www.timescolonist.com Open in urlscan Pro
20.49.104.7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://timescolonist.com/
Effective URL:
https://www.timescolonist.com/
Submission: On October 06 via api (October 6th 2023, 4:46:13 am UTC) from US — Scanned from DE

Summary HTTP 281 Redirects Links 44 Behaviour Indicators

Summary

This website contacted 58 IPs in 7 countries across 40 domains to perform 281 HTTP transactions. The main IP is 20.49.104.7, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.timescolonist.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on September 27th 2023. Valid for: 6 months.

This is the only time www.timescolonist.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.170.7.25 52.170.7.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	20.49.104.7 20.49.104.7	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
21	18.66.112.105 18.66.112.105	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:206... 2600:9000:206f:600:18:a82e:7180:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.86 18.66.97.86	16509 (AMAZON-02) (AMAZON-02)
6	51.104.28.77 51.104.28.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
3	2600:1901:0:4... 2600:1901:0:4277::1	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:225... 2600:9000:2250:fc00:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
4	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
7	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c03::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:8400:3:1a27:3000:93a1	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.118 162.19.138.118	16276 (OVH) (OVH)
1	34.249.118.122 34.249.118.122	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1e0... 2400:52e0:1e00::1047:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.66.147.39 18.66.147.39	16509 (AMAZON-02) (AMAZON-02)
1	34.195.236.117 34.195.236.117	14618 (AMAZON-AES) (AMAZON-AES)
2	3.136.222.64 3.136.222.64	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3	2600:9000:21f... 2600:9000:21f3:9800:8:4487:bd00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:21f... 2600:9000:21f3:c400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	78.140.185.31 78.140.185.31	35415 (WEBZILLA) (WEBZILLA)
8	52.59.82.184 52.59.82.184	16509 (AMAZON-02) (AMAZON-02)
27	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
16	23.32.185.60 23.32.185.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2	144.76.28.41 144.76.28.41	24940 (HETZNER-AS) (HETZNER-AS)
10	184.30.25.193 184.30.25.193	16625 (AKAMAI-AS) (AKAMAI-AS)
4	146.75.118.132 146.75.118.132	54113 (FASTLY) (FASTLY)
14	70.42.32.191 70.42.32.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
281	58

1 52.170.7.25 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

timescolonist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 20.49.104.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.timescolonist.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

micro.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.66.112.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-105.fra56.r.cloudfront.net

www.vmcdn.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:206f:600:18:a82e:7180:93a1 (United States)

ASN16509 (AMAZON-02, US)

discovery.evvnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-86.fra56.r.cloudfront.net

cdn-gateflipp.flippback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:4277::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

beginnerpancake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:fc00:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fe745a2caaf3ca290cd2554931751bd0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
9676e82442a02437030737452586d745.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:8400:3:1a27:3000:93a1 (United States)

ASN16509 (AMAZON-02, US)

discoverevvnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.118.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-118-122.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::1047:1 (Germany)

ASN200325 (BUNNYCDN, SI)

s2.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-39.fra60.r.cloudfront.net

p.flipp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.236.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-236-117.compute-1.amazonaws.com

events.getsitectrl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.136.222.64 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-222-64.us-east-2.compute.amazonaws.com

com-evvnt-prod1.collector.snplow.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:9800:8:4487:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.mktg.evvnt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:c400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.140.185.31 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: 1c2-10-d2774-31.webazilla.com

cdn.ad.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.59.82.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-82-184.eu-central-1.compute.amazonaws.com

prebid-a.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.28.41 (Freiburg im Breisgau, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.41.28.76.144.clients.your-server.de

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 184.30.25.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-193.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 70.42.32.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com fe745a2caaf3ca290cd2554931751bd0.safeframe.googlesyndication.com 9676e82442a02437030737452586d745.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com 070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com	238 KB
41	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	917 KB
24	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 2100 widget-pixels.outbrain.com — Cisco Umbrella Rank: 4294 odb.outbrain.com — Cisco Umbrella Rank: 2896 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6884	379 KB
21	vmcdn.ca www.vmcdn.ca — Cisco Umbrella Rank: 188719	99 KB
20	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 10850 log.outbrainimg.com — Cisco Umbrella Rank: 3073 images.outbrainimg.com — Cisco Umbrella Rank: 2730	78 KB
16	rubiconproject.com micro.rubiconproject.com — Cisco Umbrella Rank: 3504 fastlane.rubiconproject.com — Cisco Umbrella Rank: 563 prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3219 eus.rubiconproject.com — Cisco Umbrella Rank: 662 token.rubiconproject.com — Cisco Umbrella Rank: 504	104 KB
12	timescolonist.com 1 redirects timescolonist.com www.timescolonist.com	242 KB
11	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2	4 KB
10	evvnt.com discovery.evvnt.com — Cisco Umbrella Rank: 37316 cdn.prod.mktg.evvnt.com — Cisco Umbrella Rank: 49968	239 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	529 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
6	studiostack.com sr.studiostack.com — Cisco Umbrella Rank: 55058	27 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	443 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541	7 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1906 google-bidout-d.openx.net — Cisco Umbrella Rank: 1919	667 B
3	google.de www.google.de — Cisco Umbrella Rank: 6147	622 B
3	beginnerpancake.com beginnerpancake.com — Cisco Umbrella Rank: 736410	24 KB
3	getsitecontrol.com l.getsitecontrol.com — Cisco Umbrella Rank: 20318 s2.getsitecontrol.com — Cisco Umbrella Rank: 32181	59 KB
2	stat-rock.com serving.stat-rock.com — Cisco Umbrella Rank: 18741	1 KB
2	snplow.net com-evvnt-prod1.collector.snplow.net — Cisco Umbrella Rank: 42076	332 B
2	discoverevvnt.com discoverevvnt.com — Cisco Umbrella Rank: 37367	7 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	3 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1164 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1156 id5-sync.com — Cisco Umbrella Rank: 470	30 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	88 KB
2	gstatic.com fonts.gstatic.com	16 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3328 p1.parsely.com — Cisco Umbrella Rank: 2550	26 KB
1	ad.plus cdn.ad.plus — Cisco Umbrella Rank: 154006	107 KB
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 720	481 B
1	getsitectrl.com events.getsitectrl.com — Cisco Umbrella Rank: 22710	844 B
1	flipp.com p.flipp.com — Cisco Umbrella Rank: 13537
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 445	98 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	13 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1319	5 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2118	8 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931	3 KB
1	flippback.com cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 13368	35 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	953 B
281	40

	Domain	Requested by
38	securepubads.g.doubleclick.net	www.timescolonist.com securepubads.g.doubleclick.net www.googletagservices.com 9676e82442a02437030737452586d745.safeframe.googlesyndication.com 5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com 070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com 4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com
27	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.timescolonist.com www.googletagservices.com
21	www.vmcdn.ca	www.timescolonist.com
19	tpc.googlesyndication.com	securepubads.g.doubleclick.net 9676e82442a02437030737452586d745.safeframe.googlesyndication.com tpc.googlesyndication.com 5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com 070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com 4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com www.timescolonist.com
12	widgets.outbrain.com	9676e82442a02437030737452586d745.safeframe.googlesyndication.com 5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com 070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com 4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com widgets.outbrain.com
11	www.timescolonist.com	www.timescolonist.com
10	log.outbrainimg.com	widgets.outbrain.com
9	www.googletagservices.com	securepubads.g.doubleclick.net 9676e82442a02437030737452586d745.safeframe.googlesyndication.com 5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com 070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com 4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com
8	prebid-a.rubiconproject.com	micro.rubiconproject.com
7	discovery.evvnt.com	www.timescolonist.com discovery.evvnt.com
6	images.outbrainimg.com
6	www.google.com	www.timescolonist.com tpc.googlesyndication.com
6	sr.studiostack.com	www.timescolonist.com sr.studiostack.com
6	www.googletagmanager.com	www.timescolonist.com www.googletagmanager.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.timescolonist.com
5	region1.analytics.google.com	www.googletagmanager.com
4	mcdp-nydc1.outbrain.com	widgets.outbrain.com
4	odb.outbrain.com	widgets.outbrain.com
4	widget-pixels.outbrain.com	9676e82442a02437030737452586d745.safeframe.googlesyndication.com widgets.outbrain.com
4	tcheck.outbrainimg.com	widgets.outbrain.com
4	fastlane.rubiconproject.com	micro.rubiconproject.com
3	cdn.prod.mktg.evvnt.com	www.timescolonist.com
3	www.google.de	www.timescolonist.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	beginnerpancake.com	www.timescolonist.com beginnerpancake.com
2	eus.rubiconproject.com	micro.rubiconproject.com eus.rubiconproject.com
2	serving.stat-rock.com	cdn.ad.plus www.timescolonist.com
2	4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	9676e82442a02437030737452586d745.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	com-evvnt-prod1.collector.snplow.net	discovery.evvnt.com
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.timescolonist.com
2	discoverevvnt.com	discovery.evvnt.com
2	cdn.jsdelivr.net	securepubads.g.doubleclick.net micro.rubiconproject.com
2	connect.facebook.net	www.timescolonist.com connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	l.getsitecontrol.com	www.timescolonist.com l.getsitecontrol.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	cdn.ad.plus	securepubads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	static.adsafeprotected.com	www.timescolonist.com
1	mug.criteo.com	www.timescolonist.com
1	events.getsitectrl.com	s2.getsitecontrol.com
1	p.flipp.com	cdn-gateflipp.flippback.com
1	idsync.rlcdn.com	www.timescolonist.com
1	www.facebook.com	www.timescolonist.com
1	s2.getsitecontrol.com	l.getsitecontrol.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	fe745a2caaf3ca290cd2554931751bd0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	p1.parsely.com	www.timescolonist.com
1	cdn-gateflipp.flippback.com	www.timescolonist.com
1	cdn.parsely.com	www.timescolonist.com
1	micro.rubiconproject.com	www.timescolonist.com
1	fonts.googleapis.com	www.timescolonist.com
1	timescolonist.com	1 redirects
281	66

This site contains links to these domains. Also see Links.

Domain
guidedby.ca
classifieds.timescolonist.com
victoriatimescolonist.adperfect.com
www.legacy.com
digitaltimescolonist.pressreader.com
www.facebook.com
twitter.com
britishcolonist.ca
archive.org
docs.google.com
www.vmcdn.ca
www.glaciermedia.ca
www.alaskahighwaynews.ca
www.bowenislandundercurrent.com
www.burnabynow.com
www.castanet.net
www.coastreporter.net
www.dawsoncreekmirror.ca
www.delta-optimist.com
lethbridgeherald.com
medicinehatnews.com
www.moosejawtoday.com
www.newwestrecord.ca
www.nsnews.com
www.piquenewsmagazine.com
www.prpeak.com
www.princegeorgecitizen.com
www.rew.ca
www.richmond-news.com
www.sasktoday.ca
www.squamishchief.com
www.theorca.ca
www.tricitynews.com
www.vancouverisawesome.com
www.westerninvestor.com
www.airdrietoday.com
www.albertaprimetimes.com
www.cochranetoday.ca
www.lakelandtoday.ca
www.mountainviewtoday.ca
www.okotokstoday.ca
www.rmoutlook.com
www.stalbertgazette.com
www.townandcountrytoday.com

Subject Issuer	Validity	Valid
www.timescolonist.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-09-27` - `2024-03-27`	6 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
www.vmcdn.ca Amazon RSA 2048 M02	`2023-08-21` - `2024-09-17`	a year	crt.sh
discovery.evvnt.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2023-03-07` - `2024-04-07`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
flippback.com Amazon RSA 2048 M01	`2023-09-18` - `2024-10-16`	a year	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2022-11-16` - `2023-12-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
beginnerpancake.com R3	`2023-09-11` - `2023-12-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-15` - `2023-10-13`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
discoverevvnt.com Amazon RSA 2048 M01	`2023-02-23` - `2024-02-07`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
flipp.com Amazon RSA 2048 M01	`2023-07-31` - `2024-08-28`	a year	crt.sh
*.getsitectrl.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-13`	a year	crt.sh
com-evvnt-prod1.collector.snplow.net Amazon RSA 2048 M02	`2023-02-01` - `2024-03-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
cdn.prod.mktg.evvnt.com Amazon RSA 2048 M01	`2023-06-07` - `2024-07-05`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
cdn.ad.plus R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
serving.stat-rock.com R3	`2023-09-17` - `2023-12-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-02` - `2024-03-02`	a year	crt.sh

This page contains 32 frames:

Primary Page: https://www.timescolonist.com/
Frame ID: BA3E8966E4DE74DFC83AAAA25DEB5574
Requests: 125 HTTP requests in this frame

Frame: https://fe745a2caaf3ca290cd2554931751bd0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 256077D77276C43EFB54BB9D54F69924
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.timescolonist.com
Frame ID: A14F3A7244143E53C48C59850ED451B2
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: BAE1E74C01F782A45AE47E26FAEB775B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshnsaSQZT8xkktFJy0OckIFOrMm64BfUz6U320FXFxkknOA-WQeDweDVSmwahGRoiGCVDcv3dXWV_GyAm986STiJLLWM1Y7ekXcK_2_MtPPVnybVjYjHdO2n0-Tgy-YZVwveNCysP2RC9S4RFLnMyyNb-i7bfqGRcuKnAky2-BiZlbc4YVcGTU8ahigG7_-W62LComWz02DFs7-BCAU5foigWXJt9WvptU9FLZBf7xKq2KcAWRHOX5SYY_zORFnDQ0IKOgeV_QG98RMHdx1MHpdr7vbXw26cZP9cKUMdCpHE5Ho-r1C5QpHxg3KjNSiuQVtgHKfD4ak40rWZH2DAN60EPpwoFlTVvZ6w36t87GtEuTEwHM9_jAv_nVhEnW5yureA4dGw&sai=AMfl-YSggpmrRcIzTODyODbreVkd1yBKVj79rY3HzSLRS1gq8as1sBYKvUTKy7DYGMbiP_xS0o1GgK0dMTGqQ-UvmKiVnbBKkmE79fa6VjSQFjx4UGYpNshQTmnvjNz13A&sig=Cg0ArKJSzJ-3ENmvee_nEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 417AB98934C8250079335171038BD8A2
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGJPeEWLJEbnBhGL2ixg4BpQRIlf2odatCj40EJMWN91FfCrDJFd6HfCwIoGxagUsVuFfdOHeYyJQhF0Yzy6JxEi9DjPELgwElo6t3jybjWUhixd_Ln78DiGmpJjEg4GRDF7gMsCb70Nuu0IKP-lkD9osCQafZzkdP2YSayJtGtPFIV1qXUfk9POLqhAqDVetSI83rUzPYRh2WQFRXcIL-DkJRF5PU79plZRuODyLZZq6_XqGHwC8mQjdXoGbnsmUP7azobOUxbHPnMqJAf7jlXadLBLMfN8V5tCJGwnJwTLQTGkxgIcIaXSH_dgqM6U8nCYmk4gUEjkQe0ePJlaLJtWgJBjOE8UbqmjXnDHPe-Efksw8Y6XyudMwzqIiVjsdlnrW0eQ&sai=AMfl-YTXuTbxsFUNuzN0vElEAYL-vBgK5CUzHyXoiWNF7uTHSDFpO9dgo4kmkgnXI49tFzWLTSFHM7DnLW-GoA--H-ps8H9ynODk2dIYluNiWyxjjhQUAurR6L6U70oBRIc&sig=Cg0ArKJSzP9CYiaqwtD1EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DBCFC6F263AAC575F69417DEA457E7BA
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvd1f8AQFQGAHXDWHaE-pZphPgE1QkLLp9VaqTCHrhXxHV4pHNE8MEISyOvveTJGie0j4hteLQpORNEmyk73a5lzETwUAWaIkA4RX75_FWkUebpikiTbFmAA9k-iogOWpmUBu6MI6LWuzPtwYpb0yb5iJX81p0cLx4aCu5-xPmJVMFhOTrM4SqECyjAnyN6GvFn708PCTbnzBiTdv0GQ13wDB3edWit8jjqbVz8cxBm3U2QAM88b9WIFrCFMAs1m-RHEb7t1bzwbC-t0DZbyi9BYgdEaHrelAnutYtHc64VDnHzVcehWTQBQet_19UO_wmgOZgYBVp8u-jEtSy-CDG8BbAwZKgx7PWQrDAQEaMZ86vf6QeI9PEw4LSIz5wekXvL5qLeDg&sai=AMfl-YQBC6h2ubvhSu1aawJ40a5xGOVKvENj7S_RIAdvq1m2dhX8qhGQNXCwh4dcfXY6ykLiZBTzUTgJbybXmGzs7LtpLxD2kIutRW1YiFUdDmvHBNgXgWG1dSJ0JY4wNIk&sig=Cg0ArKJSzAXK88nAOF9NEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D188E894704E423CB46A0A395070D59D
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxFbypLLWV4LqTChVEpE8t-nbRj7_FUZguvHnouuLg_Shgb9DR7QaBdoRJ6dnbVVHmfBFi1zaoY6dBYKWASLNOcr1E7w2fppZSMwiyTXcMH2UuSKrNTFO2eEGj5L8p6gg8A_Lrlwip2YDud_fIByOcgz4Qdb02JQprcHtIJwTiFxsRBipA0A98Z9MEQ8r2xApXFvLmvo0QFWq9QZP6yDkG_EHnx0K2R4SYprG0yh5lQygWBSZgS2JU5kDxwEW4TB6tYdtkjgsRj8l7GZxY4LoD4MCntTh2cRTPhtybFniLkLs7zHWpKsyKNyJoSWl74YyoEXtMo3j-s9d1HAOkWv1TpiPieIDkMJ3CdRogmKCiYcTWXLKwee--ck9gnDVSmjx__Q6U0pLn2_Rl&sai=AMfl-YSk7siX7abWOLGJ0RgZXxVE5xw7o3k0md4K1EJt0p4B6zesoXSUjmPneuqZyUqs8CWTX28N4cvwFbMFZ4wpxOp3Uo6AomjQr0AN06A5sLxQvAwxmrBh45Iacopp-nU&sig=Cg0ArKJSzMXYopxSd3OXEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CB3A1C73F425D2386857E2D32F5D2B4E
Requests: 8 HTTP requests in this frame

Frame: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C3872FFBA01780AF45FABBF5C533B024
Requests: 1 HTTP requests in this frame

Frame: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5399577171209A4529BF350CDB865527
Requests: 1 HTTP requests in this frame

Frame: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 56463DD2BC65AA6F5BD88A88926914E5
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFGee3DuWps2RCh1sz8BNwZBr1PeJJ9H3wiq-WgiOMYSIqT3K5v_RQfcl6xSQ3pYBe8wqCoLleK3R6tbCeqhZjs857aYC5-wP9UKo_mJcaigd2uxKwbjDxTzlHFRYcry3Q0lNvxdnS0Zevc_voQxd4xeD1r22fdr4WB3DYlNIJpc3Qt4MuVc_VVPZZbFXsFpDsrc4z99oWmjyUk_gzUZZnf2ihVfYjr6rc5eitB65lV4O98Cxz0evbqEGordULDWzmN7yrl8a_YHg5MfDcB7DCwlwDsTwf6-NnIXQ9l3wmPkH8Qs5jaDQ07TBKU0OFaVnlZfNYg8RB11vW&sai=AMfl-YSoIhTq6ohwP9WNFcoeI_Y1NtuCbR1NiYtUPlFeKu6Ae-rQJuRsRFbT64XA30l5NbXK35KtrYew7AE_9K_qWQr0Ivd-vQWCkWwODNycfnAdSMTU7JXPzFUCvq8tIfI&sig=Cg0ArKJSzMCeVLVNzyUkEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 62CBDB0E915653D52223DB769449875D
Requests: 11 HTTP requests in this frame

Frame: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 91F4899FF9793F830282DBE1730ACF49
Requests: 14 HTTP requests in this frame

Frame: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 95CC88BF776698A29E6062FC76A9D48A
Requests: 1 HTTP requests in this frame

Frame: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D3D981CA9A41567C690803A5DEAC2F94
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CD912B51AFE1E4C7DE8FCA8690992221
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 545D6E1CB8868ECC9CEDE7E7096D1ACD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6B22CA6BD00402904CC937D11FFB6CD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F79A2DB8D7E775BA0695C4566EDCE456
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 86F99CA6972DF2AEF17740B47319412C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2C945D744530C5A0517D08C05BC7A5DE
Requests: 2 HTTP requests in this frame

Frame: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 70620FBD0F67DDA4872118BF8164A75B
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 92AC4F22C5C93EC523567FDE4F856C0C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5FA4E949A88AC170625A950270DDD93A
Requests: 2 HTTP requests in this frame

Frame: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F27757D081680097DAF14BF96A9A80B9
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B337710B4E967AA9652DDB5E0D4B9802
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC769E1A78416E481107715C05BB7E3C
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: B235176E0E29327633210C25B0064BE9
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: D5D237DC7356CE7171371CDCD0EEFFE2
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: D47F052E42F86DD61F2EF99BC5560107
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Frame ID: 9A89BF88A999BF7A789D1D50911738E5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 2C48CC3392651D8A7246FA0BBBE3DCE6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Victoria Times Colonist - Victoria Times Colonist

Page URL History Show full URLs

http://timescolonist.com/ HTTP 301
https://www.timescolonist.com/ Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

281
Requests

99 %
HTTPS

48 %
IPv6

40
Domains

66
Subdomains

58
IPs

7
Countries

3771 kB
Transfer

10513 kB
Size

29
Cookies

44 Outgoing links

These are links going to different origins than the main page.

