www.spokesman.com Open in urlscan Pro
66.45.170.57 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://spokesman.com/
Effective URL:
http://www.spokesman.com/
Submission: On July 30 via manual (July 30th 2017, 3:43:31 pm UTC) from US

Summary HTTP 109 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 18 domains to perform 109 HTTP transactions. The main IP is 66.45.170.57, located in Saint Louis, United States and belongs to AS-TIERP-30340 - Tierpoint, LLC, US. The main domain is www.spokesman.com.

This is the only time www.spokesman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	66.45.170.57 66.45.170.57	30340 (AS-TIERP-...) (AS-TIERP-30340 - Tierpoint)
1	2400:cb00:204... 2400:cb00:2048:1::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
13	66.45.170.59 66.45.170.59	30340 (AS-TIERP-...) (AS-TIERP-30340 - Tierpoint)
13	172.217.22.66 172.217.22.66	15169 (GOOGLE) (GOOGLE - Google Inc.)
20	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2400:cb00:204... 2400:cb00:2048:1::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	52.85.89.66 52.85.89.66	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2600:9000:201... 2600:9000:201c:2c00:14:c3e7:6780:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:401... 2a00:1450:401b:802::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
3	23.111.9.30 23.111.9.30	54104 (AS-NETDNA) (AS-NETDNA - netDNA)
2	23.111.11.222 23.111.11.222	54104 (AS-NETDNA) (AS-NETDNA - netDNA)
1	34.201.79.55 34.201.79.55	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	52.85.89.25 52.85.89.25	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.239.168.147 54.239.168.147	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
11	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	50.112.252.101 50.112.252.101	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	151.101.112.249 151.101.112.249	54113 (FASTLY) (FASTLY - Fastly)
1	54.243.118.244 54.243.118.244	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
7	2400:cb00:204... 2400:cb00:2048:1::6813:c466	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	52.86.213.187 52.86.213.187	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
9	169.55.70.227 169.55.70.227	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
3	173.241.240.212 173.241.240.212	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
109	25

3 66.45.170.57 (Saint Louis, United States)

ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US)
PTR: 66-45-170-57.ptr.tierpoint.com

www.spokesman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6810:7baf (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 66.45.170.59 (Saint Louis, United States)

ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US)
PTR: 66-45-170-59.ptr.tierpoint.com

media.spokesman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 172.217.22.66 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra15s17-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:81c::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:cb00:2048:1::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.89.66 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-89-66.jfk6.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:201c:2c00:14:c3e7:6780:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

aamcftag.aamsitecertifier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:802::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.30 (Phoenix, United States)

ASN54104 (AS-NETDNA - netDNA, US)

asset.pagefair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.11.222 (Phoenix, United States)

ASN54104 (AS-NETDNA - netDNA, US)

asset.pagefair.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.201.79.55 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-201-79-55.compute-1.amazonaws.com

stats.pagefair.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.89.25 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-89-25.jfk6.r.cloudfront.net

d5nxst8fruw4z.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.239.168.147 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-239-168-147.fra50.r.cloudfront.net

afdae4649f27398789f31eee2255c927a.profile.fra50.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:824::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.112.252.101 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-50-112-252-101.us-west-2.compute.amazonaws.com

aamcf.aamsitecertifier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.249 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.243.118.244 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-243-118-244.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2400:cb00:2048:1::6813:c466 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.213.187 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-86-213-187.compute-1.amazonaws.com

api.circularhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 169.55.70.227 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: e3.46.37a9.ip4.static.sl-reverse.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vap3iad1.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.241.240.212 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-212.xa.dc.openx.org

us-ads.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	588 KB
16	spokesman.com www.spokesman.com media.spokesman.com	370 KB
11	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net Failed	96 KB
9	lijit.com ap.lijit.com gslbeacon.lijit.com Failed vap3iad1.lijit.com	34 KB
7	cloudflare.com cdnjs.cloudflare.com	20 KB
4	pagefair.com asset.pagefair.com stats.pagefair.com	5 KB
3	openx.net us-ads.openx.net us-u.openx.net Failed	20 KB
3	google-analytics.com www.google-analytics.com	13 KB
3	aamsitecertifier.com aamcftag.aamsitecertifier.com aamcf.aamsitecertifier.com	15 KB
3	cloudfront.net d31qbv1cthcecs.cloudfront.net d5nxst8fruw4z.cloudfront.net afdae4649f27398789f31eee2255c927a.profile.fra50.cloudfront.net	4 KB
2	pagefair.net asset.pagefair.net	229 B
2	googleadservices.com partner.googleadservices.com	54 KB
2	unpkg.com unpkg.com	82 KB
1	circularhub.com api.circularhub.com
1	chartbeat.net ping.chartbeat.net	43 B
1	chartbeat.com static.chartbeat.com	13 KB
1	google.de www.google.de	60 B
1	googletagmanager.com www.googletagmanager.com	21 KB
109	18

	Domain	Requested by
20	tpc.googlesyndication.com	partner.googleadservices.com
13	media.spokesman.com	www.spokesman.com www.google-analytics.com
11	pagead2.googlesyndication.com	securepubads.g.doubleclick.net partner.googleadservices.com www.spokesman.com ap.lijit.com pagead2.googlesyndication.com
11	securepubads.g.doubleclick.net	partner.googleadservices.com securepubads.g.doubleclick.net www.spokesman.com
7	ap.lijit.com	www.spokesman.com ap.lijit.com us-ads.openx.net
7	cdnjs.cloudflare.com	media.spokesman.com
3	us-ads.openx.net	www.spokesman.com us-ads.openx.net
3	asset.pagefair.com	www.spokesman.com asset.pagefair.com
3	www.google-analytics.com	www.spokesman.com
3	www.spokesman.com	media.spokesman.com
2	vap3iad1.lijit.com	www.spokesman.com
2	asset.pagefair.net	www.spokesman.com
2	aamcftag.aamsitecertifier.com	www.spokesman.com aamcftag.aamsitecertifier.com
2	partner.googleadservices.com	www.spokesman.com media.spokesman.com
2	unpkg.com	www.spokesman.com
1	api.circularhub.com	media.spokesman.com
1	ping.chartbeat.net	www.spokesman.com
1	static.chartbeat.com	www.spokesman.com
1	aamcf.aamsitecertifier.com	www.spokesman.com
1	afdae4649f27398789f31eee2255c927a.profile.fra50.cloudfront.net	www.spokesman.com
1	d5nxst8fruw4z.cloudfront.net	www.spokesman.com
1	stats.pagefair.com	media.spokesman.com
1	www.google.de	www.spokesman.com
1	d31qbv1cthcecs.cloudfront.net	www.spokesman.com
1	www.googletagmanager.com	www.spokesman.com
0	us-u.openx.net Failed	us-ads.openx.net
0	googleads.g.doubleclick.net Failed	pagead2.googlesyndication.com
0	gslbeacon.lijit.com Failed	ap.lijit.com
109	28

This site contains links to these domains. Also see Links.

Domain
www.legacy.com
www.spokesmanclassifieds.com
data.spokesman.com
www.spokesmanhomes.com
www.spokesmanjobs.com
www.spokesmanautos.com
www.spokane7.com
www.facebook.com
twitter.com
secure3.spokesman.com
pics.spokesman.com

Subject Issuer	Validity	Valid
ssl714328.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2017-01-25` - `2018-01-03`	a year	crt.sh
*.googleadservices.com Google Internet Authority G2	`2017-07-19` - `2017-10-11`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G2	`2017-07-19` - `2017-10-11`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-07-19` - `2017-10-11`	3 months	crt.sh
*.cloudfront.net Symantec Class 3 Secure Server CA - G4	`2016-10-26` - `2017-12-17`	a year	crt.sh
www.google.de Google Internet Authority G2	`2017-07-19` - `2017-10-11`	3 months	crt.sh
*.pagefair.com Gandi Standard SSL CA 2	`2016-11-02` - `2018-11-20`	2 years	crt.sh
*.pagefair.net Gandi Standard SSL CA 2	`2016-11-02` - `2018-12-06`	2 years	crt.sh
tpc.googlesyndication.com Google Internet Authority G2	`2017-07-19` - `2017-10-11`	3 months	crt.sh
*.googleusercontent.com Google Internet Authority G2	`2017-07-19` - `2017-10-11`	3 months	crt.sh

This page contains 18 frames:

Primary Page: http://www.spokesman.com/
Frame ID: 3892.1
Requests: 53 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4100456384710745&output=json_html&callback=callbackProxy&impl=fifs&json_a=1&eid=108809080&sc=0&sfv=1-0-4&iu_parts=1009641%2CSpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100%2CSpokesmanDesktop_ROS_Catfish_728x90%2CSpokesman_Weather_Tile_Sponsor_120x60%2CSpokesman_Weather_TileSponsor2_120x60%2CSpokesman_homepage_top_300x250%2CSpokesman_homepage_728x90%2CSpokesmanDesktop_Homepage_Dashboard_300x250%2CSpokesmanDesktop_homepage_1_728x90%2CSpokesmanDesktop_homepage_2_728x90%2CSpokesmanDesktop_homepage_3_728x90%2CSpokesmanDesktop_homepage_4_728x90%2CSpokesmanDesktop_homepage_5_728x90%2CSpokesmanDesktop_homepage_6_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13&prev_iu_szs=1280x100%2C728x90%2C120x60%2C120x60%2C300x600%7C300x250%2C728x90%2C300x250%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90&cookie_enabled=1&lmt=1501429400&dt=1501429400184&cc=100&frm=20&biw=1600&bih=1200&oid=3&adks=2404035854%2C2822441466%2C1762246593%2C3389208236%2C3725654123%2C883754903%2C811898262%2C3635373852%2C2447737946%2C2531107668%2C1664192154%2C3482071979%2C1833218824&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.spokesman.com%2F&dssz=15&icsg=2&std=0&csl=85&vrg=92&vrp=92&ga_vid=962834169.1501429400&ga_sid=1501429400&ga_hid=588304174
Frame ID: 3892.3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 3892.5
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 3892.9
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 3892.2
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 3892.4
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 3892.6
Requests: 6 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-4/html/container.html
Frame ID: 3892.10
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 3892.7
Requests: 5 HTTP requests in this frame

Frame: http://ap.lijit.com/www/delivery/js/fpi.js
Frame ID: 3892.14
Requests: 17 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-4/html/container.html
Frame ID: 3892.16
Requests: 1 HTTP requests in this frame

Frame: http://tpc.googlesyndication.com/safeframe/1-0-4/html/container.html
Frame ID: 3892.18
Requests: 1 HTTP requests in this frame

Frame: http://gslbeacon.lijit.com/beacon?viewId=a_330890_d162c0632b7044ccb6cecd65372377ff&rand=2362&informer=10723324&type=fpads&loc=http%3A%2F%2Fwww.spokesman.com%2F&v=1.2
Frame ID: 3892.22
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20170726/r20170110/zrt_lookup.html
Frame ID: 3892.24
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170726/r20170110/show_ads_impl.js
Frame ID: 3892.23
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779652122014728&format=728x90&output=html&h=90&slotname=6677580301&adk=2173826815&adf=3183824144&w=728&lmt=1501429404&ea=0&flash=0&url=http%3A%2F%2Fwww.spokesman.com%2F&wgl=1&dt=1501429404165&bpp=9&bdt=1097&fdt=11&idt=80&shv=r20170726&cbv=r20170110&saldr=aa&correlator=3675677590329&frm=23&ga_vid=962834169.1501429400&ga_sid=1501429404&ga_hid=287010403&ga_fc=0&pv=2&iag=15&icsg=2&nhd=2&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=4246&biw=1585&bih=1200&isw=728&ish=90&ifk=1304392907&eid=575144605%2C389613000&oid=3&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=1&ifi=1&dtd=100
Frame ID: 3892.25
Requests: 1 HTTP requests in this frame

Frame: http://us-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 3892.26
Requests: 1 HTTP requests in this frame

Frame: http://us-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590
Frame ID: 3892.27
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

109
Requests

41 %
HTTPS

38 %
IPv6

18
Domains

28
Subdomains

25
IPs

2
Countries

1335 kB
Transfer

2951 kB
Size

13
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://www.legacy.com/obituaries/spokesman/
Title: Obits

Search URL Search Domain Scan URL

URL: http://www.spokesmanclassifieds.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: http://data.spokesman.com/
Title: data.spokesman.com

Search URL Search Domain Scan URL

URL: http://www.spokesmanhomes.com/
Title: Homes/Rentals

Search URL Search Domain Scan URL

URL: http://www.spokesmanjobs.com/
Title: Spokane Jobs

Search URL Search Domain Scan URL

URL: http://www.spokesmanautos.com/
Title: Spokane Autos

Search URL Search Domain Scan URL

URL: http://www.spokane7.com/reader-photos/recreate-your-memories-silverwood-theme-park/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/spokesmanreview/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/SpokesmanReview
Title: Twitter

Search URL Search Domain Scan URL

URL: https://secure3.spokesman.com/customer/addrfind.html
Title: Print edition home delivery

Search URL Search Domain Scan URL

URL: https://secure3.spokesman.com/customer/contact.html
Title: Subscriber Services

Search URL Search Domain Scan URL

URL: http://pics.spokesman.com/
Title: Buy photo reprints

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 15

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

Request 16

http://www.google-analytics.com/plugins/ua/linkid.js
https://www.google-analytics.com/plugins/ua/linkid.js

Request 19

http://www.google-analytics.com/collect?v=1&_v=j56&a=588304174&t=pageview&_s=1&dl=http%3A%2F%2Fwww.spokesman.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Busi...
https://www.google-analytics.com/collect?v=1&_v=j56&a=588304174&t=pageview&_s=1&dl=http%3A%2F%2Fwww.spokesman.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Bus...

