bb67701aa918804ee71bd8f4ef188d8288658d39
42fd6acb3e316c99d4bedbe154a920255438a857471daaf44b6ee59762fb4407
43ee53d296fca70608f19eeda6e438cc099816e1c258e220a408ece7f67d7b53
443ba0af7a7ed827223c7fb3c008c02b9ff1d651b6492e9c270378b07d9f6008
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
47abcdf23981abd488a677c9467c3d78d51f2db0b6c8edc63d000a479652ef34
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
4a03569565580188b97a7086752c5493f347afee678e51c5b42de3f1cb78dafc
4b0e7aff2f0c0cb40d1b3a250fe2f5db8f6aa2a01d82136568078cdb0ce04a10
4b874445c1c5f287cca4f88a9b939270676c7ad03c9c7209a33a5907ae731fe0
4e3e99ae01189631482b1dc44744f37a5ebec156499c4f7221b9f96d566ea5fa
4e9ff60e99eb7a8a449158073b0cb20b5227d53cd609d1488375ce41aed57649
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
525f091870c1282bb4823f9e64192983f1652a3bbc84c97ca5e6c4f063ca6e82
548f36a597b57180bc3864f066f7a67a4a12043d37ce9c7c7f20b3a790b4c8c0
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55fc7d3913eae6fc93217cdb9a2951eadc23206418cc19bdc9e4672221fd07f2
5847707988b0ee28c7b583abaabd6c203ad910326e5b9fe12149a0bc8ac43e5c
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cb834c20a13b0051afad7ca7b33e5f1f48c0596431f5d31d47135659ee769d8
5d3bee2997787fe4e8cf9f818ad2770b23a9023cda01c3516f6afde3475eac3c
5e3679bcb50fa3c8a2742fdf4b2aa7cbdff9ab13facb4486c3cf73035c33fa93
5ebb76c89c712be76bf7c476f4668ee670695d9add91560afc5af3b4b7ea9bb9
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
635c3ace113d7f1ef0ac34c2c70c93c61121a05f053a156e5b207ed5620b1c99
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67ebf650147a9122e94ff1b25a78a82e903b92b877821c1479de69f00f59d429
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
6a6915872afa798395a56c7aa50d086cb325ff7214ad78ada3c7a96350bbad39
6a94dd7a301221c391c6319c63f7f47de0731a74d3b5a83f2630243d039d8d6a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6daf45b6020a60a8fb30ec41f36e4fd39c71542ebc0df9fae405b02f632abebc
6ede2c03c9cfd35d74a4465cfa48500fa0f08f7abba769b63ea3c723e030706b
74bb6d17f6c285474320bf25cf6902e12bd549c6a66676554ce99e26f4c5083e
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7f34b768792b90cf0b04fced2470e43d8fab7644f6565d5178fbfb49c4859cee
842277eb9e48d9dbf421e122e6c6275b6172a6706dd20d1645ee05a0b79cb951
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8b93dbab1a30324007d2b07d1c0b28b284dbef8920e3890f4735ae4e0312c622
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
94825fd7446f4da0fdaebcd3b331d8ae1b1029b53dea8445c454701f76ec1715
95d5b67a78f81f3c071b01f888c9a468c13c8288597b64c99ff829e35b51a012
9689b61f6e12ea46d19b7cc10ca575ae3f6e6cfcffbaddb155f00972fa6a7970
9a1f268230c437623f0ee09b9113c689dd214757a33b1fe584e757e154a4c2ac
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9be6923457d76debf4c512fac0a2173aaa94748868d26566515ce2a4156d083d
9d9f2e6525695d9445cac8e8a41c888fbe641add11a37ca1f06ad67c4aa921bd
9e58dbc4a774404082c9927b6ea75caf3ebc68127203e904108738351452791c
9e83b410f9fe615ae14fa0e636706a8d0ed94f7e9baea34f1af705d6ddfe6561
9fd95260ee110232e2e143adfb5c5f0df7ffee9d2513288ff4102d9e401c663c
9fe5d92227a51fae1d844f62a322c12a1996984100ed243b0fab0f1a0b847436
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ecdb9898066eca61fa947eeb0b44d834f9563bbcfba841f52436123d361a25
a489894ec426c15436990b7fc7f0386265f4ba6a3079069efaad8fb5c092dbc0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a80c09ae2a3960b99bc7021b501904742c7befc7693b6829bf6697ef6cccd3e7
a8c753c1cbe45800869cacead22b7abcb6971d9451a8173fec43c2a6946e12a9
aa8566c3dd97cb071dcb3753289dc12af1eb74a69b9ccaecf6ffff16f90545cd
ab5b86731fcd151800d2abfe97a8b303a6f7c24a47333dd3fc5e393dadb30495
b1adb8994b89709b54e755efc81c5ff10f116e9e7f2303df90d8775ff903306e