URL: https://guidedby.ca/publications/times-colonist/
Title: GuidedBy

Search URL Search Domain Scan URL

URL: https://classifieds.timescolonist.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://victoriatimescolonist.adperfect.com/channel/C0A801FC02b69229FCjqX303F021/publication/7F00000118ced16E29JlH27D0002
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/timescolonist/
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://digitaltimescolonist.pressreader.com/times-colonist
Title: E-Edition

Search URL Search Domain Scan URL

URL: https://www.facebook.com/timescolonist

Search URL Search Domain Scan URL

URL: https://twitter.com/timescolonist

Search URL Search Domain Scan URL

URL: https://britishcolonist.ca/
Title: Daily Colonist 1858-1980

Search URL Search Domain Scan URL

URL: https://archive.org/details/victoriadailytimes
Title: Victoria Daily Times 1884-1940

Search URL Search Domain Scan URL

URL: https://docs.google.com/document/d/1X2mGUqmLci7neZZJgULCw67_IiTVsXnk70_u8XiUaU8/edit
Title: Political Ads Registry

Search URL Search Domain Scan URL

URL: https://www.vmcdn.ca/files/victoriatimescolonist/files/tcsponsorship.pdf
Title: Sponsorships

Search URL Search Domain Scan URL

URL: https://www.glaciermedia.ca/

Search URL Search Domain Scan URL

URL: https://www.alaskahighwaynews.ca/
Title: Alaska Highway News

Search URL Search Domain Scan URL

URL: https://www.bowenislandundercurrent.com/
Title: Bowen Island Undercurrent

Search URL Search Domain Scan URL

URL: https://www.burnabynow.com/
Title: Burnaby Now

Search URL Search Domain Scan URL

URL: https://www.castanet.net/
Title: Castanet

Search URL Search Domain Scan URL

URL: https://www.coastreporter.net/
Title: Coast Reporter

Search URL Search Domain Scan URL

URL: https://www.dawsoncreekmirror.ca/
Title: Dawson Creek Mirror

Search URL Search Domain Scan URL

URL: https://www.delta-optimist.com/
Title: Delta Optimist

Search URL Search Domain Scan URL

URL: https://lethbridgeherald.com/
Title: Lethbridge Herald

Search URL Search Domain Scan URL

URL: https://medicinehatnews.com/
Title: Medicine Hat News

Search URL Search Domain Scan URL

URL: https://www.moosejawtoday.com/
Title: Moose Jaw Today

Search URL Search Domain Scan URL

URL: https://www.newwestrecord.ca/
Title: New West Record

Search URL Search Domain Scan URL

URL: https://www.nsnews.com/
Title: North Shore News

Search URL Search Domain Scan URL

URL: https://www.piquenewsmagazine.com/
Title: Pique Newsmagazine

Search URL Search Domain Scan URL

URL: https://www.prpeak.com/
Title: Powell River Peak

Search URL Search Domain Scan URL

URL: https://www.princegeorgecitizen.com/
Title: Prince George Citizen

Search URL Search Domain Scan URL

URL: https://www.rew.ca/
Title: REW.ca

Search URL Search Domain Scan URL

URL: https://www.richmond-news.com/
Title: Richmond News

Search URL Search Domain Scan URL

URL: https://www.sasktoday.ca/
Title: SaskToday.ca

Search URL Search Domain Scan URL

URL: https://www.squamishchief.com/
Title: Squamish Chief

Search URL Search Domain Scan URL

URL: https://www.theorca.ca/
Title: The Orca

Search URL Search Domain Scan URL

URL: https://www.tricitynews.com/
Title: TriCity News

Search URL Search Domain Scan URL

URL: https://www.vancouverisawesome.com/
Title: Vancouver is Awesome

Search URL Search Domain Scan URL

URL: https://www.westerninvestor.com/
Title: Western Investor

Search URL Search Domain Scan URL

URL: https://www.airdrietoday.com/
Title: Airdrie Today

Search URL Search Domain Scan URL

URL: https://www.albertaprimetimes.com/
Title: Alberta Prime Times

Search URL Search Domain Scan URL

URL: https://www.cochranetoday.ca/
Title: Cochrane Today

Search URL Search Domain Scan URL

URL: https://www.lakelandtoday.ca/
Title: Lakeland Today

Search URL Search Domain Scan URL

URL: https://www.mountainviewtoday.ca/
Title: Mountain View Today

Search URL Search Domain Scan URL

URL: https://www.okotokstoday.ca/
Title: Okotoks Today

Search URL Search Domain Scan URL

URL: https://www.rmoutlook.com/
Title: Rocky Mountain Outlook

Search URL Search Domain Scan URL

URL: https://www.stalbertgazette.com/
Title: St. Albert Gazette

Search URL Search Domain Scan URL

URL: https://www.townandcountrytoday.com/
Title: Town and Country Today

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://timescolonist.com/ HTTP 301
https://www.timescolonist.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.timescolonist.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.timescolonist.com%2F&rid=esp&cc=1

Request Chain 111

https://gum.criteo.com/sid/json?origin=publishertagids&domain=timescolonist.com&sn=ChromeSyncframe&so=0&topUrl=www.timescolonist.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=3-1r4nx2S3lyZm5Ed2FBWEVwYWpzQkNHOGxWMTdkM2Zla21kSFg0dDhBWTZ4T1E4bEZFY04yRjlUSTYxRXRKemY0UzlHT3FmNjhLVy9HRm0zeEZ4anJZSGVXMUlOSGVFM1IvV2kvclROZ1lyQmNvMWdiK3pEVFFXaXRJZTc5NHluOXBDQlg2Y1R3aWFoZVRnOU00ZW1DN0xzVU1SeEZtb1kvRFMzZTZCbjF0YVM2dzcrS0dMSU8wMVFXV2V6VkUwNy83WDdNMWY1L1JmMDRTSkMyRmRFUnVQYW5EVUE2Q1NWcGp4ZVkyaFF5MThIZnpTTlNFUktFMUxhYktOaWJ1QzlYVHJxNUxJbkVrVHlmckIwMDkyOFN3MTBqUVFMSFJFeXdaRGZ0V05pZGpHQ2xHND18&cppv=2

281 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.timescolonist.com/
Redirect Chain

http://timescolonist.com/
https://www.timescolonist.com/

118 KB
119 KB

721ms
125ms

Document
text/html

20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timescolonist.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b184e87eda4ea090c3af32debcfd7e7844c1bbbcdb776d75039a0f8fa5fe93a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=55
content-length: 121051
content-type: text/html; charset=utf-8
date: Fri, 06 Oct 2023 04:46:04 GMT
expires: Fri, 06 Oct 2023 04:47:01 GMT
last-modified: Fri, 06 Oct 2023 04:45:56 GMT
strict-transport-security: max-age=63072000;

Redirect headers

Content-Length: 0
Date: Fri, 06 Oct 2023 04:46:04 GMT
Location: https://www.timescolonist.com/
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 css
fonts.googleapis.com/ 3 KB
953 B 136ms
49ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato|Poppins:400,600&display=swap

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0ac0a173056e216169bf5984a5a566d8adda0034bd3788cda9ea8b68bf7cde9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Oct 2023 04:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 04:46:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Oct 2023 04:46:05 GMT

GET
H2 200 template_via
www.timescolonist.com/cssb/ 100 KB
29 KB 353ms
352ms Stylesheet
text/css 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timescolonist.com/cssb/template_via?v=cm6Uakgivgpu3zbs4lXvzFzN0QIWOXAHyUQzaJAEzj01

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6d40ac22199a81a3ac31411a398333b279e9dc96a6f1ab5d960a80c538e7a9b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:05 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
last-modified: Fri, 06 Oct 2023 04:46:05 GMT
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
content-length: 29844
expires: Sat, 05 Oct 2024 04:46:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 100 KB
30 KB 261ms
140ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

423a9e3fc9cd594913f4d30527509babc1040d619984aa244f7eaacae1259a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30007
x-xss-protection: 0
server: cafe
etag: 629 / 19636 / 31078561 / config-hash: 1263625818240152014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
92 KB 138ms
48ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LBSLQ6JW94

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2ee594a2fa148201e01aec6bfa9b02a4795bc90a40f8da32b9883c621b526bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 04:46:06 GMT

GET
H2 200 25542.js Show response
micro.rubiconproject.com/prebid/dynamic/ 281 KB
87 KB 148ms
42ms Script
text/javascript 23.201.255.110
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://micro.rubiconproject.com/prebid/dynamic/25542.js
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-255-110.deploy.static.akamaitechnologies.com
Software: Apache/2.4.37 (rocky) OpenSSL/1.1.1k /
Resource Hash: 1d955922a1fda8beec73c809bd39eafe2ee06a063c6dee41bf252a5092d45ae0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: gzip
server: Apache/2.4.37 (rocky) OpenSSL/1.1.1k
vary: accept-encoding, referer
edge-cache-tag: prod-prebid-25542_Glacier_Desktop.js
content-type: text/javascript;charset=UTF-8
cache-control: public, must-revalidate, max-age=14400
content-length: 88683
expires: Fri, 06 Oct 2023 20:18:11 GMT

GET
H2 200 tc-flag-crest.svg
www.vmcdn.ca/files/victoriatimescolonist/images/static-images/ 78 KB
26 KB 159ms
47ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/victoriatimescolonist/images/static-images/tc-flag-crest.svg
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3ac63d889b1d0519b6c52298bc4570b557607e74d6b65a9ac90d5495a345f952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:28:45 GMT
content-encoding: gzip
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 1822640
x-amz-cf-pop: FRA56-P5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=tc-flag-crest.svg
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: vpeKUOuhOKnhZd4RtM9O9zVM4EgdyvedyoG37-dX72gmDBIFEPU1HA==
expires: Sun, 15 Oct 2023 02:28:46 GMT

GET
H2 200 blank.gif
www.timescolonist.com/images/ 42 B
164 B 127ms
124ms Image
image/gif 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.timescolonist.com/images/blank.gif

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:05 GMT
strict-transport-security: max-age=63072000;
last-modified: Thu, 07 Sep 2023 15:22:54 GMT
etag: "7e75682c9fe1d91:0"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 42

GET
H2 200 evvnt_discovery_plugin-latest.min.js Show response
discovery.evvnt.com/prd/ 414 KB
120 KB 179ms
46ms Script
text/javascript 2600:9000:206f:600:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37f24d2b3120f9a1ca72fcc796aae64e33aa2a669e758b5ad6edde17988e61a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 02:40:22 GMT
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 20:21:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 7544
x-amz-server-side-encryption: AES256
etag: W/"37680e68a655f091b05e4e08616a1a6c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: p3G3Rj5kg5dt-arbSTY-X9SxMKWXA3XomrUzSRZyfgaKVhN6TDIQcQ==

GET
H2 200 widgets Show response
www.timescolonist.com/jsb/ 11 KB
4 KB 134ms
134ms Script
text/javascript 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timescolonist.com/jsb/widgets?v=4ENZ6mbLdBrzOHeyHx4CP3_9EZWI57NyO-atJzEabuM1

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

de516b4acb4ee5faedabea9e25206442889f9880aa24eaa807dfb117a1836ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:05 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
last-modified: Fri, 06 Oct 2023 04:46:06 GMT
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 4456
expires: Sat, 05 Oct 2024 04:46:06 GMT

GET
H2 200 template Show response
www.timescolonist.com/jsb/ 150 KB
65 KB 131ms
128ms Script
text/javascript 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timescolonist.com/jsb/template?v=7GKeCh7jydLg4ZDz4B92HVz3m3jZlKuYPqyPXT0u9CQ1

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

46216ea1d58aaaa7c6db7e7b3933b56b167dae4f16777d5f22af50c37eb017c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:05 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
last-modified: Fri, 06 Oct 2023 04:46:06 GMT
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 66017
expires: Sat, 05 Oct 2024 04:46:06 GMT

GET
H2 200 e4z06gxw.js Show response
l.getsitecontrol.com/ 433 B
1 KB 142ms
39ms Script
text/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/e4z06gxw.js
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 72392d1ac892809f20182d861477b0181ea96f8d38b92038b701e3e044af849f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: br
cdn-edgestorageid: 1082
x-amz-request-id: 399F2C0DFAWJ0SEG
x-amz-server-side-encryption: AES256
cdn-cachedat: 08/12/2023 06:39:33
cdn-pullzone: 89704
cross-origin-resource-policy: cross-origin
x-amz-id-2: QXXw0aBnl0wztBSgw4t/rdy3hUizGy5W2aB3xoHd6mG5aEODYIFlE8T95LxolG18jX8BhtlrplM=
last-modified: Fri, 11 Aug 2023 21:29:52 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"a247a66c3d04d5fb5c3c388395185b9d"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
cdn-requestid: 2c54dce8876794a6854739ae55568f0f
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 p.js Show response
cdn.parsely.com/keys/timescolonist.com/ 73 KB
26 KB 146ms
46ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/timescolonist.com/p.js
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 61419fb440d1503d2daec0c0d184b7d8dfbc292a4198e791477bf33faf35dc2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: public
date: Thu, 05 Oct 2023 06:33:54 GMT
content-encoding: gzip
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 13:04:20 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 79932
etag: W/"645b9654-1235f"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: APYgYvSNjRvDADkcyCV98NAi1_P-KIxp0JjZwH5MxPBQqXp8M1HUvg==
expires: Fri, 06 Oct 2023 06:33:54 GMT

GET
H2 200 flipptag.js Show response
cdn-gateflipp.flippback.com/tag/js/ 94 KB
35 KB 418ms
320ms Script
application/javascript 18.66.97.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-86.fra56.r.cloudfront.net
Software: envoy /
Resource Hash: 6a16884188426376f22c688c82917873d1080856c289b853dadbb411e3079b95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: gzip
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
server: envoy
x-amz-cf-pop: FRA56-P2
vary: Origin,Origin, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-store
x-envoy-upstream-service-time: 4
x-amz-cf-id: 6-9uGtpyRTfTl8Sx9__EfDBVdbhKLcGgUqmp_c3GNOe-TcOtk-ukew==

GET
H2 200 vtc-logo-192x192.png
www.vmcdn.ca/files/victoriatimescolonist/images/static-images/ 3 KB
4 KB 185ms
74ms Image
image/png 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/victoriatimescolonist/images/static-images/vtc-logo-192x192.png
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e01f4e7e75b7a6d14cd9fa9bf25b9b5670b685b4f79f34875d957af0f0c10fc9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 22:06:18 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 1233588
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=vtc-logo-192x192.png
alt-svc: h3=":443"; ma=86400
content-length: 3494
x-amz-cf-id: XbzmsBGd6o7CcYyLMndIG46rRZBEx4pkx-vuNLAq94i7rSvUH6NVMg==
expires: Sat, 21 Oct 2023 22:06:18 GMT

GET
H2 200 pushnotifications
www.timescolonist.com/cssb/ 1008 B
668 B 128ms
125ms Stylesheet
text/css 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timescolonist.com/cssb/pushnotifications?v=2UmPb4aEApjHMCYiQUaLE-VZUBu6SxaK2cqXXcj5cKE1

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2446e996cbacd3e30335d54ea38ff6377060763657ee926bc7e720adfc42d664

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:05 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
last-modified: Fri, 06 Oct 2023 04:46:06 GMT
vary: User-Agent
content-type: text/css; charset=utf-8
cache-control: public
content-length: 626
expires: Sat, 05 Oct 2024 04:46:06 GMT

GET
H2 200 pushnotifications Show response
www.timescolonist.com/jsb/ 7 KB
3 KB 129ms
126ms Script
text/javascript 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timescolonist.com/jsb/pushnotifications?v=qRnZKBPhIEaMA0pvatN59tFFhDcgwGKdBbseW6XXEmE1

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f68fc6b61c173662f77a4ac2f51953c42ba45770bd0891d0ed94bed485924c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:05 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
last-modified: Fri, 06 Oct 2023 04:46:06 GMT
vary: User-Agent
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 2846
expires: Sat, 05 Oct 2024 04:46:06 GMT

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 26 KB
26 KB 228ms
52ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c280232de6f03c8f03787cce1e328bfabe8b707e84ac317a3850ac6a4b66ad32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:06 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 26237
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 user-o.svg
www.vmcdn.ca/files/ui/icons/ 715 B
1 KB 117ms
40ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/user-o.svg
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/cssb/template_via?v=cm6Uakgivgpu3zbs4lXvzFzN0QIWOXAHyUQzaJAEzj01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 20c91e8fbcd29044b6c5f439edc4e293ee0821944202bdbc801d02303a6f72a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 23:01:56 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 2007849
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=user-o.svg
alt-svc: h3=":443"; ma=86400
content-length: 715
x-amz-cf-id: RDSCL9trhjI6nkZdisT_QNxetF3CxP4Yccga2hTSO8bp4mJU9xIBzA==
expires: Thu, 12 Oct 2023 23:01:57 GMT

GET
H2 200 search.svg
www.vmcdn.ca/files/ui/icons/ 442 B
815 B 118ms
41ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/search.svg
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/cssb/template_via?v=cm6Uakgivgpu3zbs4lXvzFzN0QIWOXAHyUQzaJAEzj01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 23:58:42 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 2004443
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=search.svg
alt-svc: h3=":443"; ma=86400
content-length: 442
x-amz-cf-id: Dl6gP58aObh2klgn-7oZS5mAFM9zkr2_D0S0tYSe5mKRX3SAB3v2Yg==
expires: Thu, 12 Oct 2023 19:31:20 GMT

GET
H2 200 gallery.svg
www.vmcdn.ca/files/ui/icons/ 150 B
527 B 117ms
40ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/gallery.svg
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/cssb/template_via?v=cm6Uakgivgpu3zbs4lXvzFzN0QIWOXAHyUQzaJAEzj01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: bf5dbb76dec2501feffb908acef66c2e039098836cea57ce66b7ad83504bda36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 23:15:12 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 1661453
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=gallery.svg
alt-svc: h3=":443"; ma=86400
content-length: 150
x-amz-cf-id: j3YnTekve3nyqHPAzhUPZTrUtRUUFB0wXaF_wBCCq3cTyYlL_uCGdQ==
expires: Mon, 16 Oct 2023 23:15:13 GMT