Request 20

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-230256-14&cid=962834169.1501429400&jid=1194362561&_v=j56&z=1411227755
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-230256-14&cid=962834169.1501429400&jid=1194362561&_v=j56&z=1411227755&slf_rd=1&random=3357635236

Request 32

http://cloudfront-labs.amazonaws.com/x.png
http://afdae4649f27398789f31eee2255c927a.profile.fra50.cloudfront.net/test.png

Request 89

http://ap.lijit.com/www/delivery/fpi.js?z=330890&u=spokesman&width=728&height=90
http://ap.lijit.com/www/delivery/js/fpi.js

Request 98

http://us-ads.openx.net/w/1.0/acj?ai=f2fa64d8-3e11-4837-ad56-89668bbacb1d&o=5977328219&callback=OX_5977328219&ju=http%3A//www.spokesman.com/&jr=&auid=536471&dims=1600x1200&adxy=429%2C4246&res=1600x...
http://us-ads.openx.net/w/1.0/acj?cc=1&ai=f2fa64d8-3e11-4837-ad56-89668bbacb1d&o=5977328219&callback=OX_5977328219&ju=http%3A//www.spokesman.com/&jr=&auid=536471&dims=1600x1200&adxy=429%2C4246&res=...

109 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.spokesman.com/
Redirect Chain

http://spokesman.com/
http://www.spokesman.com/

90 KB
18 KB

1371ms
1208ms

Document
text/html

66.45.170.57
Tierpoint

General

Check archive.org

Show headers Download Go to

Full URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.57 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-57.ptr.tierpoint.com
Software: nginx /
Resource Hash: cd6180864a6995021fe409cf1865e2f4fe5fe0add04a60ca8eaee3b4daf71cea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:19 GMT
Content-Encoding: gzip
Server: nginx
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=utf-8
X-Beatles: AP5http
Connection: keep-alive
Content-Length: 18853

Redirect headers

Date: Sun, 30 Jul 2017 15:43:18 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1
Location: http://www.spokesman.com/
Connection: keep-alive
Content-Length: 192

GET
S 200 font-awesome.min.css
unpkg.com/font-awesome@4.7.0/css/ 30 KB
7 KB 37ms
12ms Stylesheet
text/css 2400:cb00:2048:1::6810:7baf
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/font-awesome@4.7.0/css/font-awesome.min.css

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7baf , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

cf-ray: 38696ed338266379-FRA
date: Sun, 30 Jul 2017 15:43:19 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare-nginx
status: 200
etag: W/"7918-157f89cb0e8"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
expires: Mon, 30 Jul 2018 15:43:19 GMT

GET
H/1.1 200
OK style.min.82e0067b7c64.css
media.spokesman.com/static/sv3/css/ 221 KB
37 KB 322ms
159ms Stylesheet
text/css 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to

Full URL: http://media.spokesman.com/static/sv3/css/style.min.82e0067b7c64.css
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: 841ce796952da6a9bb24e12cea09cfd86ff900c409e91838b5ae151716d36900

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:19 GMT
Content-Encoding: gzip
Last-Modified: Sat, 29 Jul 2017 00:07:31 GMT
Server: nginx
ETag: "580995895"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37870
Expires: Mon, 30 Jul 2018 15:43:19 GMT

GET
H/1.1 200
OK header.min.b58adcd0297c.js Show response
media.spokesman.com/static/sv3/js/ 95 KB
34 KB 327ms
161ms Script
text/javascript 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to

Full URL: http://media.spokesman.com/static/sv3/js/header.min.b58adcd0297c.js
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: 3709a08de273ed33504e05902f3cc77e283c1b0a51d589ae0354dc6ed9173ca9

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:19 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Aug 2016 21:52:58 GMT
Server: nginx
ETag: "2331320571"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34476
Expires: Mon, 30 Jul 2018 15:43:19 GMT

GET
S 200 google_service.js Show response
partner.googleadservices.com/gampad/ 6 KB
3 KB 47ms
25ms Script
text/javascript 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/google_service.js

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

039e945b772448e04b62d6adcedd042f4656121b1c030132de6c84cb2ba47d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Sun, 30 Jul 2017 15:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14911035131390014692
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=3600
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 2680
x-xss-protection: 1; mode=block
expires: Sun, 30 Jul 2017 15:43:19 GMT

GET
H/1.1 200
OK spokesman-logo.png
media.spokesman.com/static/sv3/img/ 7 KB
7 KB 159ms
159ms Image
image/png 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.spokesman.com/static/sv3/img/spokesman-logo.png
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: 67991063f738bdff89fdd005760d6183eb36b64b92fef1ec784fdcc25fd3abe4

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Last-Modified: Thu, 13 Apr 2017 21:55:14 GMT
Server: nginx
ETag: "3275760913"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7029

GET
H/1.1 200
OK footer.min.6fd83a75431f.js Show response
media.spokesman.com/static/sv3/js/ 71 KB
20 KB 162ms
161ms Script
text/javascript 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to

Full URL: http://media.spokesman.com/static/sv3/js/footer.min.6fd83a75431f.js
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: 15cc8f536904e07e9e273ddff5010e0747a32c99dddbfff8d149e5d67fd20237

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2017 19:10:04 GMT
Server: nginx
ETag: "1010373519"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20584
Expires: Mon, 30 Jul 2018 15:43:20 GMT

GET
H/1.1 200
OK pubads_impl_92.js Show response
partner.googleadservices.com/gpt/ 151 KB
52 KB 12ms
6ms Script
text/javascript 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://partner.googleadservices.com/gpt/pubads_impl_92.js

Requested by

Host: media.spokesman.com
URL: http://media.spokesman.com/static/sv3/js/header.min.b58adcd0297c.js

Protocol

HTTP/1.1

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

sffe /

Resource Hash

efbd3a5837e447cea00f6d47dd33b4b8b939701a47f52a4d4374bab2dcd4db50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 11 May 2017 03:41:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 22 Jul 2016 18:13:10 GMT
Server: sffe
Age: 6955321
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, immutable, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 52945
X-XSS-Protection: 1; mode=block
Expires: Fri, 11 May 2018 03:41:19 GMT

GET
H/1.1 200
OK container.html
tpc.googlesyndication.com/safeframe/1-0-4/html/ 4 KB
2 KB 12ms
6ms Other
text/html 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/safeframe/1-0-4/html/container.html

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

cb18abd95f09251fc7d4bf28a4338a1df51f4b6fdf403055b75d778374127c7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Purpose: prefetch
Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Thu, 11 May 2017 01:47:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 May 2016 23:11:56 GMT
Server: sffe
Age: 6962122
Vary: Accept-Encoding
Content-Type: text/html
Cache-Control: public, immutable, max-age=31536000
Accept-Ranges: bytes
Content-Length: 1736
X-XSS-Protection: 1; mode=block
Expires: Fri, 11 May 2018 01:47:58 GMT

GET
S 200 google_ads.js Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
21 KB 41ms
28ms Script
text/javascript 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/google_ads.js

Requested by

Host: partner.googleadservices.com
URL: https://partner.googleadservices.com/gampad/google_service.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

42495762f50b26fc8ce93773d979552d8f1e254259dd7022d96378e9ce8e9edd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 30 Jul 2017 15:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
etag: 2364520021040975816
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=3600
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 21635
x-xss-protection: 1; mode=block
expires: Sun, 30 Jul 2017 15:43:20 GMT

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 54 KB
21 KB 38ms
14ms Script
application/javascript 2a00:1450:4001:81c::2008
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5P9SH6

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

2beca87bd90b7d26dd1cf5317e5e655b45411320b946af572731d61139a8f3a7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Sun, 30 Jul 2017 15:43:20 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 21034
x-xss-protection: 1; mode=block
expires: Sun, 30 Jul 2017 15:43:20 GMT

GET
S 200 fontawesome-webfont.woff2
unpkg.com/font-awesome@4.7.0/fonts/ 75 KB
75 KB 322ms
308ms Font
application/font-woff2 2400:cb00:2048:1::6810:7aaf
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/font-awesome@4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:7aaf , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Referer: https://unpkg.com/font-awesome@4.7.0/css/font-awesome.min.css
Origin: http://www.spokesman.com

Response headers

date: Sun, 30 Jul 2017 15:43:20 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
server: cloudflare-nginx
status: 200
etag: W/"12d68-157f89cb0e8"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 38696ed71e9363bb-FRA
content-length: 77160
expires: Mon, 30 Jul 2018 15:43:20 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3892 320 KB
75 KB 350ms
350ms Script
text/javascript 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&correlator=4100456384710745&output=json_html&callback=callbackProxy&impl=fifs&json_a=1&eid=108809080&sc=0&sfv=1-0-4&iu_parts=1009641%2CSpokesmanDesktop_SuperLeaderBoard_HomePage_1280x100%2CSpokesmanDesktop_ROS_Catfish_728x90%2CSpokesman_Weather_Tile_Sponsor_120x60%2CSpokesman_Weather_TileSponsor2_120x60%2CSpokesman_homepage_top_300x250%2CSpokesman_homepage_728x90%2CSpokesmanDesktop_Homepage_Dashboard_300x250%2CSpokesmanDesktop_homepage_1_728x90%2CSpokesmanDesktop_homepage_2_728x90%2CSpokesmanDesktop_homepage_3_728x90%2CSpokesmanDesktop_homepage_4_728x90%2CSpokesmanDesktop_homepage_5_728x90%2CSpokesmanDesktop_homepage_6_728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13&prev_iu_szs=1280x100%2C728x90%2C120x60%2C120x60%2C300x600%7C300x250%2C728x90%2C300x250%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90%2C728x90&cookie_enabled=1&lmt=1501429400&dt=1501429400184&cc=100&frm=20&biw=1600&bih=1200&oid=3&adks=2404035854%2C2822441466%2C1762246593%2C3389208236%2C3725654123%2C883754903%2C811898262%2C3635373852%2C2447737946%2C2531107668%2C1664192154%2C3482071979%2C1833218824&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fwww.spokesman.com%2F&dssz=15&icsg=2&std=0&csl=85&vrg=92&vrp=92&ga_vid=962834169.1501429400&ga_sid=1501429400&ga_hid=588304174

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

74dcaa180496943578560343c8cefe472fa3ed385d5df503c8d6254fa7cf896b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Sun, 30 Jul 2017 15:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 76466
x-xss-protection: 1; mode=block
google-lineitem-id: 832459451,844594691,4365404769,788988131,817659011,-1,832485251,764894651,-1,-1,-2,-2,-2
pragma: no-cache
server: cafe
google-creative-id: 138207025996,126910963931,124902802691,118062229811,138206833720,-1,138207026029,108136292891,-1,-1,-2,-2,-2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 465 B
345 B 29ms
29ms Script
text/javascript 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?correlator=1367742552843196&output=json_html&callback=GA_googleSetAdContentsBySlotForSync&impl=s&ic=0&eid=108809087&client=ca-pub-9779652122014728&slotname=Spokesman_Home_Sticky&page_slots=Spokesman_Home_Sticky&cookie_enabled=1&url=http%3A%2F%2Fwww.spokesman.com%2F&lmt=1501429400&dt=1501429400214&cc=100&biw=1600&bih=1200&adk=3240258327&adx=0&ady=222&ifi=15&oid=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&flash=0&gads=v2&ga_vid=190537575.1501429400&ga_sid=1501429400&ga_hid=1439835684