b360dc0f7b620d85a01b221bbda071a1d681af8f1799e64e425e4b48b51af0dc
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7035bdca697394ef695868eb9bd52a256f573e8e8289ba0493b1924989275f2
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc6bc53b137725de58a3b90330b871c0b219f03b0bc2e33a9abe75cbf5a3b26
c21b2c628b4ba6e6be8d7e3cdba3a862c9f947cd99b9d4062c0908ea112efd5a
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c38888888f27fd10160e834ac4f749361577e7019c2be52d641e24ee2c48dbd6
c4a8402fde1e397bcabe7467c0de035e7851eeb1bad9af5d1b67487e7d7f2a4a
c9b06202120f64c7f2847a194391a379fe2b034848e91a58a845f24b5557e624
cae73e0c8c7491e006c9f617638a8d8162ec989bde4e84cdae82ed4cb2024484
cd1cc14b59f5918e11725643ef36381b85cf569c6626fb4fdbe39c2eba9bdfe8
cd514e7bd8275d652f8a7d82f9f0ec20187bd78d3fef115b0804967b30ab4ba4
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1e6797ef853c0408c3a1f051c086f29e35954509ddddbbdf8128a5470747b37
d25ef41e4b383c4e66725c7cd79f869f243b7a9945f07cfdb44ef248f1853ac4
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d5ff1cbfad78adc9904202a46e81e6be43cbf87854233d56d5ddcde6f322f78d
d71c463d434244263921181ad7a4b010b73da80365aa44910e500fbb89d94176
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8c6a6cb581cb56e57e64928574e9e10da0e29a6732926f4f271217c2c38de86
dd89167bc390e6f556ca57b025be6e4bda27b1102ef1ae3fd4dcdd4eb6777f3a
dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df067a8cca1dd4749bf66294fc7b4743ace97b6de46b324c4edda60a283935dd
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
e2d3127da85763e024971c6192f78becbdf85db231b3d088c9f8b3777d444ede
e2e60e9eae839d6b2e857c708f6d02ae6069141594b941a1590cd5c5435d42f4
e30ce2bbde86d41585402b26d72be14a4d5901927f25a7648593fb8be6e7bcea
e37a48c7a46495908f18466988f8681e504acad46647a2116ebf4b514029c69d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e655e07f82307e1c40cd3c9524d62cfaa59f9471920ed19665bdc1efd148b660
e9c2854df4ed9f524becfad54e6195b5eda16c191275759d19186232bc624d75
eb511698fac49785aff45c9a70670fef41ad30d711bba53d514d90ab4ea740b7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1c14d1564a965b4f336c153d2cc21b2a2b2b6119de23fbb1164c2001b3f32c
ef70ecb4970df741ee9f2e9263c29566ec3c958852d64c71aa4fd7948261fd89
f099253d396ffa25675a48e190ed131f5cf0047f762790a544c2e070fee65aca
f1dbbc4be8d88ae17466b1d7a8fd7bf4f9d9b5ab492719cdea721d82cecb738d
f1f54e15ab921f8f4b22953fd81a07b5dc0872a6cd44dc359bd7c3ce36379c94
f312fce9edec54cb42bdb599f7327fb1df535d1f4e8e520587072e98bc8b549f
f45ced68b64b2a424229326b191ac09af7263528cc874d47d226afb91cea5fc5
f75ab8269e318de8cab63831d09f1364e13dddb927ff5ac183640c8d627bbc62
f7fb93be25baab4c2b51d58b3f09f34dc9ed85b00116204fb2725992fbdee0ee
f8942e3f85a6bafd83a49f12ff4e0439cf72e226d33143e2db8afcf93e84174b
fa802dfcc807a2328b9535116820441a97af865e856c4ac22a9f1977d6fe1169
fa955ece10584a09c010bb4a7cb730fb531ed95c4f883c7481cfc74514b8891f
ff3a49ad133dd749cef26307962704405fff5878cdd8820e80d36fd45c0447f0
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ffb515a2fc50a3d371a95d30756783af50c5fa34b5488a422ade9e7ca0a21529
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

www.dominionpost.com Open in urlscan Pro 23.29.132.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

220 Requests

100 %HTTPS

62 %IPv6

33 Domains

49 Subdomains

38 IPs

4 Countries

5430 kBTransfer

11416 kBSize

9 Cookies

5 Outgoing links

Redirected requests

220 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dominionpost.com Open in urlscan Pro
23.29.132.40 Public Scan

Screenshot
Live screenshot

Full Image

220
Requests

100 %
HTTPS

62 %
IPv6

33
Domains

49
Subdomains

38
IPs

4
Countries

5430 kB
Transfer

11416 kB
Size

9
Cookies

220 HTTP transactions
7 data transactions