GET
H2 200 facebook-w.svg
www.vmcdn.ca/files/ui/icons/ 253 B
630 B 151ms
75ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/facebook-w.svg
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/cssb/template_via?v=cm6Uakgivgpu3zbs4lXvzFzN0QIWOXAHyUQzaJAEzj01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 254fd27c36e073f89ef5961a63316c877148fa78dbf20e612fb3fc1dbc3af906

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 04:39:20 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 1987605
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=facebook-w.svg
alt-svc: h3=":443"; ma=86400
content-length: 253
x-amz-cf-id: XxXsgcmUSadoTbJhLP3RzL4DdXajB_JymYxjgx77fW2MKABi9VFmiA==
expires: Fri, 13 Oct 2023 04:39:21 GMT

GET
H2 200 twitter-w.svg
www.vmcdn.ca/files/ui/icons/ 506 B
882 B 59ms
59ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/twitter-w.svg
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/cssb/template_via?v=cm6Uakgivgpu3zbs4lXvzFzN0QIWOXAHyUQzaJAEzj01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: dba6ea9ecb296ddd7d0c150a586fe6949b8f79fc8026db799723690ac9aa36bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 00:38:28 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 1829257
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=twitter-w.svg
alt-svc: h3=":443"; ma=86400
content-length: 506
x-amz-cf-id: X0VZmGleemAKGBzIdrXVimj3CS2YLJ1uuMRPojXBtdb34OsAQ0nCXQ==
expires: Sun, 15 Oct 2023 00:38:29 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Poppins:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.timescolonist.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 07:45:30 GMT
x-content-type-options: nosniff
age: 248436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 02 Oct 2024 07:45:30 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 130ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Poppins:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.timescolonist.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 07:35:17 GMT
x-content-type-options: nosniff
age: 594649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 07:35:17 GMT

GET
H2 200 opensans-bold.woff2
www.timescolonist.com/css/fonts/ 19 KB
19 KB 124ms
124ms Font
application/font-woff2 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timescolonist.com/css/fonts/opensans-bold.woff2

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/cssb/template_via?v=cm6Uakgivgpu3zbs4lXvzFzN0QIWOXAHyUQzaJAEzj01

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Referer: https://www.timescolonist.com/cssb/template_via?v=cm6Uakgivgpu3zbs4lXvzFzN0QIWOXAHyUQzaJAEzj01
Origin: https://www.timescolonist.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:05 GMT
strict-transport-security: max-age=63072000;
last-modified: Thu, 07 Sep 2023 15:22:54 GMT
etag: "37915e2c9fe1d91:0"
content-type: application/font-woff2
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19724

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ 419 KB
132 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65358
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134829
x-xss-protection: 0
server: cafe
etag: 3697166202567710199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 04 Oct 2024 10:36:48 GMT

POST
H2 200 me Show response
www.timescolonist.com/account/ 369 B
688 B 127ms
126ms XHR
application/json 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timescolonist.com/account/me

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/jsb/widgets?v=4ENZ6mbLdBrzOHeyHx4CP3_9EZWI57NyO-atJzEabuM1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e252dfbcda9738db02e7f462ac25304ca504f7cdf3733ee5ecfc7e02cc470dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:05 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private
content-length: 407

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 292ms
58ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1696567566279&plid=8b4a0c4d-5c5f-461e-a00c-3a3add38928e&idsite=timescolonist.com&url=https%3A%2F%2Fwww.timescolonist.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.timescolonist.com%2F&sref=&sts=1696567566273&slts=0&title=Victoria+Times+Colonist+-+Victoria+Times+Colonist&date=Fri+Oct+06+2023+06%3A46%3A06+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=93dc733e-f7ec-455f-9325-6bca18f6da76&u=pid%3D97b36556-1d11-4261-8fb5-ca2768569697
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 04:46:06 GMT
Cache-Control: no-cache
Last-Modified: Friday, 06-Oct-2023 04:46:06 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 e4z06gxw.json Show response
l.getsitecontrol.com/ 52 KB
5 KB 267ms
189ms XHR
application/json 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/e4z06gxw.json
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/e4z06gxw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 860ff19f786725e01af9cf24846e0e8c982408c189c9a8a5820e41af94eaf3d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: br
cdn-edgestorageid: 1081
x-amz-request-id: ZFPQAE5JQVXMNXT4
x-amz-server-side-encryption: AES256
cdn-cachedat: 08/11/2023 21:31:22
cdn-pullzone: 89704
cross-origin-resource-policy: cross-origin
x-amz-id-2: IU/bbOxYkvXmXQUvWARVbv7vXdcRIC2T0pAuLqgdT/uKxQStjmgX/QuCjVcPIyEbW5ZOMxz+3b8=
last-modified: Fri, 11 Aug 2023 21:29:52 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6a440dc5148bc74ca0b890dce43f82e9"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=0
access-control-max-age: 3000
cdn-requestid: 839334b536285d797134e62f2878365c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 v2softe6C3tgUTM7NQgMh-hBN7iVrS_gVdDZxyPki21OEh4C-yGl33FQ Show response
beginnerpancake.com/ 68 KB
24 KB 601ms
53ms Script
text/javascript 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://beginnerpancake.com/v2softe6C3tgUTM7NQgMh-hBN7iVrS_gVdDZxyPki21OEh4C-yGl33FQ

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

44c01234e7ee6240f166d753fadfcc59baecf09389ddf5879d75185cae5dfc9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Fri, 06 Oct 2023 04:46:06 GMT
x-datacenter: gce-europe-west1
etag: "dbf77a9e25ab5d84b6444b8fd49a5d3d91ebf44c03ad3eb2af68c5e6995c6278"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-w5gn
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 998028631
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 119ms
39ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Oct 2023 04:46:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: CLbGjmg75a5y0jPXh3HrDUW9QQ22o/OC2UhXAWiNv4OdvL4D5p2wXm27XM039+p9cayxS0IwJM7Zd6kG2VvNtA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 160ms
39ms Script
text/javascript 2600:9000:2250:fc00:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:fc00:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date: Thu, 05 Oct 2023 05:16:05 GMT
Via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 84602
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Wed, 06 Sep 2023 03:40:59 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: fpuHHvNOK-psGH43GUuYmg61iLZ1c5eaRnNZeHMlpAzuBAeHgoN9IQ==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 137 KB
30 KB 145ms
56ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16f97878909c2763c2d7c1219472c3d3130a8007a6ea852049e388ea752fb697

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 05 Oct 2023 10:57:30 GMT
server: cloudflare
x-amz-request-id: TXSVPXMAWDDPNF02
age: 3394
etag: W/"cc596ad33b7bfdd4553b44192a81e29f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 811b423a4cd3bb89-FRA
x-amz-id-2: 0jVrbYx3ql5VLFUDtetvi1UaUmqe8QJMkyg72cQAUUd7kd3C77rqwJU96wRwPKwRHsFkuiIHpWs=

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 132ms
43ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:10:11 GMT
content-encoding: gzip
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 34556
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: JS0CjMoIDssX813OLYBfcvUHDh0DA6UdLTN7MHZ2CcosoBCyEMmPPg==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 141ms
54ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: cb437f775d86f9b66d02a6c5efd10663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 133ms
52ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40082
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciRLZyX4bSdTBjkQ8onvrvJ6MpduMcisB01RRYYwFZ5Jh0uRvJKe36b66O671U0%2Fq29MMp3sOdtj8qOdBV73fDY%2BKMyNhqsjyU1gHouvNGXvqyRo8ihLCqHM4gSJI%2FGhyD8%2BFP7UU9ekg3LprnU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 811b423a4f7c4db9-FRA

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 131ms
40ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 16 Sep 2023 10:57:29 GMT
content-encoding: gzip
age: 1705717
x-guploader-uploadid: ADPycdtmD1wiTrOpacBIYP9ssEidAwvjngT2uC9jYq-3zAubPPUHZdvbG1LH0DuehH907uBfD1f7-gwtrwYIsNOGClpGxQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sun, 15 Sep 2024 10:57:29 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 14 KB
5 KB 151ms
45ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 17:20:48 GMT
server: cloudflare
age: 298288
etag: W/"650886f0-39ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 811b423b39bb928d-FRA
expires: Mon, 09 Oct 2023 04:46:06 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 187ms
88ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f783f50d16dc6bea1fcd66db728853f7a864c5e4217bf90f0cd08765d1164a9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 03 Oct 2023 11:24:04 GMT
server: nginx
etag: W/"651bf9d4-a892"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 07 Oct 2023 04:46:06 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
702 B 270ms
270ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3921321860314403&correlator=904540174104601&eid=31078561&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=21849154601%3A4326737%2CAd.Plus-Glacier-Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=503903330&sfv=1-0-40&ists=1&fas=8&sc=1&cookie_enabled=1&abxe=1&dt=1696567566330&lmt=1696560356&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.timescolonist.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1990525788.1696567566&ga_sid=1696567566&ga_hid=780380341&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY97-6mrAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj3v7qasDFIAFICCGQSGQoKcHViY2lkLm9yZxj3v7qasDFIAFICCGQSFwoIcnRiaG91c2UY97-6mrAxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGPe_upqwMUgAUgIIZBIZCgp1aWRhcGkuY29tGPe_upqwMUgAUgIIZBIUCgVvcGVueBj3v7qasDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPe_upqwMUgAUgIIZA..&dlt=1696567565713&idt=590&adks=2767976590&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff4b86ab4db1b5474e80a99cd03392feffd19a6f1dd66736450e11c0788e213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 671
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fe745a2caaf3ca290cd2554931751bd0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2560 6 KB
3 KB 163ms
47ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fe745a2caaf3ca290cd2554931751bd0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:06 GMT
expires: Sat, 05 Oct 2024 04:46:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ 37 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl_page_level_ads.js?cb=31078561

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed2dc6197db320dbb5f71701e2c6726f550c664ac2af93a45be77fd5aa6bbf57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:39:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65208
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13133
x-xss-protection: 0
server: cafe
etag: 7292547787051703637
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 04 Oct 2024 10:39:18 GMT

POST
H2 200 weatherwidget Show response
www.timescolonist.com/external/ 126 B
348 B 125ms
124ms XHR
application/json 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timescolonist.com/external/weatherwidget?weatherCode=BC/s0000775_e

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/jsb/template?v=7GKeCh7jydLg4ZDz4B92HVz3m3jZlKuYPqyPXT0u9CQ1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

66c49c78219c3141a759bb2ecd97aac2674e9191c2cbf232910b493c356221f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Accept: */*
Referer: https://www.timescolonist.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:05 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000;
last-modified: Fri, 06 Oct 2023 04:37:23 GMT
content-type: application/json; charset=utf-8
cache-control: public, max-age=376
content-length: 227
expires: Fri, 06 Oct 2023 04:52:23 GMT

GET
H2 200 756296 Show response
www.timescolonist.com/widgets/ 4 KB
1 KB 127ms
127ms XHR
text/html 20.49.104.7
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.timescolonist.com/widgets/756296

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/jsb/template?v=7GKeCh7jydLg4ZDz4B92HVz3m3jZlKuYPqyPXT0u9CQ1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

20.49.104.7 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d3771b0d9018321d4da3b1cadc2dab61863ac2ffd3460e4d2eae3c712148ace4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000;

Request headers

Accept: */*
Referer: https://www.timescolonist.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:05 GMT
cache-control: private
content-encoding: gzip
strict-transport-security: max-age=63072000;
content-length: 1059
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 web1_vka-cmyk-icecream-7765.jpg;w=300;h=200;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/ 21 KB
21 KB 51ms
47ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/web1_vka-cmyk-icecream-7765.jpg;w=300;h=200;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: dd94cc7df3dd76c094a9b5269ab1cfc954a0eb2562d96bf5aea90e9d7be60050

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 21:25:34 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 26432
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 21140
x-amz-cf-id: U1mcrWAD-ha_Ai9jhJOZYD0FhfhZ84LpFTO3MClTr5rmX_M0X64dew==
expires: Fri, 04 Oct 2024 21:23:24 GMT

GET
H2 200 web1_scales-of-justice.jpeg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/ 4 KB
5 KB 54ms
51ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/web1_scales-of-justice.jpeg;w=100;h=67;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 983e70ad299e65d2bdc81585ad74f0489b16bf96d583004e0a104b874d5bb25a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 09:42:22 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 68624
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 4424
x-amz-cf-id: SsUpXMeJzB5Y1z4BUbId0q_QfjpEm4DqWZPd9dkcgCuduLRei3PyDQ==
expires: Fri, 04 Oct 2024 09:42:22 GMT

GET
H2 200 20231005191020-651f44f438f5f64034095865jpeg.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/shared/feeds/cp/2023/10/ 3 KB
3 KB 54ms
51ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/shared/feeds/cp/2023/10/20231005191020-651f44f438f5f64034095865jpeg.jpg;w=100;h=67;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 89c18ec02bc070e5d6d3a21316a7ecd9bda0c143c4b4f9c278a07fecf618fe4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 00:08:53 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 16632
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 2866
x-amz-cf-id: 7qD2BlShiXXM3cZPSJpOg-hSkIRaGwx8UAqW1-B0R1nf41tqjfhZaw==
expires: Sat, 05 Oct 2024 00:08:54 GMT

GET
H2 200 web1_10062023-vtc-news-assault.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/ 4 KB
4 KB 55ms
52ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/web1_10062023-vtc-news-assault.jpg;w=100;h=67;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: d44928469e42e2bbc751e3350da63e1e5d2d24dcf4a2b77e9b3d0e0ea6b84360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 20:59:59 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 27967
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 3778
x-amz-cf-id: Fc9HHQRGh728yMBJUcIeoYzw4OhHWf7F8JXbecjOstCFrunp9Ar06Q==
expires: Fri, 04 Oct 2024 20:57:07 GMT

GET
H2 200 web1_vka-spirit-2788.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/ 3 KB
4 KB 56ms
54ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/web1_vka-spirit-2788.jpg;w=100;h=67;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: c772ce27f971858ba94a51b8653f6303ad90ec63fed2ff8f05c7f09e2d597b8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 12:09:42 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 59783
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 3265
x-amz-cf-id: 2xBbJRY5yrnSQgsk2kYhR_aTKKUAQKJG03JEsGAxyU0qKfa9jItBAg==
expires: Fri, 04 Oct 2024 12:02:07 GMT

GET
H2 200 web1_timothy-vernon-2.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/ 2 KB
3 KB 57ms
55ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/web1_timothy-vernon-2.jpg;w=100;h=67;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 48e75bceb657217fc848c84bdf8eeb661476f94e66ed231dfe2fd1a6eb8212aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 11:22:37 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 62609
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 2463
x-amz-cf-id: 1nreOBIxbpDSj2gjKR_m3XHhcJAmie4HMhM6-v6cnj42s161kitwNw==
expires: Fri, 04 Oct 2024 11:19:11 GMT

GET
H2 200 smokestacksbc.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/glaciermedia/images/getty-images/ 2 KB
3 KB 57ms
55ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/glaciermedia/images/getty-images/smokestacksbc.jpg;w=100;h=67;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1abbe630a225d7567dcfe02803639d185ed8dc34bfb87e00ab03a44028275090

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 19:21:32 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 33874
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 2439
x-amz-cf-id: EcZpaecPHkP8VTTQQ9x0sgdG9EpuKVr8OqVydnNFQuCnhLrg9TdQ3w==
expires: Fri, 04 Oct 2024 19:17:05 GMT

GET
H2 200 web1_pics0010--1-.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/ 3 KB
3 KB 58ms
56ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/web1_pics0010--1-.jpg;w=100;h=67;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3f76e7b51353152adf05d1ea281552c4bcb9d8b3456b174e1fe5ece63b82e0da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 14:06:07 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 52798
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 3237
x-amz-cf-id: O27RxuYWhHYSWo1VUQl-yNYXfYplHI8PFpvPZT9jD8WxW_RxSw9ciQ==
expires: Fri, 04 Oct 2024 14:01:19 GMT

GET
H2 200 web1_dr-keith-roach-with-bkg.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/ 2 KB
3 KB 60ms
59ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/web1_dr-keith-roach-with-bkg.jpg;w=100;h=67;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: ead4576828cae40843d797ac681f6adc60ec6876ddac4dd72348ac8229efb6b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:22:19 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 231827
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 2306
x-amz-cf-id: YG4jjzXURGIASh4Al2FCkLsMEnpjbeUep7Gi2gsZIay4RIMnZyy7Ow==
expires: Wed, 02 Oct 2024 12:16:47 GMT

GET
H2 200 web1_20230906090956-803a250696ab7637245a3aeb13e7892b96f4d107ee96fbd28145b360649bb9d2.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/ 4 KB
4 KB 59ms
58ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/web1_20230906090956-803a250696ab7637245a3aeb13e7892b96f4d107ee96fbd28145b360649bb9d2.jpg;w=100;h=67;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: d664868779db60fa28f3e2b1d20765ebc66c3ab5ab41f4da25d0a74393e06c09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 05:25:29 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 84037
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 4152
x-amz-cf-id: JjWeMR14zQ-hJsZB37va3gouveKlhbUM3rfv2VyU_d6_kvBQhC38IA==
expires: Fri, 04 Oct 2024 05:12:47 GMT

GET
H2 200 web1_garlic-red-rocambole--porcelain-july-2014.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/ 4 KB
4 KB 62ms
60ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/10/web1_garlic-red-rocambole--porcelain-july-2014.jpg;w=100;h=67;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: ef2f3a1f9b98efe5883c98199cd070cb8210b8f5b1c9171bfa9d88acc5a43872

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 12:21:48 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 145458
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 3812
x-amz-cf-id: gXI4DABq5qoEFoXDF1u8_3PdkWER55zXflG6GbkZOAQe3dkLK743ww==
expires: Thu, 03 Oct 2024 12:17:10 GMT

GET
H2 200 web1_cranberry-chutney-with-apples-raisins-and-ginger.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/09/ 4 KB
4 KB 63ms
62ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/09/web1_cranberry-chutney-with-apples-raisins-and-ginger.jpg;w=100;h=67;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 60622d59f64716ecf1f91f3cd763a62a89f260296de6f3aad16f6b884c46fc50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 11:45:37 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 147629
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 4192
x-amz-cf-id: 21u5Q7bgz48yn2SnO8rvBsLf1JqMh0o10PXdocsUd-tMAc532LH2UQ==
expires: Thu, 03 Oct 2024 11:32:33 GMT

GET
H2 200 web1_pics0010--1-.jpg;w=100;h=67;mode=crop
www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/01/ 3 KB
3 KB 64ms
63ms Image
image/jpeg 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/f/files/victoriatimescolonist/json/2023/01/web1_pics0010--1-.jpg;w=100;h=67;mode=crop
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3f76e7b51353152adf05d1ea281552c4bcb9d8b3456b174e1fe5ece63b82e0da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 12:22:28 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
server: CloudFront
age: 231817
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public
alt-svc: h3=":443"; ma=86400
content-length: 3237
x-amz-cf-id: XPwdxDDYAHDezL7o6LvJKzbHwFyck6Jc440j79DSIBRP8PHD2N_Xcg==
expires: Wed, 02 Oct 2024 12:16:46 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 128ms
49ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231006