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/google_ads.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

df1cb93efb4d5dbaa99499a0f935375e389cc12b9f1d26d2108aece94674a26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 30 Jul 2017 15:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 327
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
4 KB 277ms
90ms Script
application/javascript 52.85.89.66
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.89.66 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-89-66.jfk6.r.cloudfront.net
Software: nginx /
Resource Hash: 398069370dab6c67e90d564d327519cea13b0a98f503efab8c93ef762f2fb2dc

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Wed, 08 Mar 2017 09:12:11 GMT
Via: 1.1 0f0049492e2872b6e133c50b6cc7be4b.cloudfront.net (CloudFront)
Last-Modified: Sat, 10 Sep 2016 04:33:45 GMT
Server: nginx
Age: 2097069
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3725
X-Amz-Cf-Id: rp0fE9DRZAhhizdklB2-EtQEfXc6r6Mb1AWqgBzu3lmilgYojvm5vw==
Expires: Fri, 07 Apr 2017 09:12:11 GMT

GET
H/1.1 200
OK aam.js Show response
aamcftag.aamsitecertifier.com/ 42 KB
15 KB 478ms
86ms Script
application/javascript 2600:9000:201c:2c00:14:c3e7:6780:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://aamcftag.aamsitecertifier.com/aam.js
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 2600:9000:201c:2c00:14:c3e7:6780:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7ed79fc0d90214b42878dc519ed333ea7eb1f6f20b3f4949904d19264630f9a

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 10 Jul 2017 19:14:11 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Jul 2017 19:13:51 GMT
Server: AmazonS3
Age: 73747
ETag: "c2144a9a881510ccdd10f1fc523f886d"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 b7c3cbb5c341d39495b423af981f2a5d.cloudfront.net (CloudFront)
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15424
X-Amz-Cf-Id: 83Ztk9VwvjtCGMHQ3eykg3cLYv1hc5keXGTEHVyGJUiDdDViGn8kog==
x-amz-meta-s3b-last-modified: 20170710T191203Z

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

29 KB
12 KB

18ms
6ms

Script
text/javascript

2a00:1450:4001:81c::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 06 Jun 2017 00:25:39 GMT
server: Golfe2
age: 2158
date: Sun, 30 Jul 2017 15:07:22 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 12343
expires: Sun, 30 Jul 2017 17:07:22 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
S

200

linkid.js Show response
www.google-analytics.com/plugins/ua/
Redirect Chain

http://www.google-analytics.com/plugins/ua/linkid.js
https://www.google-analytics.com/plugins/ua/linkid.js

2 KB
865 B

6ms
6ms

Script
text/javascript

2a00:1450:4001:81c::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Sun, 30 Jul 2017 15:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 568
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 856
x-xss-protection: 1; mode=block
expires: Sun, 30 Jul 2017 16:33:52 GMT

Redirect headers

Location: https://www.google-analytics.com/plugins/ua/linkid.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK teaser_t1600.jpg
media.spokesman.com/photos/2017/07/29/ 32 KB
32 KB 160ms
160ms Image
image/jpeg 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.spokesman.com/photos/2017/07/29/teaser_t1600.jpg?7069ba40fbaaac516a183c628ebd5873d2210447
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: d9565e9697db0cc8d768f672d02b02c39cdd33130c72a25d4aa20fe3ae3d778d

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Last-Modified: Sun, 30 Jul 2017 02:10:26 GMT
Server: nginx
ETag: "1751032807"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32565
Expires: Tue, 01 Aug 2017 15:43:20 GMT

GET
S 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 310 B
236 B 28ms
28ms Script
text/javascript 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?correlator=1367742552843196&output=json_html&callback=GA_googleSetAdContentsBySlotForSync&impl=s&ic=0&eid=108809087&client=ca-pub-9779652122014728&slotname=Spokesman_homepage_peelback&page_slots=Spokesman_Home_Sticky%2CSpokesman_homepage_peelback&cookie=ID%3D905568aa3361aeab%3AT%3D1501429400%3AS%3DALNI_MZCQpaM1GolA87c0RCW00MSmRMAlA&cookie_enabled=1&url=http%3A%2F%2Fwww.spokesman.com%2F&lmt=1501429400&dt=1501429400352&cc=100&biw=1585&bih=1200&adk=448328312&adx=0&ady=0&ifi=16&oid=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&flash=0&gads=v2&ga_vid=190537575.1501429400&ga_sid=1501429400&ga_hid=1439835684

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/google_ads.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

79813dea795083a7db7cf2ad896c1f6cdd0194e57d06c523a8f264b0791faad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 30 Jul 2017 15:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 218
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j56&a=588304174&t=pageview&_s=1&dl=http%3A%2F%2Fwww.spokesman.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Busi...
https://www.google-analytics.com/collect?v=1&_v=j56&a=588304174&t=pageview&_s=1&dl=http%3A%2F%2Fwww.spokesman.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Bus...

35 B
44 B

6ms
6ms

Image
image/gif

2a00:1450:4001:81c::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j56&a=588304174&t=pageview&_s=1&dl=http%3A%2F%2Fwww.spokesman.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAgEIh~&jid=1194362561&gjid=811919139&cid=962834169.1501429400&tid=UA-230256-14&_gid=1028652639.1501429400&gtm=GTM-5P9SH6&cd3=0&z=1307682821

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Jul 2017 23:05:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 232687
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j56&a=588304174&t=pageview&_s=1&dl=http%3A%2F%2Fwww.spokesman.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aCjAgEIh~&jid=1194362561&gjid=811919139&cid=962834169.1501429400&tid=UA-230256-14&_gid=1028652639.1501429400&gtm=GTM-5P9SH6&cd3=0&z=1307682821
Non-Authoritative-Reason: HSTS

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-230256-14&cid=962834169.1501429400&jid=1194362561&_v=j56&z=1411227755
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-230256-14&cid=962834169.1501429400&jid=1194362561&_v=j56&z=1411227755&slf_rd=1&random=3357635236

42 B
60 B

82ms
41ms

Image
image/gif

2a00:1450:401b:802::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-230256-14&cid=962834169.1501429400&jid=1194362561&_v=j56&z=1411227755&slf_rd=1&random=3357635236

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:802::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 30 Jul 2017 15:43:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 30 Jul 2017 15:43:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-230256-14&cid=962834169.1501429400&jid=1194362561&_v=j56&z=1411227755&slf_rd=1&random=3357635236
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK delete.png
media.spokesman.com/ads/ads-img/ 3 KB
3 KB 161ms
161ms Image
image/png 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.spokesman.com/ads/ads-img/delete.png
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: d01d3386939e81d103dd35f897772e0d4556b3731c6ed8385bd70646ab124a7c

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Last-Modified: Tue, 22 Mar 2016 16:34:25 GMT
Server: nginx
ETag: "211324448"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3520

GET
H/1.1 200
OK measure.min.js Show response
asset.pagefair.com/ 11 KB
5 KB 31ms
7ms Script
application/x-javascript 23.111.9.30
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.pagefair.com/measure.min.js
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.30 Phoenix, United States, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 100770ceb57c9e10d5283206c1ae0b2b9653a0433021f48e9808751d3900c384

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2017 09:32:51 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: DC809EE1C5202040
ETag: "a0622f0694c6162047ec528b9a8b0704"
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4825
x-amz-id-2: t2MCIJ1ujzwwYBbinsl8l1Vse6TYOOwL8D+ZiveJOrzr/288PTsCLcVKxk0/g9wQ7PA5TsO4WDo=

GET
H/1.1 200
OK ads.min.js Show response
asset.pagefair.net/ 0
0 33ms
9ms Script
application/x-javascript 23.111.11.222
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: https://asset.pagefair.net/ads.min.js
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.11.222 Phoenix, United States, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2017 09:32:52 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: A9EF488CEA67A4C9
ETag: "8d6bcedcf571298a6e15eac1b15a542a"
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31
x-amz-id-2: tRwqe0Mtkp7jKeXMPaq52iU1V6oQmNo5ZLlk5cMcCkE57bxvNUixH1FbusICOlud3pkN68o4bHs=

GET
H/1.1 200
OK adsense.js Show response
asset.pagefair.com/adimages/ 0
0 15ms
7ms Script
application/x-javascript 23.111.9.30
netDNA

General

Check archive.org

Show headers Download Go to

Full URL: http://asset.pagefair.com/adimages/adsense.js
Requested by: Host: asset.pagefair.com
URL: https://asset.pagefair.com/measure.min.js
Protocol: HTTP/1.1
Server: 23.111.9.30 Phoenix, United States, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2017 09:32:51 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 424D538DA4A0362E
ETag: "fad38c838e15141e61b1a05e027e6923"
X-Cache: HIT
Content-Type: application/x-javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31
x-amz-id-2: KVjS4AKk3belVllDyQjfbudrvUvoWpqUu8ITXBSGOPvG/YlxQdVoCkpjrQ32fywEggHLnYhQcqo=

GET
H/1.1 200
OK textlink-ads.jpg
asset.pagefair.net/adimages/ 518 B
229 B 18ms
9ms Image
image/jpeg 23.111.11.222
netDNA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asset.pagefair.net/adimages/textlink-ads.jpg
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 23.111.11.222 Phoenix, United States, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 87bc265dda5e31597442c420def76eeadb5c516d016213a47f570c65d5558b72

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2017 09:32:52 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 9A38469C2C878D8D
ETag: "eb7e55f5218440a225c580fdcd7ccbde"
X-Cache: HIT
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 229
x-amz-id-2: RpKrwMf23pkMy6dJ/5thwZm+gNF2K8f6WIzitVdEJo6iVL0jsXgvlttZegOiFywL5TayNgZKxss=

GET
H/1.1 200
OK textlink-ads.jpg
asset.pagefair.com/adimages/ 518 B
229 B 18ms
9ms Image
image/jpeg 23.111.9.30
netDNA

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://asset.pagefair.com/adimages/textlink-ads.jpg
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 23.111.9.30 Phoenix, United States, ASN54104 (AS-NETDNA - netDNA, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 87bc265dda5e31597442c420def76eeadb5c516d016213a47f570c65d5558b72

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Apr 2017 09:32:51 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 3A75341FF803C98B
ETag: "eb7e55f5218440a225c580fdcd7ccbde"
X-Cache: HIT
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 229
x-amz-id-2: 2h3yuDHxNq1YU/Ay/Zb+tcEXHVlo189fnNoZmn3e+Aa11k3WM9vb4WN2Ro9dYO/QfWw2nODAtbU=

GET
H/1.1 200
OK Vanessa_Schultz_17_.JPG_v1170x658.jpg
media.spokesman.com/photos/2017/07/29/ 117 KB
117 KB 271ms
162ms Image
image/jpeg 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.spokesman.com/photos/2017/07/29/Vanessa_Schultz_17_.JPG_v1170x658.jpg?4abb7fdbe387e89446e10d34382b74649e0da645
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: 011a0fd5a876d2c85c85c0999225e34de706cc8fef86ae44b4dff43ac62198b1

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Last-Modified: Sun, 30 Jul 2017 07:08:10 GMT
Server: nginx
ETag: "2780504735"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 119503
Expires: Tue, 01 Aug 2017 15:43:20 GMT

GET
H/1.1 200
OK pinball_v530x298.jpg
media.spokesman.com/photos/2017/07/28/ 20 KB
20 KB 323ms
162ms Image
image/jpeg 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.spokesman.com/photos/2017/07/28/pinball_v530x298.jpg?d668dc2e4502450da93bb6f8620ddce7a25a08d8
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: c40997ef90cf1406fa8b6825d8f252e8c1c6907db58c94e04732e609c15957dc

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Last-Modified: Sun, 30 Jul 2017 07:08:05 GMT
Server: nginx
ETag: "646216401"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20859
Expires: Tue, 01 Aug 2017 15:43:20 GMT