Requested by

Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/25542.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c550961c64fcfc26e556c028ef9747b25f32e5eb0fc45a20a2ef0d87ee52e8e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2707
x-jsd-version: 1.0.1834
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-yyz4554-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"63f-zdz8vCIamZSvo1edzkJrU6FjXkY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p4oYn0cO4eTYBQMn9zIKfbd%2FmmsJ9zj5HOIfHff7AFEFT3ya3yrq9tBMKZyd2cOT9ojysSdJXERWhWOBRTQm2QlZqbMRxhQ59wMGMOdMjXy2gNpB2fvRKBSelY1PUp9V1b8bbcJYVWnxVa2Msig%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 811b423a9f321e57-FRA

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 927 B
2 KB 270ms
136ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25542&site_id=484006&zone_id=2868670%3B2962108%3B2962108%3B2962108%3B2868668&size_id=2%3B15%3B15%3B15%3B19&alt_size_ids=57%3B2%2C10%2C19%2C43%2C48%2C57%2C85%3B2%2C10%2C19%2C43%2C48%2C57%2C85%3B2%2C10%2C19%2C43%2C48%2C57%2C85%3B43%2C44&rf=https%3A%2F%2Fwww.timescolonist.com%2F&kw=TimesColonist%2CNews%2CDaily%2CVictoria&tg_i.domain=timescolonist.com&tg_i.page=https%3A%2F%2Fwww.timescolonist.com%2F&tg_i.aupname=4326737%2Fatex_TC_site_section_subsection_3to1%3B4326737.*%3B4326737.*%3B4326737.*%3B4326737%2Fatex_TC_site_section_subsection_300x100&tg_i.pbadslot=%2F4326737%2Fatex_TC_site_section_subsection_3to1_S1_RON_GNG-network%3B%2F4326737%2Fvtc_sponsored_content_article_S2%3B%2F4326737%2Fvtc_sponsored_content_article_S1%3B%2F4326737%2Fvtc_sponsored_content_article_S3%3B%2F4326737%2Fatex_TC_site_section_subsection_300x100_S1_RON_GNG-network&tk_flint=dmpbjs_v7.54.0&x_source.tid=c962718e-bfe3-4efb-a55d-7b213d17a408%3B7512265a-e26c-48bd-9ced-67f82104f308%3B63ddd03f-3fcc-4a87-88d2-5549f0d082df%3Bf9918331-2104-4e3c-97bb-8a8b0f234f54%3Bc0dad6a3-53e9-471f-afc4-f85fd6bcce78&l_pb_bid_id=29353e50f98fcd%3B3940af389f42ad%3B4c59da385896d1%3B5352a52c97a547%3B644625969aba0e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c962718e-bfe3-4efb-a55d-7b213d17a408%3B7512265a-e26c-48bd-9ced-67f82104f308%3B63ddd03f-3fcc-4a87-88d2-5549f0d082df%3Bf9918331-2104-4e3c-97bb-8a8b0f234f54%3Bc0dad6a3-53e9-471f-afc4-f85fd6bcce78&rp_maxbids=1&p_gpid=%2F4326737%2Fatex_TC_site_section_subsection_3to1_S1_RON_GNG-network%3B%2F4326737%2Fvtc_sponsored_content_article_S2%3B%2F4326737%2Fvtc_sponsored_content_article_S1%3B%2F4326737%2Fvtc_sponsored_content_article_S3%3B%2F4326737%2Fatex_TC_site_section_subsection_300x100_S1_RON_GNG-network&slots=5&rand=0.941933095649262
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/25542.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 753a79f75821b5ba407fdd1aaa46773bd7bd855d49c6b100951e202e47c8b42c

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 385 B
733 B 285ms
152ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25542&site_id=484006&zone_id=2970330&size_id=15&rf=https%3A%2F%2Fwww.timescolonist.com%2F&kw=TimesColonist%2CNews%2CDaily%2CVictoria&tg_i.domain=timescolonist.com&tg_i.page=https%3A%2F%2Fwww.timescolonist.com%2F&tg_i.aupname=4326737%2FLocal_Raffle&tg_i.pbadslot=%2F4326737%2FLocal_Raffle&tk_flint=dmpbjs_v7.54.0&x_source.tid=906377b3-2f35-4b06-8c0e-cae66dff32c1&l_pb_bid_id=8f9ae60e6b90a9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=906377b3-2f35-4b06-8c0e-cae66dff32c1&rp_maxbids=1&p_gpid=%2F4326737%2FLocal_Raffle&slots=1&rand=0.828284913061534
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/25542.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ae3febbac761ac6a28ebd6c5252a4c3ed4e3a1a5eb55dc14c39007708d2d747b

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 385
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 475 B
823 B 239ms
108ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25542&site_id=484006&zone_id=2868666&size_id=15&alt_size_ids=10%2C48&rf=https%3A%2F%2Fwww.timescolonist.com%2F&kw=TimesColonist%2CNews%2CDaily%2CVictoria&tg_i.domain=timescolonist.com&tg_i.page=https%3A%2F%2Fwww.timescolonist.com%2F&tg_i.aupname=4326737%2Fatex_TC_site_section_subsection_1to2&tg_i.pbadslot=%2F4326737%2Fatex_TC_site_section_subsection_1to2_S1_RON_GNG-network&tk_flint=dmpbjs_v7.54.0&x_source.tid=8222ed20-587d-49c4-9ea7-4542f7bb7c43&l_pb_bid_id=10c25f574b68106&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=8222ed20-587d-49c4-9ea7-4542f7bb7c43&rp_maxbids=1&p_gpid=%2F4326737%2Fatex_TC_site_section_subsection_1to2_S1_RON_GNG-network&slots=1&rand=0.916921853061039
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/25542.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3412745aa97815bd64a8c4f0411148d520025e6c7488962dc8f8f1ecab5c4f1a

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 475
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 472 B
998 B 179ms
50ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=25542&site_id=484006&zone_id=2868664&size_id=15&alt_size_ids=48&rf=https%3A%2F%2Fwww.timescolonist.com%2F&kw=TimesColonist%2CNews%2CDaily%2CVictoria&tg_i.domain=timescolonist.com&tg_i.page=https%3A%2F%2Fwww.timescolonist.com%2F&tg_i.aupname=4326737%2Fatex_TC_site_section_subsection_1to1&tg_i.pbadslot=%2F4326737%2Fatex_TC_site_section_subsection_1to1_S1_RON_GNG-network&tk_flint=dmpbjs_v7.54.0&x_source.tid=bf16f7b3-7486-407e-a49c-206692ab3f12&l_pb_bid_id=12a3a76f357d584&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=bf16f7b3-7486-407e-a49c-206692ab3f12&rp_maxbids=1&p_gpid=%2F4326737%2Fatex_TC_site_section_subsection_1to1_S1_RON_GNG-network&slots=1&rand=0.2499866508457962
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/25542.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b40daee35f0d53eb726d97b519eac32436cacd6fb1c87dd9865687bd182fb1b6

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 472
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
63 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5137365-64&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBSLQ6JW94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

247c14caeae34037bb79af5d318f14dd3d6f29715fa23bfe589fcb73f0547046

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64837
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Oct 2023 04:46:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
80 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9KXE0TFJ8Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBSLQ6JW94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fabe8086691b1e70e97aadc94cebae5140a479853570f793bae4ca35994c835e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81513
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 04:46:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 173 KB
64 KB 61ms
60ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-37383801-16&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBSLQ6JW94

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7e95019e6fb117df89850872ce2456fd2bff9ba874c089ed826033e124d48555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64999
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Oct 2023 04:46:06 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 141ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LBSLQ6JW94&gtm=45je3a40&_p=780380341&_gaz=1&cid=1990525788.1696567566&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696567566&sct=1&seg=0&dl=https%3A%2F%2Fwww.timescolonist.com%2F&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&en=page_view&_fv=1&_ss=1&_ee=1&ep.Site=82&ep.ParentSite=19
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBSLQ6JW94
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 146ms
48ms Ping
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LBSLQ6JW94&cid=1990525788.1696567566&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBSLQ6JW94
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 149ms
52ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LBSLQ6JW94&cid=1990525788.1696567566&gtm=45je3a40&aip=1&z=1236962673

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publisher_settings Show response
discoverevvnt.com/api/publisher/9555/ 7 KB
2 KB 241ms
137ms Fetch
application/json 2600:9000:2156:8400:3:1a27:3000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discoverevvnt.com/api/publisher/9555/publisher_settings
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8400:3:1a27:3000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2f3d236c71c54380d4ca1efedc9751caa17019a1143c6e71339fcfa0e0306eb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:45:59 GMT
content-encoding: gzip
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
age: 7
etag: "ocmua26m6a57u"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
x-amz-cf-id: 1I2iefz8x-r15arZ5chE8DtGCgDEa3ver5Z17cNcQ1J5YKyCmtP04Q==

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 166ms
53ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.timescolonist.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Fri, 06 Oct 2023 04:46:06 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 60ms
52ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:06 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 60 B
546 B 534ms
374ms XHR
application/json 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=100229&ref=https%3A%2F%2Fwww.timescolonist.com%2F
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 714779b6a08010a319b7802ac78facee6aeda9a0517a7668eb7b83e0dd332f3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:06 GMT
ETag: W/"3c-FHh1NaUdVleUkSi1+N8gAg7m6Pg"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 60
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H3 200 30.svg
www.vmcdn.ca/files/ui/icons/weather/ 1 KB
817 B 41ms
40ms Image
image/svg+xml 18.66.112.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vmcdn.ca/files/ui/icons/weather/30.svg
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-105.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 5301865c5df2d755330b0be4ae37c8fc3293704d8039f3b0e1febe40087bfbeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 05:18:14 GMT
content-encoding: gzip
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
age: 1294072
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public
content-disposition: inline; filename=30.svg
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nmj62fEqmMW76QhKRwKrJYJaUFM0_ulBTHsWwKg-0PS48tc6y4IvXQ==
expires: Sat, 21 Oct 2023 05:18:14 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
237 B 143ms
42ms XHR
text/plain 162.19.138.118
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533569.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.timescolonist.com
date: Fri, 06 Oct 2023 04:46:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 2217569218503284 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2217569218503284?v=2.9.132&r=stable&domain=www.timescolonist.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00e2d2a3b34f5dcc70816f6c35a5b65fbaa57c2949cfa3d388c139bfb2cd2e3b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Oct 2023 04:46:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 34750
x-xss-protection: 0
pragma: public
x-fb-debug: Y6AQoNB+QZGJEskadDR5oi/S5wJK8RMRgp0lYlW2Nc/bLA0qFrPlCie51KJfAXWot1yHXFfljiNIR/G2Ic02iQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
339 B 185ms
56ms XHR
application/json 34.249.118.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.118.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-118-122.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 66ff9972e9b8e795536669a564a120777a701df7388052753e81ed4b97af0e7c

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache
x-server: 10.45.14.232
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.timescolonist.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.timescolonist.com%2F&rid=esp&cc=1

85 B
194 B

150ms
148ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.timescolonist.com%2F&rid=esp&cc=1
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: cb886f4c083307381f0a765ddb93e3db36f6a7949796b1e26aa61cde62d21054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-xdZvxbnmyfSzSc2lKdQbFNFjHTc"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.timescolonist.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 06 Oct 2023 04:46:06 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.timescolonist.com
location: /esp?url=https%3A%2F%2Fwww.timescolonist.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 136ms
39ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5137365-64&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 03:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3384
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 06 Oct 2023 05:49:42 GMT

GET
H2 200 runtime.cbd9bc4.js Show response
s2.getsitecontrol.com/widgets/es6/ 152 KB
52 KB 136ms
39ms Script
text/javascript 2400:52e0:1e00::1047:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.getsitecontrol.com/widgets/es6/runtime.cbd9bc4.js
Requested by: Host: l.getsitecontrol.com
URL: https://l.getsitecontrol.com/e4z06gxw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1047:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1047 /
Resource Hash: daeb6682331f94036a090d9ed07bfd0a06bbd2cd99b086ea49e2e9301449c869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: br
cdn-edgestorageid: 722
x-amz-request-id: PYM694RD4RTFZRQ1
x-amz-server-side-encryption: AES256
cdn-cachedat: 08/02/2023 09:25:29
cdn-pullzone: 83560
cross-origin-resource-policy: cross-origin
x-amz-id-2: FkCg24FDaO2cjvb00ZvqVtPFEhopMYfnM0L9i4C1Hz6eFaBSNoCbjbGRu1hRphSsee4gXXeeGgE=
last-modified: Wed, 02 Aug 2023 09:24:02 GMT
server: BunnyCDN-DE1-1047
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6a340ca2709105f9fd4a54bc1d506da3"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=22809600
cdn-requestid: 5c65d1b1b56d8181ca09c87b394854bb
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 46ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9KXE0TFJ8Y&gtm=45je3a40&_p=780380341&_gaz=1&cid=1990525788.1696567566&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696567566&sct=1&seg=0&dl=https%3A%2F%2Fwww.timescolonist.com%2F&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&en=page_view&_fv=1&_ss=1&_ee=1&ep.Site=82&ep.ParentSite=19
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KXE0TFJ8Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 48ms
48ms Ping
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9KXE0TFJ8Y&cid=1990525788.1696567566&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KXE0TFJ8Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 52ms
52ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9KXE0TFJ8Y&cid=1990525788.1696567566&gtm=45je3a40&aip=1&z=1429143013

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 456ms
455ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3921321860314403&correlator=1599908531763853&eid=31078561&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=4326737%2Catex_TC_site_section_subsection_1to1_S1_RON_GNG-network&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x300%7C300x250&ifi=2&didk=156729937&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1696567566617&lmt=1696560356&adxs=980&adys=956&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.timescolonist.com%2F&vis=1&psz=300x0&msz=0x0&fws=4&ohw=1600&ga_vid=1990525788.1696567566&ga_sid=1696567566&ga_hid=780380341&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97-6mrAxSABSAghkEhkKCnB1YmNpZC5vcmcYuMG6mrAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPe_upqwMUgAUgIIZBIZCgp1aWRhcGkuY29tGPe_upqwMUgAUgIIZBIUCgVvcGVueBj3v7qasDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPe_upqwMUgAUgIIZA..&dlt=1696567565713&idt=590&cust_params=site%3Dwww.timescolonist.com%252Ctimescolonist.com%26ContentCategory%3DLanding%26LoggedIn%3DFalse%26User%3D0%26Member%3DFalse%26Subscriber%3DFalse%26WeatherCondition%3DClear%26WeatherTemperature%3D13&adks=2704434316&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4c9cceb3f24edb1df271404bf5a0803fa97af9b37ec0e30369d3fc88ede02b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12032
x-xss-protection: 0
google-lineitem-id: 5853536811
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374615255
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 121ms
39ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2217569218503284&ev=PageView&dl=https%3A%2F%2Fwww.timescolonist.com%2F&rl=&if=false&ts=1696567566632&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696567566631.1347753982&ler=empty&it=1696567566535&coo=false&exp=a1&rqm=GET

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 06 Oct 2023 04:46:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 451 712559.gif
idsync.rlcdn.com/ 0
98 B 163ms
50ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/712559.gif?partner_uid=83f9e246-7e47-4531-9934-02ae21e50e7c
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 642ms
642ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3921321860314403&correlator=2570833776310572&eid=31078561&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=4326737%2Catex_TC_site_section_subsection_1to2_S1_RON_GNG-network&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x300%7C300x250&ifi=3&didk=156729951&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd8423de50d6b86f2%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MZY4Fx_EABL9pcCJGS7FWftQF4TPw&gpic=UID%3D00000c8f75540edb%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MZCxL62G9eOe13QhniQDRjhC-D8pA&abxe=1&dt=1696567566667&lmt=1696560356&adxs=980&adys=288&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.timescolonist.com%2F&vis=1&psz=300x0&msz=0x0&fws=4&ohw=1600&ga_vid=1990525788.1696567566&ga_sid=1696567566&ga_hid=780380341&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97-6mrAxSABSAghkEhkKCnB1YmNpZC5vcmcYuMG6mrAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPe_upqwMUgAUgIIZBIZCgp1aWRhcGkuY29tGPe_upqwMUgAUgIIZBIUCgVvcGVueBj3v7qasDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGPe_upqwMUgAUgIIZA..&dlt=1696567565713&idt=590&cust_params=site%3Dwww.timescolonist.com%252Ctimescolonist.com%26ContentCategory%3DLanding%26LoggedIn%3DFalse%26User%3D0%26Member%3DFalse%26Subscriber%3DFalse%26WeatherCondition%3DClear%26WeatherTemperature%3D13&adks=1840573415&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b6d3992a5365ec845649ae1c07aea9e1783dbcce5f66cea3195fb3b04fddcd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11871
x-xss-protection: 0
google-lineitem-id: 5853536811
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374642865
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
13 KB 733ms
732ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3921321860314403&correlator=609042373788373&eid=31078561&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=4326737%2Catex_TC_site_section_subsection_3to1_S1_RON_GNG-network%2Cvtc_sponsored_content_article_S2%2Cvtc_sponsored_content_article_S1%2Cvtc_sponsored_content_article_S3%2Catex_TC_site_section_subsection_wallpaper_S1_RON_GNG-network&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=1x1%7C728x90%7C900x150%7C900x300%7C970x250%2C320x50%2C320x50%2C320x50%2C1920x800%7C1920x1200%7C1x2&fluid=0%2Cheight%2Cheight%2Cheight%2C0&ifi=4&didk=1814230681~156730288~156729946~156729947~1814060446&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd8423de50d6b86f2%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MZY4Fx_EABL9pcCJGS7FWftQF4TPw&gpic=UID%3D00000c8f75540edb%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MZCxL62G9eOe13QhniQDRjhC-D8pA&abxe=1&dt=1696567566707&lmt=1696560356&adxs=305%2C320%2C320%2C320%2C-160&adys=163%2C612%2C612%2C612%2C143&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.timescolonist.com%2F&vis=1&psz=990x90%7C300x0%7C300x0%7C300x0%7C1920x1200&msz=0x0%7C0x0%7C0x0%7C0x0%7C0x0&fws=4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600&ga_vid=1990525788.1696567566&ga_sid=1696567566&ga_hid=780380341&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97-6mrAxSABSAghkEhkKCnB1YmNpZC5vcmcYuMG6mrAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPe_upqwMUgAUgIIZBIZCgp1aWRhcGkuY29tGPe_upqwMUgAUgIIZBIUCgVvcGVueBj3v7qasDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO3CupqwMUgAUgIIag..&dlt=1696567565713&idt=590&cust_params=site%3Dwww.timescolonist.com%252Ctimescolonist.com%26ContentCategory%3DLanding%26LoggedIn%3DFalse%26User%3D0%26Member%3DFalse%26Subscriber%3DFalse%26WeatherCondition%3DClear%26WeatherTemperature%3D13&adks=2207274337%2C632493195%2C3458414125%2C3603973233%2C2582308588&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c083f1d0970b48ad23f7f82574cee30051b025d541db144d93008957e10e0653

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13653
x-xss-protection: 0
google-lineitem-id: 5853536811,-2,-2,-2,4777542638
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374640894,-2,-2,-2,138242124968
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 987ms
986ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3921321860314403&correlator=3673765804920957&eid=31078561&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fifs&iu_parts=4326737%2CLocal_Raffle&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x300&ifi=9&didk=156730291&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd8423de50d6b86f2%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MZY4Fx_EABL9pcCJGS7FWftQF4TPw&gpic=UID%3D00000c8f75540edb%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MZCxL62G9eOe13QhniQDRjhC-D8pA&abxe=1&dt=1696567566719&lmt=1696560356&adxs=650&adys=803&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.timescolonist.com%2F&vis=1&psz=300x0&msz=0x0&fws=4&ohw=1600&ga_vid=1990525788.1696567566&ga_sid=1696567566&ga_hid=780380341&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97-6mrAxSABSAghkEhkKCnB1YmNpZC5vcmcYuMG6mrAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPe_upqwMUgAUgIIZBIZCgp1aWRhcGkuY29tGPe_upqwMUgAUgIIZBIUCgVvcGVueBj3v7qasDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGO3CupqwMUgAUgIIag..&dlt=1696567565713&idt=590&cust_params=site%3Dwww.timescolonist.com%252Ctimescolonist.com%26ContentCategory%3DLanding%26LoggedIn%3DFalse%26User%3D0%26Member%3DFalse%26Subscriber%3DFalse%26WeatherCondition%3DClear%26WeatherTemperature%3D13&adks=3106542233&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

421c3f4099b79c560e89da5e82ea35cba3966f656fb8037d986031b597fe5633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11783
x-xss-protection: 0
google-lineitem-id: 5853536811
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138374615255
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A14F 15 KB
6 KB 142ms
50ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.timescolonist.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 364724
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 beacons
p.flipp.com/ 0
0 240ms
132ms Fetch 18.66.147.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.flipp.com/beacons
Requested by: Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1181177
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-39.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.timescolonist.com
access-control-allow-credentials: true
x-amz-cf-id: wyeV7SMn7sHQdrAvh0rnCybfZ5L-t3f_CdDLwPF5R_7ycgnqYAuq-Q==

GET
H2 200 1bd5d34e3cb4c76be920.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 71 KB
24 KB 45ms
43ms Script
text/javascript 2600:9000:206f:600:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/1bd5d34e3cb4c76be920.discovery_plugin.chunk.js
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0bc803ded3eb30a6da6c3a037589f7554a759eb01357fe52de1adc19193d87b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:33:07 GMT
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 20:21:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 47580
x-amz-server-side-encryption: AES256
etag: W/"ab6c7c6a4c0562bc0790dbbc1880e29c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9leyVM1goXUiVJhvm3mj0xnf6oKzGgyh_BDGYNH9GTwI2yjb1q-H7A==

GET
H2 200 a0368d675cf71bbaa5cc.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 34 KB
12 KB 48ms
47ms Script
text/javascript 2600:9000:206f:600:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/a0368d675cf71bbaa5cc.discovery_plugin.chunk.js
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b84009ecf1373c80ea33e60d88b829f6167b93a15db5772f4e03cb3bcd8c0e60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 03:48:42 GMT
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 20:21:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 3459
x-amz-server-side-encryption: AES256
etag: W/"b94a289c1543f040dc2be0bdc02617fe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dRBPsw5IClS8seZ9X1bd3mw4Y_UtSCPrNLYy8g1VnsX7_DUeEVudMA==

GET
H2 200 db7f16d74935addca99f.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 18 KB
6 KB 48ms
48ms Script
text/javascript 2600:9000:206f:600:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/db7f16d74935addca99f.discovery_plugin.chunk.js
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb6c96e1cbca6e03c3c70c6df213c6b2e82a567079dd999bc6733eef6f74fce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 03:48:42 GMT
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 20:21:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 3459
x-amz-server-side-encryption: AES256
etag: W/"26f3320b6632b47bcf8e21a533ae2d30"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: o0saY4qq2lDs3johRaKA22rZUhWArUg2JAS9M9hwxzYyJI8a5gDpnw==

GET
H2 200 77ccddbbb688c88ffa07.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 17 KB
6 KB 50ms
49ms Script
text/javascript 2600:9000:206f:600:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/77ccddbbb688c88ffa07.discovery_plugin.chunk.js
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f12fbc2e4919613355d1053c664072f16ab9cca4aac71decf20cfae72b8696c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 00:46:17 GMT
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 20:21:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 14390
x-amz-server-side-encryption: AES256
etag: W/"c2836a9c550c26efcb3427b8f519dbba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Irw8rrX7F78PaY5IYUbaIEbB2vqnyAnO9QT1XfZgEM2mBpI5zdYmdg==

GET
H2 200 06d117ebbaeadbfe17a8.discovery_plugin.chunk.js Show response
discovery.evvnt.com/prd/ 6 KB
3 KB 50ms
50ms Script
text/javascript 2600:9000:206f:600:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discovery.evvnt.com/prd/06d117ebbaeadbfe17a8.discovery_plugin.chunk.js
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9182aa29b47ea60b2979f1d02fe31215f4f660d489b05c3a094f7cf93762d660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 02:40:44 GMT
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 20:21:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 7523
x-amz-server-side-encryption: AES256
etag: W/"1cd6f7ae315b43ce4069c34daae90f22"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age= 31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5oyCXQF_C3v7HhS4c8_1AJlULkaXrfTKMx1Qzg7FupMJ0QWWD5isWw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
148 B 48ms
47ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=780380341&t=pageview&_s=1&dl=https%3A%2F%2Fwww.timescolonist.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAACAAI~&jid=1257190285&gjid=343016925&cid=1990525788.1696567566&tid=UA-5137365-64&_gid=947154070.1696567567&_r=1&gtm=457e3a40&cd1=82&cd23=19&jsscut=1&z=163857022

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 46ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=780380341&t=pageview&_s=1&dl=https%3A%2F%2Fwww.timescolonist.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAUABAAAAACAAI~&jid=1777176460&gjid=1842855843&cid=1990525788.1696567566&tid=UA-37383801-16&_gid=947154070.1696567567&_r=1&gtm=457e3a40&cd1=82&cd23=19&jsscut=1&z=1498566382

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
193 B 39ms
39ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=780380341&t=event&_s=2&dl=https%3A%2F%2Fwww.timescolonist.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Push&ea=On%20Load%20Soft%20Prompt&el=Push&_u=4CDAAUABAAAAACAAI~&jid=&gjid=&cid=1990525788.1696567566&tid=UA-5137365-64&_gid=947154070.1696567567&gtm=457e3a40&cd1=82&cd23=19&jsscut=1&cd20=False&cd21=False&z=1244085374

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 02:51:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6864
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 40ms
40ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=780380341&t=event&_s=2&dl=https%3A%2F%2Fwww.timescolonist.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Push&ea=On%20Load%20Soft%20Prompt&el=Push&_u=4CDAAUABAAAAACAAI~&jid=&gjid=&cid=1990525788.1696567566&tid=UA-37383801-16&_gid=947154070.1696567567&gtm=457e3a40&cd1=82&cd23=19&jsscut=1&cd20=False&cd21=False&z=646338679

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 02:51:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6864
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 events Show response
events.getsitectrl.com/api/v1/ 596 B
844 B 367ms
118ms Fetch
text/plain 34.195.236.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.getsitectrl.com/api/v1/events
Requested by: Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.cbd9bc4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.236.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-236-117.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: e74225242085a7bd25577b2b528b5c4d99bb997fdb8dd4bd4c33884d3b0c9c6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
server: Getsitecontrol
access-control-allow-methods: GET,POST
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,X-Requested-With
content-length: 596

GET
H3 200 4e1251346db872331a84.powered_by_evvnt.png
discovery.evvnt.com/prd/images/ 17 KB
17 KB 41ms
40ms Image
image/png 2600:9000:206f:600:18:a82e:7180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://discovery.evvnt.com/prd/images/4e1251346db872331a84.powered_by_evvnt.png
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:206f:600:18:a82e:7180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37d44df61428260da98324576010ebd04c0d5a1ce6774bbed15bbfbdfc141a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 15:39:05 GMT
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 47231
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17440
last-modified: Mon, 02 Oct 2023 20:21:26 GMT
server: AmazonS3
etag: "097fd79365bc9c17a0b1ec1596d8c8b7"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age= 31536000
accept-ranges: bytes
x-amz-cf-id: paui9R2US1KdnTnvfWRGXSQPbIMZMXr1cdEZb-A35fhOGb7k7Zss2w==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 49ms
48ms XHR
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-37383801-16&cid=1990525788.1696567566&jid=1777176460&gjid=1842855843&_gid=947154070.1696567567&_u=4CDAAUABAAAAACAAI~&z=1530098109

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Oct 2023 04:46:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 tp2
com-evvnt-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ Frame 0
0 434ms
127ms Preflight 3.136.222.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://com-evvnt-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.136.222.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-136-222-64.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.timescolonist.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.timescolonist.com
access-control-max-age: 600
content-length: 0
date: Fri, 06 Oct 2023 04:46:07 GMT
server: nginx

GET
H2 200 widget_events Show response
discoverevvnt.com/api/publisher/9555/ 28 KB
5 KB 47ms
46ms Fetch
application/json 2600:9000:2156:8400:3:1a27:3000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://discoverevvnt.com/api/publisher/9555/widget_events?multipleEventInstances=true&publisher_id=9555&hitsPerPage=15&widgetNumber=3
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8400:3:1a27:3000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f550c2aed0073f93de67a467541d8b88d8e7703033601d01162c57d7629ccd78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:45:27 GMT
content-encoding: gzip
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
age: 39
etag: "3chvwucjrrmcf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
x-amz-cf-id: ooVv3b9ahUZ9JlKkXqCI136B1rSaVF1p6NCAKjyUZlVrXZGFOoSSJg==

POST
H2 200 tp2 Show response
com-evvnt-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/ 2 B
332 B 380ms
127ms XHR
text/plain 3.136.222.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://com-evvnt-prod1.collector.snplow.net/com.snowplowanalytics.snowplow/tp2
Requested by: Host: discovery.evvnt.com
URL: https://discovery.evvnt.com/prd/evvnt_discovery_plugin-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.136.222.64 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-136-222-64.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.timescolonist.com
date: Fri, 06 Oct 2023 04:46:07 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 168 KB
61 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDMH9T6&gtm_auth=QzlUjhMy0COR5MgCC_1Cyw&gtm_preview=env-1&gtm_cookies_win=x

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

87eb618fdaf4463e8f3b523459a983014b02589b05c16815048c6f3ffa32cbd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62270
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 139ms
50ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-37383801-16&cid=1990525788.1696567566&jid=1777176460&_u=4CDAAUABAAAAACAAI~&z=997836165

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 52ms
52ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-37383801-16&cid=1990525788.1696567566&jid=1777176460&_u=4CDAAUABAAAAACAAI~&z=997836165

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 featured_VFA3.webp
cdn.prod.mktg.evvnt.com/uploads/event_image/1909582/event_image/ 12 KB
12 KB 179ms
54ms Image
image/webp 2600:9000:21f3:9800:8:4487:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.mktg.evvnt.com/uploads/event_image/1909582/event_image/featured_VFA3.webp
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9800:8:4487:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bf1284d9567690c16aa5a09b910158e6305db40143ce879567a7b27417b467d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 19:22:46 GMT
x-amz-version-id: UdPV7tnXCV0Oe6hy_2E_ILUbVvl0iHXq
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified: Tue, 03 Oct 2023 19:11:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 206602
etag: "021e7584efd72abb912b0826a0097fe5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
content-length: 12310
x-amz-cf-id: EzsdKofm9wQ07L3fXPg9_teXszax61bN2WjnUZZ_FVrB_km7dPbBSw==

GET
H2 200 featured_AtomicTrio_copy.webp
cdn.prod.mktg.evvnt.com/uploads/event_image/1905757/event_image/ 19 KB
19 KB 208ms
83ms Image
image/webp 2600:9000:21f3:9800:8:4487:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.mktg.evvnt.com/uploads/event_image/1905757/event_image/featured_AtomicTrio_copy.webp
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9800:8:4487:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f412fec2c86b652e6520eedc32f638888f6725116b98f06d8ad04f7c4351f7b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 01 Oct 2023 21:59:03 GMT
x-amz-version-id: qpKcl4_grYdESlChe.JyAsjkeKUDU2ib
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified: Sun, 01 Oct 2023 20:47:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 370025
etag: "fea8177f7e15253a84ce7b3ea9ae2609"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
content-length: 19502
x-amz-cf-id: gRIomEy0W3_2C9UvzTqBd9_1ogADHCo3WBKNcWGgEl6rbWSDNkNDRw==

GET
H2 200 featured_230925_RxMurder-Scene26.webp
cdn.prod.mktg.evvnt.com/uploads/event_image/1907298/event_image/ 19 KB
19 KB 171ms
46ms Image
image/webp 2600:9000:21f3:9800:8:4487:bd00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.prod.mktg.evvnt.com/uploads/event_image/1907298/event_image/featured_230925_RxMurder-Scene26.webp
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:9800:8:4487:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f025c66b16ad0c4d4b9000c40f0e5beb2f4b3e27aaaee2dad763a319e31d23be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 19:16:44 GMT
x-amz-version-id: bu7QmiOsNtI0zpUF1p8nJsAnkKGICgpR
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 18:35:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 293364
etag: "8970e47c359a30d7b5310d379dfa9304"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315576000
accept-ranges: bytes
content-length: 19290
x-amz-cf-id: SJ3BwIXVAcMIagFR0Fib-ner_MofEhIm0wNzhqAMAUN2JxlW5xj8Wg==

GET
H2

200

sid Show response
mug.criteo.com/ Frame A14F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=timescolonist.com&sn=ChromeSyncframe&so=0&topUrl=www.timescolonist.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=3-1r4nx2S3lyZm5Ed2FBWEVwYWpzQkNHOGxWMTdkM2Zla21kSFg0dDhBWTZ4T1E4bEZFY04yRjlUSTYxRXRKemY0UzlHT3FmNjhLVy9HRm0zeEZ4anJZSGVXMUlOSGVFM1IvV2kvclROZ1lyQmNvMWdiK3pEVFFXaXRJZT...

446 B
670 B

174ms
51ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3-1r4nx2S3lyZm5Ed2FBWEVwYWpzQkNHOGxWMTdkM2Zla21kSFg0dDhBWTZ4T1E4bEZFY04yRjlUSTYxRXRKemY0UzlHT3FmNjhLVy9HRm0zeEZ4anJZSGVXMUlOSGVFM1IvV2kvclROZ1lyQmNvMWdiK3pEVFFXaXRJZTc5NHluOXBDQlg2Y1R3aWFoZVRnOU00ZW1DN0xzVU1SeEZtb1kvRFMzZTZCbjF0YVM2dzcrS0dMSU8wMVFXV2V6VkUwNy83WDdNMWY1L1JmMDRTSkMyRmRFUnVQYW5EVUE2Q1NWcGp4ZVkyaFF5MThIZnpTTlNFUktFMUxhYktOaWJ1QzlYVHJxNUxJbkVrVHlmckIwMDkyOFN3MTBqUVFMSFJFeXdaRGZ0V05pZGpHQ2xHND18&cppv=2

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

58ed5cc76264302f9dbaad024a307d32458dac639df966b2231a35f85864bbd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1405405
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=3-1r4nx2S3lyZm5Ed2FBWEVwYWpzQkNHOGxWMTdkM2Zla21kSFg0dDhBWTZ4T1E4bEZFY04yRjlUSTYxRXRKemY0UzlHT3FmNjhLVy9HRm0zeEZ4anJZSGVXMUlOSGVFM1IvV2kvclROZ1lyQmNvMWdiK3pEVFFXaXRJZTc5NHluOXBDQlg2Y1R3aWFoZVRnOU00ZW1DN0xzVU1SeEZtb1kvRFMzZTZCbjF0YVM2dzcrS0dMSU8wMVFXV2V6VkUwNy83WDdNMWY1L1JmMDRTSkMyRmRFUnVQYW5EVUE2Q1NWcGp4ZVkyaFF5MThIZnpTTlNFUktFMUxhYktOaWJ1QzlYVHJxNUxJbkVrVHlmckIwMDkyOFN3MTBqUVFMSFJFeXdaRGZ0V05pZGpHQ2xHND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 289836
content-length: 0
expires: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
83 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-12M2XZC8V4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDMH9T6&gtm_auth=QzlUjhMy0COR5MgCC_1Cyw&gtm_preview=env-1&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3829fb03536d89624526b78f3901e9a099e1d34f555a9c51e30973e91dfed037

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85095
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 04:46:06 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 147ms
39ms Image
image/gif 2600:9000:21f3:c400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adunitid=lmixf&adnum=8646402
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 02:16:03 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 22818605
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: byHusu31WNhAMxp7ugmD12_Tp3e5MecXqD04mA3YpDMDgKbMGxmlQg==

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame BAE1 0
167 B 154ms
55ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 06 Oct 2023 04:46:07 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 50ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-12M2XZC8V4&gtm=45je3a40&_p=780380341&cid=1990525788.1696567566&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696567567&sct=1&seg=0&dl=https%3A%2F%2Fwww.timescolonist.com%2F&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-12M2XZC8V4&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 417A 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshnsaSQZT8xkktFJy0OckIFOrMm64BfUz6U320FXFxkknOA-WQeDweDVSmwahGRoiGCVDcv3dXWV_GyAm986STiJLLWM1Y7ekXcK_2_MtPPVnybVjYjHdO2n0-Tgy-YZVwveNCysP2RC9S4RFLnMyyNb-i7bfqGRcuKnAky2-BiZlbc4YVcGTU8ahigG7_-W62LComWz02DFs7-BCAU5foigWXJt9WvptU9FLZBf7xKq2KcAWRHOX5SYY_zORFnDQ0IKOgeV_QG98RMHdx1MHpdr7vbXw26cZP9cKUMdCpHE5Ho-r1C5QpHxg3KjNSiuQVtgHKfD4ak40rWZH2DAN60EPpwoFlTVvZ6w36t87GtEuTEwHM9_jAv_nVhEnW5yureA4dGw&sai=AMfl-YSggpmrRcIzTODyODbreVkd1yBKVj79rY3HzSLRS1gq8as1sBYKvUTKy7DYGMbiP_xS0o1GgK0dMTGqQ-UvmKiVnbBKkmE79fa6VjSQFjx4UGYpNshQTmnvjNz13A&sig=Cg0ArKJSzJ-3ENmvee_nEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 417A 100 KB
29 KB 237ms
236ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccf32c4bc4ad19303ee31fc19ac8af6f6bc65c827bfaeced09f60b220869374b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30007
x-xss-protection: 0
server: cafe
etag: 625 / 19636 / 31078561 / config-hash: 1263625818240152014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 417A 187 KB
59 KB 154ms
54ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:07 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 48ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LBSLQ6JW94&gtm=45je3a40&_p=780380341&cid=1990525788.1696567566&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696567566&sct=1&seg=0&dl=https%3A%2F%2Fwww.timescolonist.com%2F&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&en=On%20Load%20Soft%20Prompt&_ee=1&ep.event_category=Push&ep.event_label=Push&ep.Site=82&ep.ParentSite=19&ep.Member=False&ep.Subscriber=False&_et=199
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBSLQ6JW94
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 f6427df5bb515740eeca0de840b1ff4265ae5e3 Show response
beginnerpancake.com/019ae29998cfa/ 288 B
315 B 107ms
58ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://beginnerpancake.com/019ae29998cfa/f6427df5bb515740eeca0de840b1ff4265ae5e3

Requested by

Host: beginnerpancake.com
URL: https://beginnerpancake.com/v2softe6C3tgUTM7NQgMh-hBN7iVrS_gVdDZxyPki21OEh4C-yGl33FQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

cd97a99d3e65b092551486a23fb468420574a6b6d649e8ecdf0bcb74fe52b990

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 06 Oct 2023 04:46:07 GMT
via: 1.1 google
x-buildnumber: 998028631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.timescolonist.com
x-hostname: fen-hoothoot-europe-west1-w5gn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 06 Oct 2023 04:46:06 GMT