GET
H/1.1 200
OK SRX_SKYFEST_7_t1140_6MvfNuZ_v530x298.jpg
media.spokesman.com/photos/2017/07/29/ 7 KB
7 KB 323ms
162ms Image
image/jpeg 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.spokesman.com/photos/2017/07/29/SRX_SKYFEST_7_t1140_6MvfNuZ_v530x298.jpg?d668dc2e4502450da93bb6f8620ddce7a25a08d8
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: f44c6fde1481864a531e8c349f9606e9bc85c56c07b9e2e9b243f856a6ddccaf

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Last-Modified: Sun, 30 Jul 2017 02:25:31 GMT
Server: nginx
ETag: "3903718949"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7114
Expires: Tue, 01 Aug 2017 15:43:20 GMT

GET
H/1.1 200
OK a.js Show response
stats.pagefair.com/stats/page_view_event/AA9FECCE8087488D/ 25 B
25 B 200ms
102ms XHR
application/javascript 34.201.79.55
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://stats.pagefair.com/stats/page_view_event/AA9FECCE8087488D/a.js?wl_div_hid_t0=0&div_hid_t0=0&s_blk=0&wl_i_blk=0&i_blk=0&is_ab=0&is_wl=1&new_monthly=1&new_daily=1&_=1501429400048
Requested by: Host: media.spokesman.com
URL: http://media.spokesman.com/static/sv3/js/header.min.b58adcd0297c.js
Protocol: HTTP/1.1
Server: 34.201.79.55 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-201-79-55.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2671d72b96d6d9a1b8bbc1429048505ea6dbc3514daf22ab6dd6dfc8a70ce8d3

Request headers

Accept: text/plain, */*; q=0.01
Referer: http://www.spokesman.com/
Origin: http://www.spokesman.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: http://www.spokesman.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since,X-CSRF-TOKEN
Content-Length: 25

GET
H/1.1 200
OK atrk.gif
d5nxst8fruw4z.cloudfront.net/ 43 B
43 B 269ms
88ms Image
image/gif 52.85.89.25
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5nxst8fruw4z.cloudfront.net/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&time=1501429400518&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2Fwww.spokesman.com%2F&random_number=1023233293&sess_cookie=c249258415d942a83c614aca143&sess_cookie_flag=1&user_cookie=c249258415d942a83c614aca143&user_cookie_flag=1&dynamic=true&domain=spokesman.com&account=TEMji1aUCm00qs&jsv=20130128&user_lang=en-US
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.89.25 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-89-25.jfk6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Mon, 27 Feb 2017 18:25:53 GMT
Via: 1.1 e90303ba6db45a2785ea8e963e1ef010.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 59327
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Accept-Ranges: bytes
Connection: keep-alive
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: z4NQll-9mFiHl_HSsoh5-t7jw5lQKLTuDFzNNTvdFdmxap0l0EMAaQ==

GET
H/1.1

200
OK

test.png
afdae4649f27398789f31eee2255c927a.profile.fra50.cloudfront.net/
Redirect Chain

http://cloudfront-labs.amazonaws.com/x.png
http://afdae4649f27398789f31eee2255c927a.profile.fra50.cloudfront.net/test.png

58 B
0

117ms
6ms

Image
text/plain

54.239.168.147
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://afdae4649f27398789f31eee2255c927a.profile.fra50.cloudfront.net/test.png
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 54.239.168.147 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-239-168-147.fra50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Via: 1.1 bd5652a800046ffa43683320c0e731b4.cloudfront.net (CloudFront)
Server: CloudFront
X-Cache: RoutingProfileExp from cloudfront
Content-Type: text/plain
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 58
X-Amz-Cf-Id: 7XB7mPooY3xmm1BPwHvoLxQ_Gfx4UAWbdtiL9UHPuHdx5eReN7GVTw==
Expires: Sun, 30 Jul 2017 15:43:20 GMT

Redirect headers

Pragma: No-cache
Date: Sun, 30 Jul 2017 15:43:20 GMT
Server: Server
Access-Control-Allow-Origin: *
Location: http://afdae4649f27398789f31eee2255c927a.profile.fra50.cloudfront.net/test.png
Cache-Control: no-cache
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/ Frame 3892 2 KB
895 B 27ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

89f5ead61a11e3b43854eb57ce55f1677b16bc2e048c33c3dc6ee7b4d40eee5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 00:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 886
x-xss-protection: 1; mode=block
server: cafe
etag: 2343874712358639894
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:09:29 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/ Frame 3892 28 KB
11 KB 22ms
5ms Script
text/javascript 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/osd_listener.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

da6e6a49692c69be9e9fdc9697bee6e8347375f996b626a60a53f81bf62d4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 00:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 10895
x-xss-protection: 1; mode=block
server: cafe
etag: 2196216625133901113
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:04:44 GMT

GET
S 200 2069972261378791561
tpc.googlesyndication.com/simgad/ Frame 3892 131 KB
131 KB 42ms
25ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2069972261378791561

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

f6fe795b506571a4d4083443bf963d2ddfb00298b63aacbf769f3f1089476da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Sun, 30 Jul 2017 15:43:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Jul 2017 23:39:58 GMT
server: sffe
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 134513
x-xss-protection: 1; mode=block
expires: Mon, 30 Jul 2018 15:43:20 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/ 82 KB
30 KB 30ms
5ms Script
text/javascript 2a00:1450:4001:824::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/google_ads.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

80de64a5788341a0deba3bb87c5cafe83e725e8d5f04e4075bebf671f80b49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Sun, 30 Jul 2017 15:28:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,36,35",quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 30676
x-xss-protection: 1; mode=block
server: cafe
etag: 15022272777873382488
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 30 Jul 2017 16:28:05 GMT

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/ Frame 3892 2 KB
895 B 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

89f5ead61a11e3b43854eb57ce55f1677b16bc2e048c33c3dc6ee7b4d40eee5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 00:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 886
x-xss-protection: 1; mode=block
server: cafe
etag: 2343874712358639894
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:09:29 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/ Frame 3892 28 KB
11 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/osd_listener.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

da6e6a49692c69be9e9fdc9697bee6e8347375f996b626a60a53f81bf62d4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 00:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 10895
x-xss-protection: 1; mode=block
server: cafe
etag: 2196216625133901113
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:04:44 GMT

GET
S 200 9037996889777519854
tpc.googlesyndication.com/simgad/ Frame 3892 27 KB
27 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9037996889777519854

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

46b0dfc2c4ff71ee90bf9e8797f2e634843c9452762a8c66397abc89675fa489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Fri, 28 Jul 2017 22:49:07 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 May 2017 21:27:21 GMT
server: sffe
age: 147253
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 27539
x-xss-protection: 1; mode=block
expires: Sat, 28 Jul 2018 22:49:07 GMT

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/ Frame 3892 2 KB
895 B 7ms
5ms Script
text/javascript 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

89f5ead61a11e3b43854eb57ce55f1677b16bc2e048c33c3dc6ee7b4d40eee5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 00:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 886
x-xss-protection: 1; mode=block
server: cafe
etag: 2343874712358639894
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:09:29 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/ Frame 3892 28 KB
11 KB 26ms
13ms Script
text/javascript 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/osd_listener.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

da6e6a49692c69be9e9fdc9697bee6e8347375f996b626a60a53f81bf62d4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 00:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 10895
x-xss-protection: 1; mode=block
server: cafe
etag: 2196216625133901113
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:04:44 GMT

GET
S 200 391498097286243041
tpc.googlesyndication.com/simgad/ Frame 3892 7 KB
7 KB 7ms
6ms Image
image/gif 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/391498097286243041

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

b8e271590642f4f331adffd594600ead12561106f00df47d8ba746886dbc3a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Sat, 29 Jul 2017 08:51:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Aug 2015 23:41:37 GMT
server: sffe
age: 111126
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 7152
x-xss-protection: 1; mode=block
expires: Sun, 29 Jul 2018 08:51:14 GMT

GET
S 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/ Frame 3892 2 KB
895 B 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

89f5ead61a11e3b43854eb57ce55f1677b16bc2e048c33c3dc6ee7b4d40eee5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 00:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 886
x-xss-protection: 1; mode=block
server: cafe
etag: 2343874712358639894
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:09:29 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/ Frame 3892 28 KB
11 KB 23ms
11ms Script
text/javascript 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/osd_listener.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

da6e6a49692c69be9e9fdc9697bee6e8347375f996b626a60a53f81bf62d4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 00:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 10895
x-xss-protection: 1; mode=block
server: cafe
etag: 2196216625133901113
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:04:44 GMT

GET
S 200 16425551023482270980
tpc.googlesyndication.com/simgad/ Frame 3892 18 KB
18 KB 7ms
6ms Image
image/png 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16425551023482270980

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

1f51bf740bc901aecca583c66bd6a08cb1e71953a51cd93c09e7bf59068f7804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Fri, 28 Jul 2017 22:49:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Jun 2016 22:32:45 GMT
server: sffe
age: 147256
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 18519
x-xss-protection: 1; mode=block
expires: Sat, 28 Jul 2018 22:49:04 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

89f5ead61a11e3b43854eb57ce55f1677b16bc2e048c33c3dc6ee7b4d40eee5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 00:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 886
x-xss-protection: 1; mode=block
server: cafe
etag: 2343874712358639894
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:09:29 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/ Frame 3892 28 KB
11 KB 20ms
10ms Script
text/javascript 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/osd_listener.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

da6e6a49692c69be9e9fdc9697bee6e8347375f996b626a60a53f81bf62d4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 00:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 10895
x-xss-protection: 1; mode=block
server: cafe
etag: 2196216625133901113
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:04:44 GMT

GET
S 200 14509871852275991413
tpc.googlesyndication.com/simgad/ Frame 3892 20 KB
20 KB 72ms
72ms Image
image/png 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14509871852275991413

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

423cedbb88485fa7bd9d1e06f61daae52a3fde5ceebfc7224ecff9a7e1dcf783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Sun, 30 Jul 2017 15:43:20 GMT
x-content-type-options: nosniff
last-modified: Fri, 21 Jul 2017 22:15:44 GMT
server: sffe
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 20195
x-xss-protection: 1; mode=block
expires: Mon, 30 Jul 2018 15:43:20 GMT

GET
H/1.1 200
OK expansion_embed.js Show response
pagead2.googlesyndication.com/pagead/ 162 KB
54 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:824::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/expansion_embed.js?source=safeframe

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

eb1d2296a3fe9a6284422b9a2cc96e6cce9fb98418e657df86ecd87aea339f69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 14:51:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 3105
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 14256097903496216256
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 55651
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jul 2017 15:51:35 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-4/html/ Frame 3892 0
0

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

89f5ead61a11e3b43854eb57ce55f1677b16bc2e048c33c3dc6ee7b4d40eee5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 00:09:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 886
x-xss-protection: 1; mode=block
server: cafe
etag: 2343874712358639894
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:09:29 GMT

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/ Frame 3892 28 KB
11 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/osd_listener.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

da6e6a49692c69be9e9fdc9697bee6e8347375f996b626a60a53f81bf62d4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 00:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 10895
x-xss-protection: 1; mode=block
server: cafe
etag: 2196216625133901113
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:04:44 GMT

GET
S 200 4641507036473377444
tpc.googlesyndication.com/simgad/ Frame 3892 109 KB
109 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4641507036473377444

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

66f3ec98119946650e4d12288bc7a766134fefa72994d1b802260aa6111fc5ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Sun, 30 Jul 2017 08:44:20 GMT
x-content-type-options: nosniff
last-modified: Tue, 25 Jul 2017 23:42:00 GMT
server: sffe
age: 25140
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 111347
x-xss-protection: 1; mode=block
expires: Mon, 30 Jul 2018 08:44:20 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3892 0
0 15ms
15ms Image
text/html 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgATmXVkWextQw4VJj7hcLbiZuch5ioTvGtE8REnRZxgBWSEDilGzUBCDStMnIPd4wLQtKBv85JU6ZcSur7XpFTyTOik_jmF5zGn8qhobsgtL91yZdrGU1HZX6QuphV6_zKamzMM8YVJaimOjFxz4mbiXgDHlJajMJ5xQmHekKAYt3k8juBj79PNryzDZpvFCohJ6Q6PM2whpH6LERUILRi4LAHX1vvgFKkQSQJ42XXBx4kChVeZ9I0ajsLoK9-vkvWfkUFCZnlLkblbJorob--GI6DiWVIXUFaHXNo3E&sig=Cg0ArKJSzH5_Xcz-YFkAEAE&adurl=