GET
DATA 200
OK truncated
/ Frame 417A 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e52fbc5177f80a7175b06b05008b70b08e5dd1cb4e5b3dc19ee196a54a4d20e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBCF 0
0 81ms
81ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGJPeEWLJEbnBhGL2ixg4BpQRIlf2odatCj40EJMWN91FfCrDJFd6HfCwIoGxagUsVuFfdOHeYyJQhF0Yzy6JxEi9DjPELgwElo6t3jybjWUhixd_Ln78DiGmpJjEg4GRDF7gMsCb70Nuu0IKP-lkD9osCQafZzkdP2YSayJtGtPFIV1qXUfk9POLqhAqDVetSI83rUzPYRh2WQFRXcIL-DkJRF5PU79plZRuODyLZZq6_XqGHwC8mQjdXoGbnsmUP7azobOUxbHPnMqJAf7jlXadLBLMfN8V5tCJGwnJwTLQTGkxgIcIaXSH_dgqM6U8nCYmk4gUEjkQe0ePJlaLJtWgJBjOE8UbqmjXnDHPe-Efksw8Y6XyudMwzqIiVjsdlnrW0eQ&sai=AMfl-YTXuTbxsFUNuzN0vElEAYL-vBgK5CUzHyXoiWNF7uTHSDFpO9dgo4kmkgnXI49tFzWLTSFHM7DnLW-GoA--H-ps8H9ynODk2dIYluNiWyxjjhQUAurR6L6U70oBRIc&sig=Cg0ArKJSzP9CYiaqwtD1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame DBCF 100 KB
29 KB 147ms
145ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b0f6a070952cfdb5bbaace0a4eb1297fc25f2b74eb5d70815659181f96753bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30006
x-xss-protection: 0
server: cafe
etag: 125 / 19636 / m202310020101 / config-hash: 1263625818240152014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBCF 187 KB
59 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/ Frame 417A 419 KB
132 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:36:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65359
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134829
x-xss-protection: 0
server: cafe
etag: 3697166202567710199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 04 Oct 2024 10:36:48 GMT

POST
H3 200 ab72fe24a7f7f0eeda766dedb58e86fe1a4beeae5bac0a8cf487 Show response
beginnerpancake.com/ 3 B
27 B 51ms
50ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://beginnerpancake.com/ab72fe24a7f7f0eeda766dedb58e86fe1a4beeae5bac0a8cf487

Requested by

Host: beginnerpancake.com
URL: https://beginnerpancake.com/v2softe6C3tgUTM7NQgMh-hBN7iVrS_gVdDZxyPki21OEh4C-yGl33FQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 06 Oct 2023 04:46:07 GMT
via: 1.1 google
x-buildnumber: 998028631
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.timescolonist.com
x-hostname: fen-hoothoot-europe-west1-w5gn
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
DATA 200
OK truncated
/ Frame DBCF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e92ebaa4fbf87633a222a30333827c155ce315a682ceab8035adabb83876ecd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D188 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvd1f8AQFQGAHXDWHaE-pZphPgE1QkLLp9VaqTCHrhXxHV4pHNE8MEISyOvveTJGie0j4hteLQpORNEmyk73a5lzETwUAWaIkA4RX75_FWkUebpikiTbFmAA9k-iogOWpmUBu6MI6LWuzPtwYpb0yb5iJX81p0cLx4aCu5-xPmJVMFhOTrM4SqECyjAnyN6GvFn708PCTbnzBiTdv0GQ13wDB3edWit8jjqbVz8cxBm3U2QAM88b9WIFrCFMAs1m-RHEb7t1bzwbC-t0DZbyi9BYgdEaHrelAnutYtHc64VDnHzVcehWTQBQet_19UO_wmgOZgYBVp8u-jEtSy-CDG8BbAwZKgx7PWQrDAQEaMZ86vf6QeI9PEw4LSIz5wekXvL5qLeDg&sai=AMfl-YQBC6h2ubvhSu1aawJ40a5xGOVKvENj7S_RIAdvq1m2dhX8qhGQNXCwh4dcfXY6ykLiZBTzUTgJbybXmGzs7LtpLxD2kIutRW1YiFUdDmvHBNgXgWG1dSJ0JY4wNIk&sig=Cg0ArKJSzAXK88nAOF9NEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame D188 100 KB
29 KB 130ms
129ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

971234b8d67baf99b8bb6c1375b06d467f40584730efd071e01660802e0d67cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30015
x-xss-protection: 0
server: cafe
etag: 906 / 19636 / m202310020101 / config-hash: 1263625818240152014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D188 187 KB
59 KB 257ms
256ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB3A 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxFbypLLWV4LqTChVEpE8t-nbRj7_FUZguvHnouuLg_Shgb9DR7QaBdoRJ6dnbVVHmfBFi1zaoY6dBYKWASLNOcr1E7w2fppZSMwiyTXcMH2UuSKrNTFO2eEGj5L8p6gg8A_Lrlwip2YDud_fIByOcgz4Qdb02JQprcHtIJwTiFxsRBipA0A98Z9MEQ8r2xApXFvLmvo0QFWq9QZP6yDkG_EHnx0K2R4SYprG0yh5lQygWBSZgS2JU5kDxwEW4TB6tYdtkjgsRj8l7GZxY4LoD4MCntTh2cRTPhtybFniLkLs7zHWpKsyKNyJoSWl74YyoEXtMo3j-s9d1HAOkWv1TpiPieIDkMJ3CdRogmKCiYcTWXLKwee--ck9gnDVSmjx__Q6U0pLn2_Rl&sai=AMfl-YSk7siX7abWOLGJ0RgZXxVE5xw7o3k0md4K1EJt0p4B6zesoXSUjmPneuqZyUqs8CWTX28N4cvwFbMFZ4wpxOp3Uo6AomjQr0AN06A5sLxQvAwxmrBh45Iacopp-nU&sig=Cg0ArKJSzMXYopxSd3OXEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 adplus.js Show response
cdn.ad.plus/player/ Frame CB3A 346 KB
107 KB 402ms
38ms Script
application/javascript 78.140.185.31
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad.plus/player/adplus.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.31 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: 1c2-10-d2774-31.webazilla.com
Software: nginx /
Resource Hash: b5b1cc01a5082030446a0a631e2cd540fec8412c5641ac22c4a3c9a8c5898f01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: gzip
last-modified: Thu, 10 Aug 2023 08:35:12 GMT
server: nginx
etag: W/"64d4a140-5666b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB3A 187 KB
59 KB 267ms
267ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 417A 28 KB
12 KB 389ms
388ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3496408437350396&correlator=101997711643758&eid=31078561%2C44769661&output=ldjh&gdfp_req=1&vrg=202310030101&ptt=17&impl=fif&iu_parts=21849154601%3A4326737%2CAd.Plus-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=200x200%7C300x250%7C250x250&ifi=1&didk=2209178241&sfv=1-0-40&sc=1&cookie=ID%3D08f0e82ee69c1868%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MYXzpkyYkp_CuYipQMn9g3hvUZqoQ&gpic=UID%3D00000c8f7588780c%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MbaiH6ZhbB3QVOeemuqgRewbm-27g&abxe=1&dt=1696567567544&lmt=1696560367&adxs=980&adys=1306&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=onsq9yupfym3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.timescolonist.com%2F&ref=https%3A%2F%2Fwww.timescolonist.com%2F&top=https%3A%2F%2Fwww.timescolonist.com%2F&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1990525788.1696567566&ga_sid=1696567568&ga_hid=636554086&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97-6mrAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj3v7qasDFIAFICCGQSGQoKcHViY2lkLm9yZxi4wbqasDFIAFICCGoSFwoIcnRiaG91c2UYtsG6mrAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPe_upqwMUgAUgIIZBIZCgp1aWRhcGkuY29tGPe_upqwMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lWR00yYkhOVlRtVlVNRmR3VEVGMVpHbDZOMXBPVVQwOUluMD0Y7sS6mrAxSAASGwoMaWQ1LXN5bmMuY29tGO3CupqwMUgAUgIIag..&dlt=1696567567084&idt=410&adks=181281449&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebd3cc72ec07c03702be0c8e340637541d192e50422bd839c0b2eb7e6cb903e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12187
x-xss-protection: 0
google-lineitem-id: 6133420976
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138407672057
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9676e82442a02437030737452586d745.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C387 6 KB
3 KB 73ms
47ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:07 GMT
expires: Sat, 05 Oct 2024 04:46:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/ Frame DBCF 421 KB
132 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e13b990ba95d19746bb5ba999bb22823ecaa39f5964725795eb589985d4d496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 11:03:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63778
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135332
x-xss-protection: 0
server: cafe
etag: 13275702515393991500
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 04 Oct 2024 11:03:09 GMT

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 41ms
41ms XHR
text/plain 52.59.82.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/25542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.82.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-82-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 06 Oct 2023 04:46:07 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 171ms
41ms Preflight 52.59.82.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.82.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-82-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.timescolonist.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 06 Oct 2023 04:46:07 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/ Frame D188 421 KB
132 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e13b990ba95d19746bb5ba999bb22823ecaa39f5964725795eb589985d4d496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 11:03:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63778
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135332
x-xss-protection: 0
server: cafe
etag: 13275702515393991500
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 04 Oct 2024 11:03:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 417A 0
0 159ms
76ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuKpUhaxeu3m2bm6TwCS07JEw4nHyd2LBSBo212YYDcw7HpSWe8_god7YWrmrHFnnKkIGRr9r65Rrhaz2wojUsnh5B49OnQx-Gm813NmwhJJZd6hN9Lh5A_XZYK3Meg24kesjseADhjawpP2bWT1SZXix3q2lEh1-7BalF3P5DGqpEidGdnt5yaMFbP6_qWWSOL5AiAGlkaVmnYDrOpnKh71QNu-77iOgG965jaGesRK2XlSsDrlBrwMyNh9fEZi8Ceo13bi5TAXmO1Fa8BYR9OuoXczstAy8l8Xu1y8Tk2MValb7-ljGSHjYnlMrbNDuOxYuhJMNg_aIfdPcbheW89KOP4ShBJGvlly7CCwR4pqgbsBVNQ1oL6VGFUNIQJw3W24LxnedY&sai=AMfl-YQxpxTqGvJj8Xp6UTf06SfNn-B2tugRCAaxXH_ndJWq-esPLz0FZVT7asx85mB2gyphg-74jYpQolhgZWq549gZTFxUU7K9kI7K92aQhFjDxVvzo7Bm80jMFSwWEA&sig=Cg0ArKJSzNe0k5cMTU_XEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 417A 16 KB
12 KB 174ms
79ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

470986ff44d1f739fd02686f17110fa3f9bc2f029a65825e007fd5901615c7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12282
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DBCF 28 KB
12 KB 286ms
284ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=436921092384428&correlator=474213198412553&eid=31078451%2C31077695%2C21065724&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fif&iu_parts=21849154601%3A4326737%2CAd.Plus-300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C250x360&ifi=1&didk=2209199265&sfv=1-0-40&sc=1&cookie=ID%3D08f0e82ee69c1868%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MYXzpkyYkp_CuYipQMn9g3hvUZqoQ&gpic=UID%3D00000c8f7588780c%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MbaiH6ZhbB3QVOeemuqgRewbm-27g&abxe=1&dt=1696567567674&lmt=1696560367&adxs=980&adys=288&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=7o5mp9digjpg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.timescolonist.com%2F&ref=https%3A%2F%2Fwww.timescolonist.com%2F&top=https%3A%2F%2Fwww.timescolonist.com%2F&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1990525788.1696567566&ga_sid=1696567568&ga_hid=734944831&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97-6mrAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj3v7qasDFIAFICCGQSGQoKcHViY2lkLm9yZxi4wbqasDFIAFICCGoSFwoIcnRiaG91c2UYtsG6mrAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPe_upqwMUgAUgIIZBIZCgp1aWRhcGkuY29tGPe_upqwMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lWR00yYkhOVlRtVlVNRmR3VEVGMVpHbDZOMXBPVVQwOUluMD0Y7sS6mrAxSAASGwoMaWQ1LXN5bmMuY29tGO3CupqwMUgAUgIIag..&dlt=1696567567356&idt=295&adks=2387504735&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0db14a5901b98fa00efca10feac343f181e9cf6709029378a4215955418e5027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12185
x-xss-protection: 0
google-lineitem-id: 6133420976
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138445362203
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5399 6 KB
3 KB 89ms
47ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:07 GMT
expires: Sat, 05 Oct 2024 04:46:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D188 28 KB
12 KB 451ms
450ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2728082728021033&correlator=2094407618194010&eid=31077098%2C44777901&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fif&iu_parts=21849154601%3A4326737%2CAd.Plus-728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60%7C728x90&ifi=1&didk=1007312133&sfv=1-0-40&sc=1&cookie=ID%3D08f0e82ee69c1868%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MYXzpkyYkp_CuYipQMn9g3hvUZqoQ&gpic=UID%3D00000c8f7588780c%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MbaiH6ZhbB3QVOeemuqgRewbm-27g&abxe=1&dt=1696567567716&lmt=1696560367&adxs=436&adys=163&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=53l171ywi0oa&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.timescolonist.com%2F&ref=https%3A%2F%2Fwww.timescolonist.com%2F&top=https%3A%2F%2Fwww.timescolonist.com%2F&vis=1&psz=0x0&msz=728x0&fws=256&ohw=0&ea=0&ga_vid=1990525788.1696567566&ga_sid=1696567568&ga_hid=1001476529&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97-6mrAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj3v7qasDFIAFICCGQSGQoKcHViY2lkLm9yZxi4wbqasDFIAFICCGoSFwoIcnRiaG91c2UYtsG6mrAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPe_upqwMUgAUgIIZBIZCgp1aWRhcGkuY29tGPe_upqwMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lWR00yYkhOVlRtVlVNRmR3VEVGMVpHbDZOMXBPVVQwOUluMD0Y7sS6mrAxSAASGwoMaWQ1LXN5bmMuY29tGO3CupqwMUgAUgIIag..&dlt=1696567567468&idt=238&adks=57877934&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd481cdf1eacc4557cc0a68758204cb9e99b57842d830132b5dbcdda2f4852f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12173
x-xss-protection: 0
google-lineitem-id: 6133420976
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138407672210
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5646 6 KB
3 KB 88ms
48ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:07 GMT
expires: Sat, 05 Oct 2024 04:46:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 62CB 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFGee3DuWps2RCh1sz8BNwZBr1PeJJ9H3wiq-WgiOMYSIqT3K5v_RQfcl6xSQ3pYBe8wqCoLleK3R6tbCeqhZjs857aYC5-wP9UKo_mJcaigd2uxKwbjDxTzlHFRYcry3Q0lNvxdnS0Zevc_voQxd4xeD1r22fdr4WB3DYlNIJpc3Qt4MuVc_VVPZZbFXsFpDsrc4z99oWmjyUk_gzUZZnf2ihVfYjr6rc5eitB65lV4O98Cxz0evbqEGordULDWzmN7yrl8a_YHg5MfDcB7DCwlwDsTwf6-NnIXQ9l3wmPkH8Qs5jaDQ07TBKU0OFaVnlZfNYg8RB11vW&sai=AMfl-YSoIhTq6ohwP9WNFcoeI_Y1NtuCbR1NiYtUPlFeKu6Ae-rQJuRsRFbT64XA30l5NbXK35KtrYew7AE_9K_qWQr0Ivd-vQWCkWwODNycfnAdSMTU7JXPzFUCvq8tIfI&sig=Cg0ArKJSzMCeVLVNzyUkEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.timescolonist.com
URL: https://www.timescolonist.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 62CB 100 KB
29 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ca4f4c031a086231c5789abbc04aea54b387256bfcefc27694fe2ae70611fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30014
x-xss-protection: 0
server: cafe
etag: 313 / 19636 / m202310020101 / config-hash: 1263625818240152014
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 62CB 187 KB
59 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DBCF 0
0 77ms
76ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3c7W_vn_WgS31BhN7G60QukY6PklNYw4EWSuNj50EDEqd9f9wdAe-H1AwekgFudggFA7At652ER0eqknT_bnbPUqyKQ06pzOR0TbqjXPPnBuDQPMGBUPqYEBMb6QokiSSVq0UiviWRdQlti3XzD548HVLr6drmCTmGXU47Y4OayZkW0YdiNGaxaJG6TByCXgPBIgz_jWwmDYyz8nEPUgBd_n8R7dyg7lbhdaeTPDD2TgsvzLzAQcTQqIaCoomQ_DGx_FAjlt0HjoOrD3-DkhQHPJR0aNbO0Uuml-jdxxA_HgR9WOel9wpNfOiw6vFyou7ic3esHir3QDIGFGU2QGAOK2_jJ6auMNkJFDXm56ySnG32I4HiZIJxG002113Q7O3QXzC6R8A&sai=AMfl-YR8pUyagd-26lBHYV_c84lPxXTE6NzT6N-KzWbezlPlg5fGzDKJxRKe0iLLnQMOXmKNZnGjD-OaNO7bJwBMgZw-DyoWBqFHc53S5pXrWptVpd3nbYKnJiRkgY0Eoro&sig=Cg0ArKJSzPDy9XX-YwoNEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DBCF 16 KB
12 KB 54ms
53ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b72ec921f88f5aec1cc3791ef01c6a9fd31c6b8763e3395ef28e51f7a8e219c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12003
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D188 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47c0c8597d41f1db7726d7d182e02cd263db141e983d55f85be94826f943c997

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CB3A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28af502d1eeb51cef49dc6097c236f21c453b47a033a9bb546026c0e2c5f25a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 417A 17 KB
7 KB 160ms
59ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
DATA 200
OK truncated
/ Frame 62CB 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b934e621895ba7896d91001267adf8ab3a9475ed345b4e55342034f242d9413

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DBCF 17 KB
6 KB 146ms
75ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D188 16 KB
12 KB 68ms
68ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c03cd4ac71e7e2c0459f2aa5f13524bdec8d9aed91ca7ba400edc82705e41fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12026
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D188 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwFBFoGxvarsxB25VQZ0sO5Pr7WD_Nc46u4j5afPQNi5ZGDlZlM86zE6YXhcH6JF0HNEF2fEQch6Zg226EaQxnafhpnYCYYRz_2_wN1pEtu140oqyBkxgC04AhuHTQKfYKgyX2niKejKKpr3Tl8tnXFSRpHmLJOi2Sfd7EwfnkC0H43a5vY4YemflxwK8KtrF77YO0g8Uf5QK47eZv1BiTgkR8QJiR22o_O8-Y4T2W7wK2f6952bsnm4fv2ZKR1Y2nrOWJrbXEUZjFZRfRFeKFfkbUX00kXha1H4zqIw0znyg-X_jrg0QmzCQZ3_-S7Fh9Hfj2x8vIP3pjL2LoTY2aTvnGjdLP8uqSoOKWBvf_pVfeHOvuIcu987pM--FGuLYcBF7g_qDU&sai=AMfl-YRuKk2wjHp7w8UPEWH_al0X2AlagDY171sqf87wcSFUwbfJUX5iaTfLuXfiWjdeHhMsP4Gjb43QBDQ1BR-tgAcuB9CV6kExKj5pcI8ckoTT1mF3Ads9in7GNf0f0M4&sig=Cg0ArKJSzP3a6USGv6EdEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 04:46:07 GMT

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 41ms
41ms XHR
text/plain 52.59.82.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/25542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.82.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-82-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 06 Oct 2023 04:46:07 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 40ms
40ms Preflight 52.59.82.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.82.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-82-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.timescolonist.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 06 Oct 2023 04:46:07 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/ Frame 62CB 421 KB
132 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e13b990ba95d19746bb5ba999bb22823ecaa39f5964725795eb589985d4d496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 11:03:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63778
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135332
x-xss-protection: 0
server: cafe
etag: 13275702515393991500
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 04 Oct 2024 11:03:09 GMT