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jul 2017 15:43:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 30 Jul 2017 15:43:20 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3892 0
0 15ms
15ms Image
text/html 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsth_s9K-D1Yl759Fauz_XRx0FQouHgTGTkCZ2-3a3XGYhhdEQkeedY2Gk5BZAD1-9qhk06Z2CkkrxQ8UMbowoQo2y4EUuURSqHvQYDAtcQcLOfH1pv_tC5SNKhMuiOWlvaUeoLE1CYDdO8tDEx1e8U7vFL3_xmbkZ3yaCjV1SzP1Rym_3N_PIW8J3EneJI6cCf6_c6nZ8SpZstB4UxQ0xo3M4clA2BKTSokgPBJ4kyS31NNDDLfV8Fy1vQh7ESXnukcoRpqV_-WFT7id9sq8A&sig=Cg0ArKJSzBKdRXyAR1POEAE&adurl=

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jul 2017 15:43:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 30 Jul 2017 15:43:20 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3892 0
0 16ms
15ms Image
text/html 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNORnn4qYDQsGy0PTzauWwdjuTAtD46BgxJ1O8bH2Hi2IndKGOYKWXaI0fKc_fUQFG6dmL3j7S2Yg_yz_ify21XOhHwZL2pBPnZii0D0i0Pthjs8V7nAjiPGYrCCr5lvn3EibiDErKfOjdJ-EZ60NcW91hXrQFlCK3_EzD_quCzuHrqmjYzvyyUosLoSNifeohn_GITln7iXCK9j2IGaPp2-jACIkcHmSFH0daUaG_mfrnZ_mBpDKNWCY9GvRdqX_2mWnq3cC72YkxBfy5a8YcLSwe&sig=Cg0ArKJSzJwlAo0jKGVeEAE&adurl=

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jul 2017 15:43:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 30 Jul 2017 15:43:20 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3892 0
0 17ms
16ms Image
text/html 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-1RLqVnluYsf1IhsfkPqHZNL3hTS14cLA1r5x1Wk5MMfYVNP-T7imTKgPULdJunonLd-eQgIO-F0KltcJad13gEJlz0jzNvEvGKuRE3bhXfTaIsLYqFbQs8ieuk3XwHV8fTQco7ddcefLaH01WbwQRjWHimUQuD70UCmRud9IgWY3o9hkM28_520vhXqE492gxkHAk8YKgzgTYOM9xJzf0yIT7eS8YEzr8GoJ4D_x_EIs8FTASXdkVLkcDafzSeQkN6fx2Nln9P0lRTCGwW2Y&sig=Cg0ArKJSzPPEIokVFRMTEAE&adurl=

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jul 2017 15:43:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 30 Jul 2017 15:43:20 GMT

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3892 0
0 15ms
14ms Image
text/html 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-EtGmep_ZG9PsNklW4nO9MjT9CE4LKy2oFZ5uUtL4IgR1vmJWzPNDM3ztx12LovNAdHoxeYFotDJKag1pXJ8SCwJbjJqd5BIrqj527a474R4FG-MT6hsd3jADTVXq_Jcr_gJ4vw-bS2qLZEU6kc-PdjGivCOLwFPhlsp_w07vfnN4xuhSH4FouVquMAsRAZoCzdDrQVIqTyMYPC2dzfOjLT0Nf2e5hSiJaIBkGvv-QOKNulBnuQ_aRUpmtdoYKBEBkOzsxlCe&sig=Cg0ArKJSzCjEVK8rBKOqEAE&adurl=

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jul 2017 15:43:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3892 0
0 16ms
15ms Image
text/html 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCb3_fzV_9wM4h-_kXhaw0oE7j2Ou2SAqSA7G4ndfGBZXDah7NQzTjQt3Wp6ingYUKGngoJlFeb6H2Ba7DVWArLkEagiUP9Gw4F1KPzc2zGa1Rj5An8Po2odL_DaZ4fSFs4fJ_uk4vRp2kvGj1emz7RjWtQfZ3BrBcQ4A9pT996aoEw-I6YJZAOHh2s2wTW-BB6_bgpI1Jdn_ltb10gk4kag9k4J38snwUoYM6slZuy4hPmxke-DLzDPfJxpPlyYZZYxwvhb9k7_kRI6uEcN1iwgvfRtZXWA&sig=Cg0ArKJSzK20yPhp4detEAE&adurl=

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jul 2017 15:43:20 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 3892 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8eaa71e190ca247d650a939d7355a340c22d9904cd5240c5e969e559584fdc64

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3892 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f53e5877798ed0673a5c636981e8d3fad1428c7ee509f443be43054b00e62bb1

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3892 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 038c0b6a2750eec04a2991e963b05263ac681271047429330d78dcd8a741fb38

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3892 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7944453f461d3d521e35a37ef6111e3adb7747eb231b0f058b9c45c51028e806

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3892 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41d9d591d997a751fea8934ae0fbb59dee62ea02e3f073448cc7cf03bbe025f1

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3892 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecf9a505978ed0572f7e3cb31f6b61620fd8e13940058eb0a6570ca898b7744a

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
H/1.1 200
OK adserver.js Show response
aamcftag.aamsitecertifier.com/ 37 B
37 B 86ms
86ms Script
application/javascript 2600:9000:201c:2c00:14:c3e7:6780:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://aamcftag.aamsitecertifier.com/adserver.js
Requested by: Host: aamcftag.aamsitecertifier.com
URL: http://aamcftag.aamsitecertifier.com/aam.js
Protocol: HTTP/1.1
Server: 2600:9000:201c:2c00:14:c3e7:6780:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 62577acad21d9ab240fd75783c621368fe4312d8b282b973371146b6d6f31f7e

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Fri, 12 Aug 2016 23:42:11 GMT
Via: 1.1 b7c3cbb5c341d39495b423af981f2a5d.cloudfront.net (CloudFront)
Last-Modified: Thu, 10 Sep 2015 17:53:23 GMT
Server: AmazonS3
Age: 10022
ETag: "0fe85da177e3eefe793457d40cb1f4ba"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37
X-Amz-Cf-Id: 1JLVR0NUxSpPpMyQjZmXhpzVBqblnhkK5tRP1VdZnlpP0YJ_tt8_Ew==

GET
H/1.1 200
OK i
aamcf.aamsitecertifier.com/ 43 B
43 B 351ms
170ms Image
image/gif 50.112.252.101
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aamcf.aamsitecertifier.com/i?e=pv&page=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&dtm=1501429400762&tid=466532&vp=1600x1200&ds=1585x5070&vid=1&duid=0bd3a4be5dbc7452&p=web&tv=js-2.0.7&fp=470004681&aid=210&lang=en-US&cs=UTF-8&tna=cf&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&url=http%3A%2F%2Fwww.spokesman.com%2F
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 50.112.252.101 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-50-112-252-101.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:20 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK Congress_Health_Overhaul.JPG_v530x298.jpg
media.spokesman.com/photos/2017/07/29/ 17 KB
17 KB 162ms
162ms Image
image/jpeg 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.spokesman.com/photos/2017/07/29/Congress_Health_Overhaul.JPG_v530x298.jpg?d668dc2e4502450da93bb6f8620ddce7a25a08d8
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: ac1ed281a82355fd816f1e2b67f31660c56e99998756a11c4466e9c304378712

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:21 GMT
Last-Modified: Sat, 29 Jul 2017 15:40:38 GMT
Server: nginx
ETag: "1586190900"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17755
Expires: Tue, 01 Aug 2017 15:43:20 GMT

GET
H/1.1 200
OK DEER_ROADKILL_FOOD_BANKS.JPG_v530x298.jpg
media.spokesman.com/photos/2017/07/29/ 10 KB
10 KB 160ms
160ms Image
image/jpeg 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.spokesman.com/photos/2017/07/29/DEER_ROADKILL_FOOD_BANKS.JPG_v530x298.jpg?d668dc2e4502450da93bb6f8620ddce7a25a08d8
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: 8ce8253ab04a0222ec590a2c10b94a93358f586d5188114bcb89f30e4b26d0c8

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:21 GMT
Last-Modified: Sun, 30 Jul 2017 13:01:28 GMT
Server: nginx
ETag: "1263953125"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10491
Expires: Tue, 01 Aug 2017 15:43:20 GMT

GET
H/1.1 200
OK AMBradleyRT16_v530x298.jpg
media.spokesman.com/photos/2017/07/28/ 23 KB
23 KB 169ms
169ms Image
image/jpeg 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.spokesman.com/photos/2017/07/28/AMBradleyRT16_v530x298.jpg?d668dc2e4502450da93bb6f8620ddce7a25a08d8
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: 765e4d89ea36d13a95170456ee243d52491b969f08168cf37aeb20efa9b26e19

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:21 GMT
Last-Modified: Sun, 30 Jul 2017 12:01:34 GMT
Server: nginx
ETag: "4125321769"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23712
Expires: Tue, 01 Aug 2017 15:43:20 GMT

GET
H/1.1 200
OK CM-Digging-up-deals-SR-1142x642_SR-1142x642-SVG_2_v530x298.jpg
media.spokesman.com/photos/2017/07/21/ 13 KB
13 KB 165ms
163ms Image
image/jpeg 66.45.170.59
Tierpoint

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://media.spokesman.com/photos/2017/07/21/CM-Digging-up-deals-SR-1142x642_SR-1142x642-SVG_2_v530x298.jpg?d668dc2e4502450da93bb6f8620ddce7a25a08d8
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 66.45.170.59 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-59.ptr.tierpoint.com
Software: nginx /
Resource Hash: 76f10393bdf79754dc20a5628b913c5dc49c8cd42abaaf76716869c09dff98fd

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:21 GMT
Last-Modified: Sun, 23 Jul 2017 08:14:45 GMT
Server: nginx
ETag: "3450593336"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13745
Expires: Tue, 01 Aug 2017 15:43:20 GMT

GET
H/1.1 200
OK chartbeat.js Show response
static.chartbeat.com/js/ 33 KB
13 KB 11ms
5ms Script
application/x-javascript 151.101.112.249
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: http://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 151.101.112.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: 72fb3309e3e0c0319b6e83b1d59d054dab4384e42cd7fa03568951269d3369a2

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jul 2017 03:27:49 GMT
Server: nginx
ETag: "59795db5-82da"
X-Served-By: cache-hhn1538-HHN
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/x-javascript
Via: 1.1 varnish
Cache-Control: max-age=7200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13042
X-Cache-Hits: 4500066

GET
H/1.1 200
OK ping
ping.chartbeat.net/ 43 B
43 B 211ms
106ms Image
image/gif 54.243.118.244
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ping.chartbeat.net/ping?h=spokesman.com&p=%2F&u=CNXAgdPti_hlnCY5&d=spokesman.com&g=5066&g0=Change%20this%20to%20your%20Section%20name&g1=Change%20this%20to%20your%20Author%20name&n=1&f=00001&c=0&x=0&m=0&y=5070&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3453&t=BBj1x_9Ez6YHQsCvCIbMFkMhRIs&V=93&i=The%20Spokesman-Review%20%7C%20Local%20News%2C%20Business%2C%20Entertainment%2C%20Sports%20%26%20Weather%20for%20Eastern%20Washington&tz=0&sn=1&EE=0&sv=tTqirBo5wzv0e1w4BXdg8sDGL18P&_
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 54.243.118.244 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-243-118-244.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK activeview
pagead2.googlesyndication.com/ Frame 3892 42 B
42 B 14ms
14ms Image
image/gif 2a00:1450:4001:824::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/activeview?avi=BPcXBmP59WYrQDsbCzAartJmYBgAAAAAQATgByAECwAIC4AIAyAOZBOAEAaAGFNIIBQiAYRAB&cid=CAASBORoaGw&id=osdim&ti=1&r=u&adk=2404035854&tt=505&bs=1585,1200&mtos=1156,1156,1156,1156,1156&tos=1156,0,0,0,0&p=254,153,354,1433&rs=3&ht=0&tfs=9&tls=1165&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1585,5070&ss=1600,1200&pt=661&deb=1-7-7-7-13-4&tvt=1158&avms=geo&uc=5&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=1280x100

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:21 GMT
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activeview
pagead2.googlesyndication.com/ Frame 3892 42 B
42 B 20ms
14ms Image
image/gif 2a00:1450:4001:824::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/activeview?avi=B9LBYmP59WYvQDsbCzAartJmYBgAAAAAQATgByAECwAIC4AIAyAOZBOAEAaAGFNIIBQiAYRAB&cid=CAASBORoCfo&id=osdim&ti=1&r=u&adk=2822441466&tt=505&bs=1585,1200&mtos=1153,1153,1153,1153,1153&tos=1153,0,0,0,0&p=1110,443,1200,1171&rs=3&ht=0&tfs=12&tls=1165&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1585,5070&ss=1600,1200&pt=661&deb=1-7-7-7-13-4&tvt=1158&avms=geo&uc=5&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=728x90

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:21 GMT
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activeview
pagead2.googlesyndication.com/ Frame 3892 42 B
42 B 19ms
14ms Image
image/gif 2a00:1450:4001:824::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/activeview?avi=BNnczmP59WYzQDsbCzAartJmYBgAAAAAQATgByAECwAIC4AIAyAOZBOAEAaAGFNIIBQiAYRAB&cid=CAASBORoTfg&id=osdim&ti=1&r=u&adk=1762246593&tt=505&bs=1585,1200&mtos=1152,1152,1152,1152,1152&tos=1152,0,0,0,0&p=87,57,147,177&rs=3&ht=0&tfs=13&tls=1165&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1585,5070&ss=1600,1200&pt=661&deb=1-7-7-7-13-4&tvt=1158&avms=geo&uc=5&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=120x60

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:21 GMT
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activeview
pagead2.googlesyndication.com/ Frame 3892 42 B
42 B 21ms
16ms Image
image/gif 2a00:1450:4001:824::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/activeview?avi=B1LS5mP59WY3QDsbCzAartJmYBgAAAAAQATgByAECwAIC4AIAyAOZBOAEAaAGFNIIBQiAYRAB&cid=CAASBORop_o&id=osdim&ti=1&r=u&adk=3389208236&tt=505&bs=1585,1200&mtos=1151,1151,1151,1151,1151&tos=1151,0,0,0,0&p=87,1409,147,1529&rs=3&ht=0&tfs=14&tls=1165&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1585,5070&ss=1600,1200&pt=661&deb=1-7-7-7-13-4&tvt=1158&avms=geo&uc=5&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=120x60

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:21 GMT
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK activeview
pagead2.googlesyndication.com/ Frame 3892 42 B
42 B 20ms
15ms Image
image/gif 2a00:1450:4001:824::2002
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/activeview?avi=B6MV2mP59WY7QDsbCzAartJmYBgAAAAAQATgByAECwAIC4AIAyAOZBOAEAaAGFNIIBQiAYRAB&cid=CAASBORoE-c&id=osdim&ti=1&r=u&adk=3725654123&tt=505&bs=1585,1200&mtos=1140,1140,1140,1140,1140&tos=1140,0,0,0,0&p=418,1229,1018,1529&rs=3&ht=0&tfs=25&tls=1165&mc=1&lte=1&bas=0&bac=0&bos=1600,1200&ps=1585,5070&ss=1600,1200&pt=661&deb=1-7-7-7-13-4&tvt=1158&avms=geo&uc=5&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=300x600

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:21 GMT
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
www.spokesman.com/fragment/home_sections/ 58 KB
9 KB 747ms
746ms XHR
text/html 66.45.170.57
Tierpoint

General

Check archive.org

Show headers Download Go to

Full URL: http://www.spokesman.com/fragment/home_sections/
Requested by: Host: media.spokesman.com
URL: http://media.spokesman.com/static/sv3/js/footer.min.6fd83a75431f.js
Protocol: HTTP/1.1
Server: 66.45.170.57 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-57.ptr.tierpoint.com
Software: nginx /
Resource Hash: f1c91ab804140f0e01402b7b175cd4ff95aec1d00d86462a63e558844ae61a5f

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

Date: Sun, 30 Jul 2017 15:43:22 GMT
Content-Encoding: gzip
Server: nginx
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=utf-8
X-Beatles: AP5http
Connection: keep-alive
Content-Length: 9560

GET
H/1.1 200
OK / Show response
www.spokesman.com/fragment/home_opinion/ 7 KB
2 KB 328ms
167ms XHR
text/html 66.45.170.57
Tierpoint

General

Check archive.org

Show headers Download Go to

Full URL: http://www.spokesman.com/fragment/home_opinion/
Requested by: Host: media.spokesman.com
URL: http://media.spokesman.com/static/sv3/js/footer.min.6fd83a75431f.js
Protocol: HTTP/1.1
Server: 66.45.170.57 Saint Louis, United States, ASN30340 (AS-TIERP-30340 - Tierpoint, LLC, US),
Reverse DNS: 66-45-170-57.ptr.tierpoint.com
Software: nginx /
Resource Hash: 44235801b7157745e754f49467c945535a7f744b2081cd26f251918a1e020656

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

Date: Sun, 30 Jul 2017 15:43:22 GMT
Content-Encoding: gzip
Server: nginx
Vary: Cookie,Accept-Encoding
Content-Type: text/html; charset=utf-8
X-Beatles: AP5http
Connection: keep-alive
Content-Length: 1751

GET
H/1.1 200
OK skycons.min.js Show response
cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/ 8 KB
3 KB 15ms
10ms Script
application/javascript 2400:cb00:2048:1::6813:c466
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/skycons.min.js?_=1501429400049
Requested by: Host: media.spokesman.com
URL: http://media.spokesman.com/static/sv3/js/header.min.b58adcd0297c.js
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6813:c466 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b593739579ab32b3bd04b4fa1afe18d0b7c037c1dd6d9efe2c8b8d7fa5a4142d

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 22 Jun 2016 20:08:18 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 38696ee745d82318-FRA
Expires: Fri, 20 Jul 2018 15:43:22 GMT

GET
H/1.1 200
OK skycons.min.js Show response
cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/ 8 KB
3 KB 15ms
9ms Script
application/javascript 2400:cb00:2048:1::6813:c466
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/skycons.min.js?_=1501429400050
Requested by: Host: media.spokesman.com
URL: http://media.spokesman.com/static/sv3/js/header.min.b58adcd0297c.js
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6813:c466 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b593739579ab32b3bd04b4fa1afe18d0b7c037c1dd6d9efe2c8b8d7fa5a4142d

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:22 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 22 Jun 2016 20:08:18 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 38696ee7476e1589-FRA
Expires: Fri, 20 Jul 2018 15:43:22 GMT

GET
H/1.1 200
OK skycons.min.js Show response
cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/ 8 KB
3 KB 12ms
11ms Script
application/javascript 2400:cb00:2048:1::6813:c466
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/skycons.min.js?_=1501429400051
Requested by: Host: media.spokesman.com
URL: http://media.spokesman.com/static/sv3/js/header.min.b58adcd0297c.js
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6813:c466 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b593739579ab32b3bd04b4fa1afe18d0b7c037c1dd6d9efe2c8b8d7fa5a4142d

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:23 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 22 Jun 2016 20:08:18 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 38696ee900531589-FRA
Expires: Fri, 20 Jul 2018 15:43:23 GMT

GET
H/1.1 500
Internal Server Error flyertown_module.js
api.circularhub.com/2871/48979fe04f6431c3/ 0
0 575ms
130ms Script
text/html 52.86.213.187
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://api.circularhub.com/2871/48979fe04f6431c3/flyertown_module.js?_=1501429400052
Requested by: Host: media.spokesman.com
URL: http://media.spokesman.com/static/sv3/js/header.min.b58adcd0297c.js
Protocol: HTTP/1.1
Server: 52.86.213.187 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-86-213-187.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

X-Runtime: 0.026745
Date: Sun, 30 Jul 2017 15:43:23 GMT
Server: nginx
Content-Type: text/html; charset=utf-8
Status: 500 Internal Server Error
Connection: keep-alive
X-Request-Id: 0bd7b738391ba40a89b5ffa12436097a
Content-Length: 728
X-Rack-Cache: miss

GET
H/1.1 200
OK skycons.min.js Show response
cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/ 8 KB
3 KB 7ms
7ms Script
application/javascript 2400:cb00:2048:1::6813:c466
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/skycons.min.js?_=1501429400053
Requested by: Host: media.spokesman.com
URL: http://media.spokesman.com/static/sv3/js/header.min.b58adcd0297c.js
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6813:c466 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b593739579ab32b3bd04b4fa1afe18d0b7c037c1dd6d9efe2c8b8d7fa5a4142d

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:23 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 22 Jun 2016 20:08:18 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 38696ee906ac2318-FRA
Expires: Fri, 20 Jul 2018 15:43:23 GMT

GET
H/1.1 200
OK skycons.min.js Show response
cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/ 8 KB
3 KB 14ms
8ms Script
application/javascript 2400:cb00:2048:1::6813:c466
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/skycons.min.js?_=1501429400054
Requested by: Host: media.spokesman.com
URL: http://media.spokesman.com/static/sv3/js/header.min.b58adcd0297c.js
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6813:c466 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b593739579ab32b3bd04b4fa1afe18d0b7c037c1dd6d9efe2c8b8d7fa5a4142d

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:23 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 22 Jun 2016 20:08:18 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 38696ee916a02360-FRA
Expires: Fri, 20 Jul 2018 15:43:23 GMT

GET
H/1.1 200
OK skycons.min.js Show response
cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/ 8 KB
3 KB 17ms
12ms Script
application/javascript 2400:cb00:2048:1::6813:c466
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/skycons.min.js?_=1501429400055
Requested by: Host: media.spokesman.com
URL: http://media.spokesman.com/static/sv3/js/header.min.b58adcd0297c.js
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6813:c466 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b593739579ab32b3bd04b4fa1afe18d0b7c037c1dd6d9efe2c8b8d7fa5a4142d

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:23 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 22 Jun 2016 20:08:18 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 38696ee9179d08ab-FRA
Expires: Fri, 20 Jul 2018 15:43:23 GMT

GET
H/1.1 200
OK skycons.min.js Show response
cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/ 8 KB
3 KB 12ms
7ms Script
application/javascript 2400:cb00:2048:1::6813:c466
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: http://cdnjs.cloudflare.com/ajax/libs/skycons/1396634940/skycons.min.js?_=1501429400056
Requested by: Host: media.spokesman.com
URL: http://media.spokesman.com/static/sv3/js/header.min.b58adcd0297c.js
Protocol: HTTP/1.1
Server: 2400:cb00:2048:1::6813:c466 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b593739579ab32b3bd04b4fa1afe18d0b7c037c1dd6d9efe2c8b8d7fa5a4142d

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:23 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Last-Modified: Wed, 22 Jun 2016 20:08:18 GMT
Server: cloudflare-nginx
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 38696ee916af2318-FRA
Expires: Fri, 20 Jul 2018 15:43:23 GMT

GET
H/1.1

200
OK

fpi.js Show response
ap.lijit.com/www/delivery/js/ Frame 3892
Redirect Chain

http://ap.lijit.com/www/delivery/fpi.js?z=330890&u=spokesman&width=728&height=90
http://ap.lijit.com/www/delivery/js/fpi.js

5 KB
3 KB

98ms
98ms

Script
text/javascript

169.55.70.227
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://ap.lijit.com/www/delivery/js/fpi.js
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 169.55.70.227 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: e3.46.37a9.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 4351a1eaac6cd4233391851576dc30d7f3071f48098e08b14b7068319ea1569c

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:23 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ap3iad1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location: http://ap.lijit.com/www/delivery/js/fpi.js
Date: Sun, 30 Jul 2017 15:43:23 GMT
Server: nginx
X-Sovrn-Pod: ap3iad1
Content-Length: 0

GET
S 200 osd_listener.js Show response
tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/ Frame 3892 28 KB
0 13ms
12ms Script
text/javascript 2a00:1450:4001:81c::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20170726/r20110914/activeview/osd_listener.js

Requested by

Host: partner.googleadservices.com
URL: http://partner.googleadservices.com/gpt/pubads_impl_92.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

da6e6a49692c69be9e9fdc9697bee6e8347375f996b626a60a53f81bf62d4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Thu, 27 Jul 2017 00:04:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315516
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 10895
x-xss-protection: 1; mode=block
server: cafe
etag: 2196216625133901113
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 00:04:44 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-4/html/ Frame 3892 0
0