GET
H2 200 container.html Show response
9676e82442a02437030737452586d745.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 91F4 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:07 GMT
expires: Sat, 05 Oct 2024 04:46:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D188 17 KB
6 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 04:46:07 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 62CB 28 KB
12 KB 284ms
284ms Fetch
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=15904226534020&correlator=2220473202192931&eid=31077098%2C31078450%2C44777900&output=ldjh&gdfp_req=1&vrg=202310020101&ptt=17&impl=fif&iu_parts=21849154601%3A4326737%2CAd.Plus-300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=200x200%7C300x250%7C250x250&ifi=1&didk=2209178241&sfv=1-0-40&sc=1&cookie=ID%3D08f0e82ee69c1868%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MYXzpkyYkp_CuYipQMn9g3hvUZqoQ&gpic=UID%3D00000c8f7588780c%3AT%3D1696567566%3ART%3D1696567566%3AS%3DALNI_MbaiH6ZhbB3QVOeemuqgRewbm-27g&abxe=1&dt=1696567567972&lmt=1696560367&adxs=650&adys=803&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=4p09bhgl3km1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fwww.timescolonist.com%2F&ref=https%3A%2F%2Fwww.timescolonist.com%2F&top=https%3A%2F%2Fwww.timescolonist.com%2F&vis=1&psz=0x0&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1990525788.1696567566&ga_sid=1696567568&ga_hid=833433396&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY97-6mrAxSABSAghkEhsKDDMzYWNyb3NzLmNvbRj3v7qasDFIAFICCGQSGQoKcHViY2lkLm9yZxi4wbqasDFIAFICCGoSFwoIcnRiaG91c2UYtsG6mrAxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGPe_upqwMUgAUgIIZBIZCgp1aWRhcGkuY29tGPe_upqwMUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lWR00yYkhOVlRtVlVNRmR3VEVGMVpHbDZOMXBPVVQwOUluMD0Y7sS6mrAxSAASGwoMaWQ1LXN5bmMuY29tGO3CupqwMUgAUgIIag..&dlt=1696567567728&idt=236&adks=181281449&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dcc3085a4770ef75a29e47fda6ee1fba1a1666731e61aab40b2301d9633f1f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12182
x-xss-protection: 0
google-lineitem-id: 6133420976
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138407672057
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 95CC 6 KB
3 KB 69ms
54ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:08 GMT
expires: Sat, 05 Oct 2024 04:46:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D3D9 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:07 GMT
expires: Sat, 05 Oct 2024 04:46:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 91F4 24 KB
7 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 9676e82442a02437030737452586d745.safeframe.googlesyndication.com
URL: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 16:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132028
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 03 Oct 2024 16:05:40 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame 91F4 231 KB
84 KB 145ms
40ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: 9676e82442a02437030737452586d745.safeframe.googlesyndication.com
URL: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d33b9d69281a0e049f69af6e39ad98c7e7db554f5e5372a4dfa3ed2b67d69c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2023 11:34:44 GMT
etag: "17-Ohr2jKh/1vXBS3BUzk5PcrolHXw"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: b0c7ec99cff5ed987456e6f21f6dfda7
timing-allow-origin: *, *
content-length: 85565
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 91F4 187 KB
59 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9676e82442a02437030737452586d745.safeframe.googlesyndication.com
URL: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:08 GMT

GET
H2 200 1 Show response
serving.stat-rock.com/v1/placements/GyS1onrGYWxVyiWiL_uR3hEn5eTbSEXzBcFfumahfEdE74nAmU2q/code/js/ Frame CB3A 1 KB
1001 B 191ms
42ms XHR
application/json 144.76.28.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/v1/placements/GyS1onrGYWxVyiWiL_uR3hEn5eTbSEXzBcFfumahfEdE74nAmU2q/code/js/1?url=https%3A%2F%2Fwww.timescolonist.com%2F&b=0.42677659933785117
Requested by: Host: cdn.ad.plus
URL: https://cdn.ad.plus/player/adplus.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.28.41 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.41.28.76.144.clients.your-server.de
Software: nginx /
Resource Hash: dc6389c855ae4b7d961402be9f9706865bd4fa8b0550cd693d527986e3510243

Request headers

Accept: */*
Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: gzip
server: nginx
srvb: 127.0.0.1:8082
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
srvf: 144.76.28.41

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CD91 13 KB
5 KB 45ms
44ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 07:37:05 GMT
expires: Fri, 04 Oct 2024 07:37:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 545D 829 B
995 B 62ms
62ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

729ae004736a616de197614f15a39d92405bbf0ca3a23d1fc5fc608ca4c13f93

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tUafYt93rO-1vHAiHm_00A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tUafYt93rO-1vHAiHm_00A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:08 GMT
expires: Fri, 06 Oct 2023 04:46:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CB3A 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdtYIzvddaQBTGhhnU66uSB_mdiLEP8y5Ngaji_qTxbF3yHST3hLzHb5HOL8GpawPP9O1UbbBSXMH89O7iooJHzmbdS-OiGESh1Ip_FJrPE8_JC1ivLjKHDNBMbVfmanufs8lclfy7wHn2fMkGFDLAifDQ31fZktfcx_PeWnRLgS711sJjIJWStVrhWRMvZWeSHZvpgF8OcZMY8ZQGmQAJJbvDwS-g2Pv8bwwSZUw7k4W1szgUbfdJ_GnBkltk2cMPeFJ1lcGg5k_XYPp-rldbSsXcW_tCnjYSWlzsy5U9IJACDfaiFe-pfedXqRneCuL0BTnDoqNS0y20h2eOBeccQ1RWcP77GJGHZJRMM6YR32m8Kl7lfIOBMk4zeEF-cZpgnHTftQ092IwxlHk&sai=AMfl-YRR5WQgO6p5Gss1ctCotuYsdwxitiy63A1Oh9fYZMmLgo4NYHVJjWWCihMPnOiTbMU6fW-WYt3a46RYN_J3RzlEGamb9zUs_jHyz0jnro-XeSJ_CsOsHkbilgbW3JM&sig=Cg0ArKJSzJxTjIW-eS2tEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 04:46:08 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B6B2 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 07:37:05 GMT
expires: Fri, 04 Oct 2024 07:37:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F79A 829 B
769 B 90ms
88ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7840726e9d5a8afff99d99f49e456c89df49bbc90e6b0cc0634aafcb5549e24

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9VqK4SYt7d6ewF-RLlT_ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9VqK4SYt7d6ewF-RLlT_ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:08 GMT
expires: Fri, 06 Oct 2023 04:46:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 86F9 13 KB
5 KB 49ms
48ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 07:37:05 GMT
expires: Fri, 04 Oct 2024 07:37:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2C94 829 B
771 B 87ms
86ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8f01cf0aad7d61de4abe5ce4a6b6178fa9fe295df520c2ba15778e31eb97d2d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--wRl8-JIRLBM-EiX69B9FA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--wRl8-JIRLBM-EiX69B9FA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:08 GMT
expires: Fri, 06 Oct 2023 04:46:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D3D9 24 KB
6 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com
URL: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 16:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132028
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 03 Oct 2024 16:05:40 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame D3D9 231 KB
84 KB 196ms
133ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: 5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com
URL: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d33b9d69281a0e049f69af6e39ad98c7e7db554f5e5372a4dfa3ed2b67d69c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2023 11:34:44 GMT
etag: "17-Ohr2jKh/1vXBS3BUzk5PcrolHXw"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: b0c7ec99cff5ed987456e6f21f6dfda7
timing-allow-origin: *, *
content-length: 85565
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3D9 187 KB
59 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com
URL: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 62CB 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXPcVytcXMWR4MeHam-M2FZM2NL0onII_b4ExvUbWjhuvUM_GfMSwHxZY_E6zYK3C7JRagwk1J4e4iXKO_LsCOrioZoJvHWiQiWXMR_1sdCd1s5_YqG6Ak9jHpAjMWRc42zajdvICueUtJjh5JC4paKinxLkJFdsuqp1jOvwkj1RDCh5WQ9pj6zxlvihTc2sMCpDBH049M2B2TU9lCYHkEJIfz6y3Hx2SFu4kcYGXS57crzfzLNFS7VwZdf9SrXj07ZSRNlF_lYyulgX1O18tTQVx6oqJLzEwBu8TMJjdfD_zkCyVGozcw5ZYsjPeN90VK7xRp-_0uHfc3sj4&sai=AMfl-YRFfEUcwbVeJH1x_I6RcPlAk6g-Hha7-TXV62NKqXBubn9DKxi3TRP1liYVtHX6pHmkUV9P4QXKp5P5YYegAT94yAYrXdNbkDTEhf6uPELDthTlrALOvhg6dWFKIGs&sig=Cg0ArKJSzKY2Lqk_XAQ6EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 04:46:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 62CB 16 KB
12 KB 60ms
60ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5c132a7429199fe569e32f6aacfd2dee487548e3fdab64d42888ba37d91a212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12000
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91F4 0
0 78ms
77ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvITnBz7d60UpEPqNzlk-Zl_5d_Q5INZE9cMHtZGVEYrue6E5JfuAOh18J0jE__AZyHl0XOZcJTWreNWRc1QsJHG7uxcYjCU5Jy1gwSSN1-k-EAPz-AacCL3Z8jHReFIHCr5Jm3OxX538HjjRf8JJCk64Ts2g7vs6l4P2TxMVmekJ6A33TZvtJavBa1kEV4I_ED_vRKQ_nGuGx8fVqAYzZvVuNSbRVLs-QigeXNiuygBRnEWAN1xJ2_9U4m8GJSeV3P3-DzYBydMfzpU_ExsS51s159k8keNf2YWv7dTklR_kH8XQKqhS2-SOTXTY9QOCyfucd8QOnl5qa4kzG1bK8jtAe5&sai=AMfl-YSKtVddPGbrMBoA_UCfkorJ_RsW2cn25X0lpFc6nes11d0852i7MZV1gtqx7N81aH6Id7ZEtannjvex5iax7PcVFjcNFG9Y5koeaNd6uCnEYT2JuSQTseaJGLaQqA&sig=Cg0ArKJSzFXo4ozu1cF6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 9676e82442a02437030737452586d745.safeframe.googlesyndication.com
URL: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 91F4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7984c9dae40f38d65fb48d5872306685e92151ddc150dbca4d25793370902e8a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D3D9 0
0 76ms
76ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuloo89EoU46SmIE-jN5f69QzR1OqM9wqJFiOKW8v-Mlef0Ov-wLkK0bpBNzfAEK6x5bpRsT7sgaNdB3BUz79CHeSvxNaLedHFcyj0krTAQ3n4QR4vQmC5KQPsTE8n5wG3FtHTCA-oFJxnWnleC8x7uBfbZo5gQiKwLOoGzq9kRn1aK3GLkQ4xMEkALRY0wMtw3753hdA7i14wIJUlehzTBn68faIMDH0C84DKxAVnrNPViqTdBhKB5WiXsiaJJc9FNWDBgQLDUJEz29r99JQDRs0FLlb_kXwKxEX_fnL2aK78IRv_gw2QQO7pps-A0guuHCqJwPGHv6Ur9cfPBRKyxoUIY&sai=AMfl-YQi8eoX1Z-_tqZ5ncV0yYes1UZy6YBEU5f8R42VWmYfyelNuL4eyX369wLh33mQxh7_X1Rsd_kJttUe1KoUIg1ZzrjMyGZGzntTFRSu0JGqZsfdaFsqAp3j4nzcTQ&sig=Cg0ArKJSzN46e_cv2j6MEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com
URL: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame CD91 37 KB
14 KB 145ms
64ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 18:57:33 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 545D 0
0 188ms
108ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310030101&jk=3496408437350396&rc=
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame B6B2 37 KB
14 KB 116ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 18:57:33 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 62CB 17 KB
6 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 04:46:08 GMT

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 86F9 37 KB
14 KB 115ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 18:57:33 GMT

GET
DATA 200
OK truncated
/ Frame D3D9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 94135c088792ce51af23a2c0008f7063222841061a12659bc50f427149900383

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2C94 0
0 133ms
108ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310020101&jk=436921092384428&rc=
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F79A 0
0 102ms
77ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310020101&jk=2728082728021033&rc=
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 container.html Show response
070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7062 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:07 GMT
expires: Sat, 05 Oct 2024 04:46:07 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 92AC 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 07:37:05 GMT
expires: Fri, 04 Oct 2024 07:37:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5FA4 829 B
559 B 87ms
87ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bc7ecf1cd7d6ffa4a851b97817810452a8501202506a3069f661693104a0724b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eo-dNLXuRypGWk5gMr6Bcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-eo-dNLXuRypGWk5gMr6Bcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:08 GMT
expires: Fri, 06 Oct 2023 04:46:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ Frame CB3A 35 B
171 B 39ms
39ms Image
image/gif 144.76.28.41
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=&type=ERROR&placementId=5TPzg_4lZsbrixJG2p3wuSGKYeUz8Xi7YUm0vbbyiZvKA0kpK1ZQ&tagId=&message=init%20element%20is%20null&u=https%3A%2F%2Fwww.timescolonist.com%2F&t=197&v=114&p=2PkkHyMBMFIJuatuqVu0-GLeptj5JeNCA1N-kpuwKH9rZ-dT6f-r&r=0.37080808397587894
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 144.76.28.41 Freiburg im Breisgau, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.41.28.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer: https://www.timescolonist.com/
Origin: https://www.timescolonist.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: https://www.timescolonist.com
date: Fri, 06 Oct 2023 04:46:08 GMT
srvf: 144.76.28.41
server: nginx
srvb: 127.0.0.1:8082
content-length: 35
content-type: image/gif

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7062 24 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com
URL: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 16:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132028
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 03 Oct 2024 16:05:40 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame 7062 231 KB
84 KB 46ms
46ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: 070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com
URL: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d33b9d69281a0e049f69af6e39ad98c7e7db554f5e5372a4dfa3ed2b67d69c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2023 11:34:44 GMT
etag: "17-Ohr2jKh/1vXBS3BUzk5PcrolHXw"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: b0c7ec99cff5ed987456e6f21f6dfda7
timing-allow-origin: *, *
content-length: 85565
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7062 187 KB
59 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com
URL: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:08 GMT

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 41ms
40ms XHR
text/plain 52.59.82.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/25542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.82.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-82-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 06 Oct 2023 04:46:08 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 92AC 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 18:57:33 GMT

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 41ms
41ms Preflight 52.59.82.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.82.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-82-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.timescolonist.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 06 Oct 2023 04:46:08 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200
OK OTY3NmU4MjQ0MmEwMjQzNzAzMDczNzQ1MjU4NmQ3NDUuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ Frame 91F4 16 B
464 B 521ms
391ms XHR
application/json 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/OTY3NmU4MjQ0MmEwMjQzNzAzMDczNzQ1MjU4NmQ3NDUuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 04:46:08 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: cd80ee4356724d1ebb4a56635cea06dc
Content-Length: 16
Expires: Fri, 06 Oct 2023 16:46:08 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 91F4 43 B
372 B 49ms
39ms Image
image/gif 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: 9676e82442a02437030737452586d745.safeframe.googlesyndication.com
URL: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Sun, 05 Nov 2023 04:46:08 GMT
date: Fri, 06 Oct 2023 04:46:08 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 container.html Show response
4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F277 6 KB
3 KB 40ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310020101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:08 GMT
expires: Sat, 05 Oct 2024 04:46:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame D3D9 43 B
372 B 42ms
41ms Image
image/gif 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Sun, 05 Nov 2023 04:46:08 GMT
date: Fri, 06 Oct 2023 04:46:08 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK NWRhZTJjMTQ3ZjNlMDQwYTIxNWFlZDg4MjNlNjAwMGUuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ Frame D3D9 16 B
464 B 478ms
398ms XHR
application/json 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/NWRhZTJjMTQ3ZjNlMDQwYTIxNWFlZDg4MjNlNjAwMGUuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 04:46:08 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: f9e92863e0fc6edd310b097391827900
Content-Length: 16
Expires: Fri, 06 Oct 2023 16:46:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7062 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzbjc8arc9uliER5edkWXTuYnzJbpjiRbq7uEohHZu8ZzINWX7iUh97v-qgjwrE7aP4kbS5SP65gOjcfb7mGTksGiSiFOXbI3WH5fU8-1D5tEvnHvr4HZKMY3BuZSKuyN1Ktb71qcGj5pxgFQtuTaGq7Lcfm2ojC5485MWJBJMfboEfmR6rnz0crCxqqCfFfdxCvdjMLiCQagFLbR921KsbtvX7kQgRAQQ8_zzrsr5q9ef_wV1ZURdzX7TVcXRr_RU8LCck5ZL7s_T0W2Y0Nl9-GEGR4CGJLEeiVvXIxT9JBPmHkX7vRoumBzybVeHrxXyRdyAoxvm1DV3T_bczsRJuas&sai=AMfl-YQfj0EiEU5XpQZuFSmsYIsF_UF7dArcXFxtNF3PVdK23QXshvPRhV9AdURPb2r5ghI6J0pz6z20zx1qcL7rmohxup0LsBdtLOyKPnGBB7FpIUhafXPhEcoewz02ug&sig=Cg0ArKJSzKqZTQBDtT86EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com
URL: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 91F4 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5LygjdpoD_Qlshcm-46PcRsClLQm9RyoPmt7tdM87U0mbDwKk_sNVnKdCS3wIHEvUdmQG9v53PWErA77bP__-N_K9mSzZRXuAeQbSRVwPGkifjH0Am5x8C1tj_n496hWfkytGww9vc1ihAsAX0vIe4vZGmp2jgf10hB7q82NVxF94BmpBHId4Xze6QIAJWJ3hY5gBK37E0lOji_pQLe8DlIc_QCXQOzZ1FGMCXC9qXQkdNEPbs5Z7cJHIeki_pbFbRzmSmnPGTeVj5jwXBa9CY3_xjDw3BYfqkgwZjpa8p_tyC1hib7rlzzp1z6Y_9VtKw7XD7lz3MhoRcNTtQjuo-BlKKJc&sai=AMfl-YRcfm1GHVFQB7IbJxGjaANzt9vyXH7CWzBDkaBSoGbD84EpLn9O8o6NG9Oi1zXzm0leUCht-Jbw6QpuoehK3pLoc7kAljy_UA0IiMO2LyounVdeyLQM6gTP8-3oyA&sig=Cg0ArKJSzDvJr2nBb-EhEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 04:46:08 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F277 24 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com
URL: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 16:05:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 132028
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 03 Oct 2024 16:05:40 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ Frame F277 231 KB
84 KB 41ms
40ms Script
application/x-javascript 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: 4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com
URL: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2d33b9d69281a0e049f69af6e39ad98c7e7db554f5e5372a4dfa3ed2b67d69c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: gzip
last-modified: Mon, 02 Oct 2023 11:34:44 GMT
etag: "17-Ohr2jKh/1vXBS3BUzk5PcrolHXw"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: b0c7ec99cff5ed987456e6f21f6dfda7
timing-allow-origin: *, *
content-length: 85565
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F277 187 KB
59 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com
URL: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:46:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5FA4 0
0 73ms
73ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310020101&jk=15904226534020&rc=
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame 7062 43 B
372 B 48ms
47ms Image
image/gif 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Sun, 05 Nov 2023 04:46:08 GMT
date: Fri, 06 Oct 2023 04:46:08 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK MDcwZTJmNTNiNTMzYjBlZDdkODU0N2VmNjMxMmY4ZDIuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ Frame 7062 16 B
464 B 472ms
394ms XHR
application/json 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/MDcwZTJmNTNiNTMzYjBlZDdkODU0N2VmNjMxMmY4ZDIuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 04:46:08 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: c208bffd695055de8167b97e630a2ddc
Content-Length: 16
Expires: Fri, 06 Oct 2023 16:46:08 GMT