GET
S 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3892 0
0 15ms
15ms Image
text/html 172.217.22.66
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEGeKHA5ptCSrCg49s1ETKUepgIeHbkmAlVaEt_190oGGCMZysslIQ0cP4rhpiGONFDj131HvOx7vaavOGd3TJT1UwshivvJUG23bBqj0kUrWXrxK8cR1T87qaTZ2_CoWO6geIpC1rgNTrQV_qEUeZhT_6flQ-LNDbQiuu_bHyNwaKhhQln-FTiAzAOQM47q2dF877zaVo_FIDdz8QeTFjDo8bei1ajAfaZF2_v4PGx2jw4LvqQe1OGL_qP0VoEa9lNCvTGzqtMgOn_Xyr&sig=Cg0ArKJSzGLU9NqkY-jyEAE&urlfix=1&adurl=

Requested by

Host: www.spokesman.com
URL: http://www.spokesman.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.66 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 30 Jul 2017 15:43:23 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK sync Show response
ap.lijit.com/ Frame 3892 47 KB
15 KB 92ms
92ms Script
text/javascript 169.55.70.227
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://ap.lijit.com/sync
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/www/delivery/js/fpi.js
Protocol: HTTP/1.1
Server: 169.55.70.227 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: e3.46.37a9.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: c2c37144908ff2be6176f0e7e657b990d7b9875ee5116f92ce66cb52173e1dba

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Jun 2017 18:30:03 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=86400, must-revalidate
Transfer-Encoding: chunked
X-Sovrn-Pod: ap3iad1
Expires: Mon, 31 Jul 2017 15:43:23 GMT

GET
H/1.1 200
OK adcfg Show response
ap.lijit.com/ Frame 3892 142 B
162 B 103ms
103ms Script
application/x-javascript 169.55.70.227
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://ap.lijit.com/adcfg?zoneid=330890&tid=d5ea93a58b0e4013a2d2fe137f8da64c58d3d8c9&mode=1&dmn=www.spokesman.com
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/sync
Protocol: HTTP/1.1
Server: 169.55.70.227 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: e3.46.37a9.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 98034752556207b808694ec39697c1abc55d8c2b47d3fe3068a2e742b6270e19

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:23 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ap3iad1
Content-Type: application/x-javascript; charset=UTF-8
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK addelivery Show response
ap.lijit.com/ Frame 3892 2 KB
643 B 216ms
216ms Script
application/x-javascript 169.55.70.227
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://ap.lijit.com/addelivery?zoneid=330890&tid=a_330890_d162c0632b7044ccb6cecd65372377ff&cb=93155809&mode=1&flv=0.0.0&ifr=true&od=www.spokesman.com&time=15%3A43%3A23&fd=1&be=sf&loc=http%3A%2F%2Fwww.spokesman.com%2F&orig_loc=http%3A%2F%2Fwww.spokesman.com%2F&abf=true&dpz=false&cv=eab9827&dop=0&ndw=1&spif=true&btid=a_330890_d162c0632b7044ccb6cecd65372377ff
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/sync
Protocol: HTTP/1.1
Server: 169.55.70.227 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: e3.46.37a9.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: d21bddeea75410017b4fd05838113b1f4c787e938b114244568c335ae8e43288

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:23 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ap3iad1
Content-Type: application/x-javascript; charset=UTF-8
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK jstag Show response
us-ads.openx.net/w/1.0/ Frame 3892 50 KB
18 KB 39ms
22ms Script
text/javascript 173.241.240.212
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://us-ads.openx.net/w/1.0/jstag
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 173.241.240.212 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-212.xa.dc.openx.org
Software: OXGW/11.99.7 /
Resource Hash: 84d6acc18749b05289d036b1da0fd9790e7f9d4394bde0c9e1c5903373837f93

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:23 GMT
Content-Encoding: gzip
Server: OXGW/11.99.7
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: max-age=3600
Content-Type: text/javascript
Content-Length: 18801
Expires: Sun, 30 Jul 2017 16:43:23 GMT

GET
H/1.1

200
OK

acj Show response
us-ads.openx.net/w/1.0/ Frame 3892
Redirect Chain

http://us-ads.openx.net/w/1.0/acj?ai=f2fa64d8-3e11-4837-ad56-89668bbacb1d&o=5977328219&callback=OX_5977328219&ju=http%3A//www.spokesman.com/&jr=&auid=536471&dims=1600x1200&adxy=429%2C4246&res=1600x...
http://us-ads.openx.net/w/1.0/acj?cc=1&ai=f2fa64d8-3e11-4837-ad56-89668bbacb1d&o=5977328219&callback=OX_5977328219&ju=http%3A//www.spokesman.com/&jr=&auid=536471&dims=1600x1200&adxy=429%2C4246&res=...

1 KB
663 B

34ms
34ms

Script
application/json

173.241.240.212
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://us-ads.openx.net/w/1.0/acj?cc=1&ai=f2fa64d8-3e11-4837-ad56-89668bbacb1d&o=5977328219&callback=OX_5977328219&ju=http%3A//www.spokesman.com/&jr=&auid=536471&dims=1600x1200&adxy=429%2C4246&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=728x90&ifr=1&tws=1600x1200
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 173.241.240.212 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-212.xa.dc.openx.org
Software: OXGW/11.99.7 /
Resource Hash: 88ac3cf58d34c08ff583da3e7f35ecf60381e3542d854c990b892957a1b811bb

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:23 GMT
Content-Encoding: gzip
Server: OXGW/11.99.7
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Type: application/json
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: http://us-ads.openx.net/w/1.0/acj?cc=1&ai=f2fa64d8-3e11-4837-ad56-89668bbacb1d&o=5977328219&callback=OX_5977328219&ju=http%3A//www.spokesman.com/&jr=&auid=536471&dims=1600x1200&adxy=429%2C4246&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=728x90&ifr=1&tws=1600x1200
Date: Sun, 30 Jul 2017 15:43:23 GMT
Server: OXGW/11.99.7
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK pb.js Show response
ap.lijit.com/www/delivery/ Frame 3892 677 B
452 B 113ms
112ms Script
text/javascript 169.55.70.227
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://ap.lijit.com/www/delivery/pb.js
Requested by: Host: us-ads.openx.net
URL: http://us-ads.openx.net/w/1.0/jstag
Protocol: HTTP/1.1
Server: 169.55.70.227 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: e3.46.37a9.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 348e667bd6807532fe5ea960f3af0c12d9c854e286e39945ea9c2e17995866bf

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:24 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ap3iad1
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK acj Show response
us-ads.openx.net/w/1.0/ Frame 3892 1 KB
663 B 36ms
36ms Script
application/json 173.241.240.212
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: http://us-ads.openx.net/w/1.0/acj?ai=f2fa64d8-3e11-4837-ad56-89668bbacb1d&o=7753454101&callback=OX_7753454101&ju=http%3A//www.spokesman.com/&jr=&auid=536487&dims=1600x1200&adxy=429%2C4246&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=728x90&ifr=1&tws=1600x1200&nl=20&ul=49
Requested by: Host: us-ads.openx.net
URL: http://us-ads.openx.net/w/1.0/jstag
Protocol: HTTP/1.1
Server: 173.241.240.212 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-212.xa.dc.openx.org
Software: OXGW/11.99.7 /
Resource Hash: 55129675ba01b6e0362707056e795b9843410ec31b84674db9e799e14e65415b

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:24 GMT
Content-Encoding: gzip
Server: OXGW/11.99.7
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache
Transfer-Encoding: chunked
Content-Type: application/json
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3892 58 KB
21 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ap.lijit.com
URL: http://ap.lijit.com/sync

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

def751232fc11cdda6c1e13d0e94b7c35d08862892e70ccccfaa99b0230f6194

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:18:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
Age: 1489
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 1458712193535862467
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 21509
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jul 2017 16:18:35 GMT

GET beacon
gslbeacon.lijit.com/ Frame 3892 0
0

GET
H/1.1 200
OK containertag Show response
ap.lijit.com/ Frame 3892 86 KB
15 KB 114ms
114ms Script
text/html 169.55.70.227
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to

Full URL: http://ap.lijit.com/containertag?containerId=1&zoneId=330890&v=2
Requested by: Host: ap.lijit.com
URL: http://ap.lijit.com/sync
Protocol: HTTP/1.1
Server: 169.55.70.227 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: e3.46.37a9.ip4.static.sl-reverse.com
Software: nginx / raptor
Resource Hash: f4b9da6588f689ff1bbfd27bbc7dbd8814a59325178a55f2271afcadc92d249e

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:24 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: raptor
Vary: Accept-Encoding
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding: chunked
X-Sovrn-Pod: ap3iad1
Content-Type: text/html;charset=utf-8
X-Application-Context: application:prod:9080
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK impression
vap3iad1.lijit.com/addelivery/ Frame 3892 43 B
43 B 192ms
97ms Image
image/gif 169.55.70.227
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vap3iad1.lijit.com/addelivery/impression?bannerid=109288&campaignid=232&cb=94171539&tid=a_330890_d162c0632b7044ccb6cecd65372377ff&zoneid=330890&cids=1828%2C1885%2C232&bids=43627%2C46045%2C109288&tss=1%2C240%2C282
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 169.55.70.227 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: e3.46.37a9.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 30 Jul 2017 15:43:24 GMT
Server: nginx
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ap3iad1
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 502
Bad Gateway fp
vap3iad1.lijit.com/data/ Frame 3892 568 B
0 185ms
90ms Image
text/html 169.55.70.227
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://vap3iad1.lijit.com/data/fp?tid=a_330890_d162c0632b7044ccb6cecd65372377ff&zoneid=330890&starttime=1501429403542&adcfg=2&adcfg_response=106&addelivery=109&addelivery_response=325&lgfired=609&beacon=610&container=612&EOL=612&ctstart=611&elapsed_ms=612
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 169.55.70.227 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: e3.46.37a9.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:24 GMT
Server: nginx
X-Sovrn-Pod: ap3iad1
Content-Length: 568
Content-Type: text/html

GET
S 200 ca-pub-9779652122014728.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ Frame 3892 68 B
97 B 6ms
6ms Script
text/javascript 2a00:1450:4001:824::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-9779652122014728.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Sun, 30 Jul 2017 12:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
age: 12400
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,36,35",quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 88
x-xss-protection: 1; mode=block
expires: Mon, 31 Jul 2017 00:16:44 GMT

GET zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20170726/r20170110/ Frame 3892 0
0

GET
H/1.1 200
OK show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20170726/r20170110/ Frame 3892 188 KB
70 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:824::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/r20170726/r20170110/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

5bc30f07cf0f5fe9276a9472d30405d1df684e26ee3821300d2e07a9ff5aa8c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:24 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag: 7553028766377902701
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=1209600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 71579
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jul 2017 15:43:24 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame 3892 0
0

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20170726/r20170110/ Frame 3892 82 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::2002
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20170726/r20170110/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20170726/r20170110/show_ads_impl.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

80de64a5788341a0deba3bb87c5cafe83e725e8d5f04e4075bebf671f80b49d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date: Thu, 27 Jul 2017 18:39:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248648
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,36,35",quic=":443"; ma=2592000; v="39,38,37,36,35"
content-length: 30676
x-xss-protection: 1; mode=block
server: cafe
etag: 15022272777873382488
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 10 Aug 2017 18:39:16 GMT

GET
H/1.1 502
Bad Gateway ct
ap.lijit.com/data/ Frame 3892 568 B
0 93ms
93ms Image
text/html 169.55.70.227
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ap.lijit.com/data/ct?tid=a_330890_d162c0632b7044ccb6cecd65372377ff&zoneid=330890&cid=1&geo=DE&all_tags=6%2C7%2C42%2C46%2C53%2C57%2C63%2C72%2C73%2C75%2C79%2C81%2C82%2C84%2C87%2C98%2C103%2C106%2C107%2C108%2C111%2C112%2C113%2C122%2C128%2C159%2C160%2C161%2C162%2C163%2C164%2C165%2C166%2C167%2C168%2C169%2C171%2C173%2C175%2C177%2C181%2C186%2C202%2C204&count=0&status=8%2C8%2C12%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C12%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8&elapsed_ms=127
Requested by: Host: www.spokesman.com
URL: http://www.spokesman.com/
Protocol: HTTP/1.1
Server: 169.55.70.227 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS: e3.46.37a9.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer: http://www.spokesman.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date: Sun, 30 Jul 2017 15:43:24 GMT
Server: nginx
X-Sovrn-Pod: ap3iad1
Content-Length: 568
Content-Type: text/html

GET
DATA 200
OK truncated
/ Frame 3892 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc1bb260727e2db7a39f994bc305d12bcadbd479ffbf0dd60f2d641374f01cd9

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET pd
us-u.openx.net/w/1.0/ Frame 3892 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/safeframe/1-0-4/html/container.html

Domain: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/safeframe/1-0-4/html/container.html

Domain: tpc.googlesyndication.com
URL: http://tpc.googlesyndication.com/safeframe/1-0-4/html/container.html

Domain: gslbeacon.lijit.com
URL: http://gslbeacon.lijit.com/beacon?viewId=a_330890_d162c0632b7044ccb6cecd65372377ff&rand=2362&informer=10723324&type=fpads&loc=http%3A%2F%2Fwww.spokesman.com%2F&v=1.2

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20170726/r20170110/zrt_lookup.html

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9779652122014728&format=728x90&output=html&h=90&slotname=6677580301&adk=2173826815&adf=3183824144&w=728&lmt=1501429404&ea=0&flash=0&url=http%3A%2F%2Fwww.spokesman.com%2F&wgl=1&dt=1501429404165&bpp=9&bdt=1097&fdt=11&idt=80&shv=r20170726&cbv=r20170110&saldr=aa&correlator=3675677590329&frm=23&ga_vid=962834169.1501429400&ga_sid=1501429404&ga_hid=287010403&ga_fc=0&pv=2&iag=15&icsg=2&nhd=2&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=4246&biw=1585&bih=1200&isw=728&ish=90&ifk=1304392907&eid=575144605%2C389613000&oid=3&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=20&bc=1&ifi=1&dtd=100

Domain: us-u.openx.net
URL: http://us-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590

Domain: us-u.openx.net
URL: http://us-u.openx.net/w/1.0/pd?plm=1&ph=94ef58655625200a8cfc5b15afcd0b94ad52d590

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.spokesman.com/	2017-07-31 15:43:21	Name: abdAu Value: 0
www.spokesman.com/	2017-07-30 16:13:20	Name: _gada_ses.e3de Value: *
www.spokesman.com/	2019-07-30 15:43:20	Name: _gada_id.e3de Value: 0bd3a4be5dbc7452.1501429401.1.1501429401.1501429401
.spokesman.com/	2019-07-30 15:43:20	Name: _ga Value: GA1.2.962834169.1501429400
www.spokesman.com/	2030-12-31 00:00:00	Name: bm_last_load_status Value: NOT_BLOCKING
www.spokesman.com/	2017-07-31 23:59:59	Name: bm_monthly_unique Value: true
.spokesman.com/	2018-07-31 15:43:20	Name: __auc Value: c249258415d942a83c614aca143
.spokesman.com/	2017-07-30 15:44:20	Name: _dc_gtm_UA-230256-14 Value: 1
.spokesman.com/	2017-07-31 15:43:20	Name: _gid Value: GA1.2.1028652639.1501429400
www.spokesman.com/	2017-07-30 23:59:59	Name: bm_daily_unique Value: true
.spokesman.com/	2017-07-30 16:13:20	Name: __asc Value: c249258415d942a83c614aca143
.spokesman.com/	2019-07-30 15:43:20	Name: __gads Value: ID=357c02830d50af79:T=1501429400:S=ALNI_MZj34WwsSbmXoHzRyp2LQBJT9jf0Q
www.spokesman.com/	2017-07-30 23:59:59	Name: bm_sample_frequency Value: 100

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aamcf.aamsitecertifier.com
aamcftag.aamsitecertifier.com
afdae4649f27398789f31eee2255c927a.profile.fra50.cloudfront.net
ap.lijit.com
api.circularhub.com
asset.pagefair.com
asset.pagefair.net
cdnjs.cloudflare.com
d31qbv1cthcecs.cloudfront.net
d5nxst8fruw4z.cloudfront.net
googleads.g.doubleclick.net
gslbeacon.lijit.com
media.spokesman.com
pagead2.googlesyndication.com
partner.googleadservices.com
ping.chartbeat.net
securepubads.g.doubleclick.net
static.chartbeat.com
stats.pagefair.com
tpc.googlesyndication.com
unpkg.com
us-ads.openx.net
us-u.openx.net
vap3iad1.lijit.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.spokesman.com
googleads.g.doubleclick.net
gslbeacon.lijit.com
tpc.googlesyndication.com
us-u.openx.net
151.101.112.249
169.55.70.227
172.217.22.66
173.241.240.212
23.111.11.222
23.111.9.30
2400:cb00:2048:1::6810:7aaf
2400:cb00:2048:1::6810:7baf
2400:cb00:2048:1::6813:c466
2600:9000:201c:2c00:14:c3e7:6780:93a1
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:824::2002
2a00:1450:401b:802::2003
34.201.79.55
50.112.252.101
52.85.89.25
52.85.89.66
52.86.213.187
54.239.168.147
54.243.118.244
66.45.170.57
66.45.170.59
011a0fd5a876d2c85c85c0999225e34de706cc8fef86ae44b4dff43ac62198b1
038c0b6a2750eec04a2991e963b05263ac681271047429330d78dcd8a741fb38
039e945b772448e04b62d6adcedd042f4656121b1c030132de6c84cb2ba47d90
100770ceb57c9e10d5283206c1ae0b2b9653a0433021f48e9808751d3900c384
15cc8f536904e07e9e273ddff5010e0747a32c99dddbfff8d149e5d67fd20237
1f51bf740bc901aecca583c66bd6a08cb1e71953a51cd93c09e7bf59068f7804
2671d72b96d6d9a1b8bbc1429048505ea6dbc3514daf22ab6dd6dfc8a70ce8d3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2beca87bd90b7d26dd1cf5317e5e655b45411320b946af572731d61139a8f3a7
348e667bd6807532fe5ea960f3af0c12d9c854e286e39945ea9c2e17995866bf
3709a08de273ed33504e05902f3cc77e283c1b0a51d589ae0354dc6ed9173ca9
398069370dab6c67e90d564d327519cea13b0a98f503efab8c93ef762f2fb2dc
41d9d591d997a751fea8934ae0fbb59dee62ea02e3f073448cc7cf03bbe025f1
423cedbb88485fa7bd9d1e06f61daae52a3fde5ceebfc7224ecff9a7e1dcf783
42495762f50b26fc8ce93773d979552d8f1e254259dd7022d96378e9ce8e9edd
4351a1eaac6cd4233391851576dc30d7f3071f48098e08b14b7068319ea1569c
44235801b7157745e754f49467c945535a7f744b2081cd26f251918a1e020656
46b0dfc2c4ff71ee90bf9e8797f2e634843c9452762a8c66397abc89675fa489
55129675ba01b6e0362707056e795b9843410ec31b84674db9e799e14e65415b
5bc30f07cf0f5fe9276a9472d30405d1df684e26ee3821300d2e07a9ff5aa8c9
62577acad21d9ab240fd75783c621368fe4312d8b282b973371146b6d6f31f7e
66f3ec98119946650e4d12288bc7a766134fefa72994d1b802260aa6111fc5ab
67991063f738bdff89fdd005760d6183eb36b64b92fef1ec784fdcc25fd3abe4
72fb3309e3e0c0319b6e83b1d59d054dab4384e42cd7fa03568951269d3369a2
74dcaa180496943578560343c8cefe472fa3ed385d5df503c8d6254fa7cf896b
765010cbfccaf06cb5b9166023a22b655a10b37075c91e276a5550c5ecd855ba
765e4d89ea36d13a95170456ee243d52491b969f08168cf37aeb20efa9b26e19
76f10393bdf79754dc20a5628b913c5dc49c8cd42abaaf76716869c09dff98fd
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7944453f461d3d521e35a37ef6111e3adb7747eb231b0f058b9c45c51028e806
79813dea795083a7db7cf2ad896c1f6cdd0194e57d06c523a8f264b0791faad2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80de64a5788341a0deba3bb87c5cafe83e725e8d5f04e4075bebf671f80b49d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841ce796952da6a9bb24e12cea09cfd86ff900c409e91838b5ae151716d36900
84d6acc18749b05289d036b1da0fd9790e7f9d4394bde0c9e1c5903373837f93
87bc265dda5e31597442c420def76eeadb5c516d016213a47f570c65d5558b72
88ac3cf58d34c08ff583da3e7f35ecf60381e3542d854c990b892957a1b811bb
89f5ead61a11e3b43854eb57ce55f1677b16bc2e048c33c3dc6ee7b4d40eee5e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ba131a677ea1357ae7fdc95d6a5c67c3b02d171bb286f6c9ec6bce3cef5c211
8ce8253ab04a0222ec590a2c10b94a93358f586d5188114bcb89f30e4b26d0c8
8eaa71e190ca247d650a939d7355a340c22d9904cd5240c5e969e559584fdc64
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98034752556207b808694ec39697c1abc55d8c2b47d3fe3068a2e742b6270e19
a7ed79fc0d90214b42878dc519ed333ea7eb1f6f20b3f4949904d19264630f9a
ac1ed281a82355fd816f1e2b67f31660c56e99998756a11c4466e9c304378712
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b593739579ab32b3bd04b4fa1afe18d0b7c037c1dd6d9efe2c8b8d7fa5a4142d
b8e271590642f4f331adffd594600ead12561106f00df47d8ba746886dbc3a4e
c2c37144908ff2be6176f0e7e657b990d7b9875ee5116f92ce66cb52173e1dba
c40997ef90cf1406fa8b6825d8f252e8c1c6907db58c94e04732e609c15957dc
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb18abd95f09251fc7d4bf28a4338a1df51f4b6fdf403055b75d778374127c7a
cd6180864a6995021fe409cf1865e2f4fe5fe0add04a60ca8eaee3b4daf71cea
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01d3386939e81d103dd35f897772e0d4556b3731c6ed8385bd70646ab124a7c
d21bddeea75410017b4fd05838113b1f4c787e938b114244568c335ae8e43288
d9565e9697db0cc8d768f672d02b02c39cdd33130c72a25d4aa20fe3ae3d778d
da6e6a49692c69be9e9fdc9697bee6e8347375f996b626a60a53f81bf62d4fc8
def751232fc11cdda6c1e13d0e94b7c35d08862892e70ccccfaa99b0230f6194
df1cb93efb4d5dbaa99499a0f935375e389cc12b9f1d26d2108aece94674a26a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1d2296a3fe9a6284422b9a2cc96e6cce9fb98418e657df86ecd87aea339f69
ecf9a505978ed0572f7e3cb31f6b61620fd8e13940058eb0a6570ca898b7744a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbd3a5837e447cea00f6d47dd33b4b8b939701a47f52a4d4374bab2dcd4db50
f1c91ab804140f0e01402b7b175cd4ff95aec1d00d86462a63e558844ae61a5f
f44c6fde1481864a531e8c349f9606e9bc85c56c07b9e2e9b243f856a6ddccaf
f4b9da6588f689ff1bbfd27bbc7dbd8814a59325178a55f2271afcadc92d249e
f53e5877798ed0673a5c636981e8d3fad1428c7ee509f443be43054b00e62bb1
f6fe795b506571a4d4083443bf963d2ddfb00298b63aacbf769f3f1089476da4
fc1bb260727e2db7a39f994bc305d12bcadbd479ffbf0dd60f2d641374f01cd9

www.spokesman.com Open in urlscan Pro 66.45.170.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

109 Requests

41 %HTTPS

38 %IPv6

18 Domains

28 Subdomains

25 IPs

2 Countries

1335 kBTransfer

2951 kBSize

13 Cookies

12 Outgoing links

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.spokesman.com Open in urlscan Pro
66.45.170.57 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

41 %
HTTPS

38 %
IPv6

18
Domains

28
Subdomains

25
IPs

2
Countries

1335 kB
Transfer

2951 kB
Size

13
Cookies

109 HTTP transactions
7 data transactions