GET
DATA 200
OK truncated
/ Frame 7062 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e2022ef446865386fc282ae7479f4bec9aa0b65f20c3adfb1af9dd3cf853a43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D3D9 0
0 83ms
82ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjSjzWfPry07cBLaM5yDK2OYbA2KBJKZEDUFRD1hKq2G0YS7HiNwgigy5ays4sbcEdRrYlaM5cWhTOrIylcIxOYMIUIZT_n2oaULxecjHc0aONW2lqTFV7H3mxNTCr49nFPF5Xntn96IzYFqnZbmUpfKBpz_vhTd-X6bIA2gXwyTKpyZXLZNAh-K2qIjh-YQcm0HEY91C_o7u5oJ-66uakRtNB9xk38TxDBlfZY_h0Q12m57o1AMwPQxXYlkIFL41f0PJ8_G6vcTcBIFsrET_aXxdBtzRQJDBBpdZDv7BY_jMfz71TJtwyIJdtLDU9QgflPmQCfcit8iNcQ4JIIv1Z-4b7TV8&sai=AMfl-YTZdhkpnXsIablSW3nNFmYlvMpYV7CtUmTMtb_k6EYWTqUSy6diBsQ4BaOPc5DtO8lE-7fXcXE5hl20XMebUttOs4g_Q9L6q9cBOP5fDr7kcC3R_LTQnj9K-Ef7Rg&sig=Cg0ArKJSzGln1zGzurEuEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 04:46:08 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame 91F4 18 KB
6 KB 308ms
204ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fwww.timescolonist.com%2F&idx=0&rand=19597&widgetJSId=SB_1&va=true&et=true&format=html&px=0&py=0&vpd=0&cw=300&settings=true&recs=true&key=ADPLU2MFQEFJON6KK97GGNAND&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=0&activeTab=true&version=2010477&sig=qw6TtPNc&apv=false&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fwww.timescolonist.com%2F&ogn=https%3A%2F%2F9676e82442a02437030737452586d745.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0a3aa8462b9826053b8fa9c34701223b10828731a4ebd80a7261f7a9dc7315c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1696567569.601556,VS0,VE158
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21971-LGA, cache-fra-eddf8230047-FRA
x-traceid: 62b94019f6688fdaad4bb9c13569580d
accept-ranges: bytes
content-length: 6247
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B6B2 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?C4G-zg
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7062 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu00G69LvCI6WqyJ3PrGav1b5EXuu6fRYjDto8-wzfa6LR12gMWh9wZSOXhdLZcF2eTWDI9KMWN1IaK7R99lURLkp92wapE1pXuSqKCFDmjOvZm2F8xjQlPZouKaySoL_fyf9tFxucQFLG5fbbGWrvweqKVx-vQ2iqctwTi-9ERzAM6B34pb45r4M5FCGDctX_vo4ZXvHO-isoBhKTb30mlGr07qeWEhmRPz1g2sIU-0aCtPVNWKCIQAVYqr-rDdVhn4PsDuxEMp0UVa6r-1C3nwp7YnwEcjauv0hccDhDrx_9zIo2AaDKmxf4MXoy-3hcuyGG2ebuV1cDTve-om_Mt2eiWYw&sai=AMfl-YQbU87zGUZihUZpxUNQe1EzTqtj9LJ5B4qdEz9Axx4gKsnRJq_QSqsdnYhesCmGtOFSX9JeLBBXQA2pjdYhj4-kfW-x9vd4cCOCBQ2QpK9NJBDGvYGClUVE1WVnEQ&sig=Cg0ArKJSzAiXhgVi6BdQEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 04:46:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 86F9 0
10 B 39ms
38ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Xa5w5w
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F277 0
0 79ms
79ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv-gFYCNeboYol07Anhbu9qyMtsk9k-rUmXi9H2OrJQlTRgiHVPYh_-jaVa_W3hPeynpLq5wkZM6qcCJYb-mvTfF4VHgcsBCc4TvuSQOuGpst_14rDkxkbYEZTrIVwpDD--hUUvr2F_G8qZStam-Aci7o_vX8AOSP6y2xW85vriMbV-UT-oCkB3gkI-ULrJ1hfvwt47R7bV3B_g2DCghYAmCs5Xq6xl_IBDzWCoCwbFSuE_Fbf1e4WcUc_MnO4NKu-4qj6IQ4LpGhGJ2jcpcqnPysX687GCT0TlZgRjK0ULHSYkJBQIJHqTTPL4afS1KqHXsbPJFgQW1fwQ3pgBoCg9Pk5V&sai=AMfl-YQRoGWYxwxf1PkVZx61iPtVoYKemoQ9e6paTopgRMXWPc8nCkvR04Oc7rIJqMW24t4CvdbSVsoMNRYgFdy4pw-hZ4fmtc5JT6oqrhsnHRylvntK8iAymSsDOPpMkQ&sig=Cg0ArKJSzKrodpo7p_SLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com
URL: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CD91 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xuWaOg
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ Frame F277 43 B
372 B 40ms
39ms Image
image/gif 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Sun, 05 Nov 2023 04:46:08 GMT
date: Fri, 06 Oct 2023 04:46:08 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK NGU5N2I2MjAwMjY0OTMyOTZkY2FmNGU4YTYzMzg3MjAuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ Frame F277 16 B
464 B 493ms
415ms XHR
application/json 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/NGU5N2I2MjAwMjY0OTMyOTZkY2FmNGU4YTYzMzg3MjAuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 04:46:09 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=43200
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 41aa968ea1be9a761e52d3e6c5e7c09c
Content-Length: 16
Expires: Fri, 06 Oct 2023 16:46:09 GMT

GET
DATA 200
OK truncated
/ Frame F277 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec707252865599b5f506834557373719a08955c2ee379aa09145fad1b2672668

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 92AC 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?00_tPQ
Requested by: Host: www.timescolonist.com
URL: https://www.timescolonist.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame D3D9 24 KB
9 KB 253ms
252ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fwww.timescolonist.com%2F&idx=0&rand=23186&widgetJSId=AR_7&va=true&et=true&format=html&px=0&py=0&vpd=0&cw=160&settings=true&recs=true&key=ADPLU2MFQEFJON6KK97GGNAND&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=0&activeTab=true&version=2010477&sig=uvyH0U3k&apv=false&osLang=en-US&winW=160&winH=600&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fwww.timescolonist.com%2F&ogn=https%3A%2F%2F5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7a1150217f6edcfde0a1204f1159e50b65174cf64114b3acc60102cdbc34db4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1696567569.613423,VS0,VE212
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21935-LGA, cache-fra-eddf8230047-FRA
x-traceid: d4b920ff9c4910e93feca5b9a12606f6
accept-ranges: bytes
content-length: 8564
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame 7062 18 KB
6 KB 280ms
280ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fwww.timescolonist.com%2F&idx=0&rand=83315&widgetJSId=AR_1&va=true&et=true&format=html&px=0&py=0&vpd=0&cw=728&settings=true&recs=true&key=ADPLU2MFQEFJON6KK97GGNAND&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=0&activeTab=true&version=2010477&sig=6RU4Fl8I&apv=false&osLang=en-US&winW=728&winH=90&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fwww.timescolonist.com%2F&ogn=https%3A%2F%2F070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fdda1761d3bfb48b1bfbccbc258b354203fc80aa0f5f95bdbfd84fcfee37681c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1696567569.635668,VS0,VE240
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21945-LGA, cache-fra-eddf8230047-FRA
x-traceid: 4d77f49e60a5d4ce5000dcb067a77a0b
accept-ranges: bytes
content-length: 6349
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F277 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssswJfvG5HjnONfcpG49FmXCzk6yAshel73bSEEMurFEyUeXzqfCZapYxEcpIldZiertmB9q7leXJM1UzGjY4aAvCR_dUfDQ0phYjtYeLUJ5NiAEyEIb1kZW26YOdwwTb7L_hkHtRoSVuLQ9AvUmeGRyLpHDA2gGrkZlbIl0SKFWJUF_c5Xn06au2lENAIjsZIART-bWvYo5ZfTDeLpE5gkWcJBxpqw2-T7IZZXOyihsw5GBNAowzXOFT1KA1Pt5akQ4UnlhlgJ99GXL3VN4Ew92ng5FCKvoWiOyy-m-xukCJ5jQkrs8NEASABL_hi8sx9RU11VwEKSuM9oHB5T-Fxpo8tdd-s&sai=AMfl-YQ2B584Lffmg1Jk-lco4YUXEiWz2xKSSeJmtTySq9BNYOFUllVZ5lUDZ1mwWJ3vK5UzQtRH_nkVBzTAiq513ZWQQFpsOiR4OEyb8b3swyD_1kUlO5JPCWQDBcE7aw&sig=Cg0ArKJSzOBfc7fkECiYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 06 Oct 2023 04:46:08 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 58ms
57ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53ad2d9f45d7a5d06fb1a70679ba2d8836ecb3aa9efee2002e82e283158596d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12001
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310030101/pubads_impl.js?cb=31078561

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 06 Oct 2023 04:46:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B337 13 KB
5 KB 41ms
39ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76143
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 07:37:05 GMT
expires: Fri, 04 Oct 2024 07:37:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CC76 829 B
558 B 89ms
88ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

39c77efa78f4b3c551e7001fe9e89443cd818e1fd16a7f3b824b4c0b546a9c46

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AytVfdIJebscpniJUZwXHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-AytVfdIJebscpniJUZwXHg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 04:46:08 GMT
expires: Fri, 06 Oct 2023 04:46:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 platforms Show response
odb.outbrain.com/utils/ Frame F277 18 KB
6 KB 533ms
532ms Script
text/javascript 146.75.118.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/platforms?contentUrl=https%3A%2F%2Fwww.timescolonist.com%2F&idx=0&rand=28725&widgetJSId=SB_1&va=true&et=true&format=html&px=0&py=0&vpd=0&cw=300&settings=true&recs=true&key=ADPLU2MFQEFJON6KK97GGNAND&tch=0&adblck=false&abwl=false&ab=0&wl=0&umv=0&activeTab=true&version=2010477&sig=pcooiqMg&apv=false&osLang=en-US&winW=300&winH=250&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&iframe=true&chs=1&ref=https%3A%2F%2Fwww.timescolonist.com%2F&ogn=https%3A%2F%2F4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html%3Fn%3D1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c8bdbbc9f6850f074a9c6c1d79337926945776ff1399a9f902c6f24dc16b436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Fri, 06 Oct 2023 04:46:09 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1696567569.779601,VS0,VE494
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21955-LGA, cache-fra-eddf8230047-FRA
x-traceid: a2696cc5c536f5780d15947ab1aa53d0
accept-ranges: bytes
content-length: 6255
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ Frame 91F4 4 B
371 B 509ms
119ms XHR
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1696567568778&sessionId=3c41eecf-b4eb-2c3a-226f-1d53a5957236&url=9676e82442a02437030737452586d745.safeframe.googlesyndication.com&cheqSource=1&cheqEvent=3&responseTime=523
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:09 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 7a0081c3a7d8771b13163b12e9268296
Content-Length: 4
Expires: 0

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 91F4 990 B
1 KB 40ms
40ms Image
image/svg+xml 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Sun, 05 Nov 2023 04:46:08 GMT
date: Fri, 06 Oct 2023 04:46:08 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ Frame 91F4 2 B
356 B 488ms
118ms Fetch
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=f92f6e42191d34f383c008d123b52614_207171_1696567568706&tm=534&eT=0&widgetWidth=300&widgetHeight=250&widgetX=0&widgetY=0&wRV=2010477&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=312&oo=true&lo=288&obreq=155&odbreq=519&odbres=829&cet=4g&to=1696567567955&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 04:46:09 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 71244d21c885d83d52c589193c559201
Content-Length: 6

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame B235 4 KB
2 KB 40ms
40ms Document
text/html 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Fri, 06 Oct 2023 04:46:08 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Fri, 13 Oct 2023 04:46:08 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 eyJpdSI6ImU1MGY1NzRkNDM3OTM2ZmE5MTMxOGFlZGYwZThhZmJhYjkyYjI5ZmMzZWQwYzVlY2RlMWFmODhjYTk5M2Q0YTkiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 91F4 18 KB
18 KB 182ms
88ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImU1MGY1NzRkNDM3OTM2ZmE5MTMxOGFlZGYwZThhZmJhYjkyYjI5ZmMzZWQwYzVlY2RlMWFmODhjYTk5M2Q0YTkiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2911edbc1b520fe2817d35531c4c3c691e6a09e98b65ac60ba343369a38f3a3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9676e82442a02437030737452586d745.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
last-modified: Tue, 03 Oct 2023 07:07:58 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2241077
access-control-allow-credentials: false
x-traceid: 44b558e9ebcde164db1b577378aa68e4
timing-allow-origin: *, *
content-length: 18088

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DBCF 42 B
64 B 80ms
80ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvI8HzKq9eMtLUTih2ykJ9XM-DR3DrECQXfP6lXzQUUE2SiRiMfGbCuMZawJq3GRMGoaFffC8lwVdmVrd5bh-9TYQV8de1UN7rRKI9Z3gQfH305-_otEkHJ7NoKC98Q&sig=Cg0ArKJSzN7me1l5JH9KEAE&id=lidar2&mcvt=1003&p=288,980,888,1280&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1840573415&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696567567356&rpt=433&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame B337 37 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:57:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 18:57:33 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ Frame D3D9 4 B
371 B 475ms
119ms XHR
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1696567568832&sessionId=1f4e6fec-eef2-f788-d531-f721aab49dd4&url=5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com&cheqSource=1&cheqEvent=3&responseTime=480
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:09 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: e8a72e5f5c4700bec44c99fa9b48a6b3
Content-Length: 4
Expires: 0

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame D3D9 990 B
1 KB 41ms
40ms Image
image/svg+xml 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Sun, 05 Nov 2023 04:46:08 GMT
date: Fri, 06 Oct 2023 04:46:08 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ Frame D3D9 2 B
356 B 483ms
127ms Fetch
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=06f71a4523bc925c551ac73869b114ed_207171_1696567568774&tm=509&eT=0&widgetWidth=160&widgetHeight=600&widgetX=0&widgetY=0&wRV=2010477&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=266&oo=true&lo=289&obreq=121&odbreq=605&odbres=871&cet=4g&to=1696567567989.1&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 04:46:09 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 88d33ff98c43c884e1f0617661489a76
Content-Length: 6

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame D5D2 4 KB
2 KB 41ms
41ms Document
text/html 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Fri, 06 Oct 2023 04:46:08 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Fri, 13 Oct 2023 04:46:08 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CC76 0
0 74ms
74ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310030101&jk=3921321860314403&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 eyJpdSI6IjZiNzE3YWQ4ZmFmMjQ1NGQ2OGE3ZDE5MGU2ODcyOTA2OTkzYzY3NWJmNmNiYzU0Y2FjYzNlYTQ2NjcyYWFhNzkiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame D3D9 12 KB
12 KB 89ms
79ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZiNzE3YWQ4ZmFmMjQ1NGQ2OGE3ZDE5MGU2ODcyOTA2OTkzYzY3NWJmNmNiYzU0Y2FjYzNlYTQ2NjcyYWFhNzkiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3dce2c1f723d37991b4fe8620d8d9ed677c62f58dce06c2c3df15ba37a4fe6ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
last-modified: Sat, 02 Sep 2023 19:46:07 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1712273
access-control-allow-credentials: false
x-traceid: 538f07afc1fae516ff071305129ae1e4
timing-allow-origin: *, *
content-length: 12406

GET
H2 200 eyJpdSI6ImMyMTg1NDIwMDJlZTg3NzQ3MzA1NDAwNDNjODYwOTM2NjFlNWU5YmQ4MWRmNDUzZTg0MDk4YjkyZjI2ZjU0NWQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame D3D9 11 KB
11 KB 50ms
40ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImMyMTg1NDIwMDJlZTg3NzQ3MzA1NDAwNDNjODYwOTM2NjFlNWU5YmQ4MWRmNDUzZTg0MDk4YjkyZjI2ZjU0NWQiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6caae8e76bcb7c3b1c777f9ddc873538c8947cb41286a46b928a72234ebb38d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
last-modified: Tue, 03 Oct 2023 07:06:58 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2240596
access-control-allow-credentials: false
x-traceid: 914a5d3702d3a5361816617d4948e937
timing-allow-origin: *, *
content-length: 11226

GET
H2 200 eyJpdSI6IjJlYWNlOWJjNjJmZWE5M2IwMWIyMTJmOGMzOTY5MjllOGRhNjgwZGJiNDhkMGE1YTQ1YTZmMDA3YjQzMDFmZDMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame D3D9 8 KB
8 KB 49ms
39ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJlYWNlOWJjNjJmZWE5M2IwMWIyMTJmOGMzOTY5MjllOGRhNjgwZGJiNDhkMGE1YTQ1YTZmMDA3YjQzMDFmZDMiLCJ3IjozMDAsImgiOjIwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2fb3ff3fdf4bdda5062c62c3520fe8ac474d736949350b0c6327f4acf262a870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
last-modified: Thu, 13 Jul 2023 08:26:54 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2096893
access-control-allow-credentials: false
x-traceid: 6e8087e741a268b896bea1b284ac5508
timing-allow-origin: *, *
content-length: 7876

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D188 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7jjnJVfDBzZwHVppKtcHxnkpaz0CBvqL-S8tRXf_pT2raZKIBL0dEX3JTJ-nvke4mYDAMHUGTtOS-SOLDqTM2NAJvYHlgokKorGXMwmQZHtReRPGQJzn3NQunICVi&sig=Cg0ArKJSzBbBvb2NJ_YbEAE&id=lidar2&mcvt=1011&p=163,436,253,1164&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2207274337&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696567567468&rpt=404&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ Frame D3D9 4 B
371 B 458ms
114ms Fetch
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=06f71a4523bc925c551ac73869b114ed&pvId=06f71a4523bc925c551ac73869b114ed&sid=9630683&pid=207171&idx=0&wId=146&pad=3&org=0&tm=537&eT=3&cnsnt=no_consent&wRV=2010477&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:09 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: d3eb30c80fb391b4ec4e141335f1afb8
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ Frame 7062 4 B
371 B 474ms
118ms XHR
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1696567568899&sessionId=8d4290af-9760-4a97-cb07-1d8122eb7c4f&url=070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com&cheqSource=1&cheqEvent=3&responseTime=486
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:09 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: ff61370c65d802241efee72abc027145
Content-Length: 4
Expires: 0

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 7062 990 B
1 KB 41ms
40ms Image
image/svg+xml 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Sun, 05 Nov 2023 04:46:08 GMT
date: Fri, 06 Oct 2023 04:46:08 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ Frame 7062 2 B
356 B 461ms
117ms Fetch
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=655e692fb45b5de3530c3806a3b5fd5c_207171_1696567568826&tm=493&eT=0&widgetWidth=728&widgetHeight=90&widgetX=0&widgetY=0&wRV=2010477&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=287&oo=true&lo=126&obreq=56&odbreq=441&odbres=728&cet=4g&to=1696567568177.1&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 04:46:09 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: 15cfe3faa3d926adf963bc66137318b1
Content-Length: 6

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame D47F 4 KB
2 KB 40ms
39ms Document
text/html 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Fri, 06 Oct 2023 04:46:08 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Fri, 13 Oct 2023 04:46:08 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 eyJpdSI6ImUwOGFiMDE3ZjExM2JlZjhiMmRlOWMzZWIyNDNiZmU5ODliY2NmNjE0ZjI2OTg4NjdmODMxMjNhNjNlNjhkYmYiLCJ3IjozMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame 7062 5 KB
5 KB 72ms
72ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImUwOGFiMDE3ZjExM2JlZjhiMmRlOWMzZWIyNDNiZmU5ODliY2NmNjE0ZjI2OTg4NjdmODMxMjNhNjNlNjhkYmYiLCJ3IjozMDAsImgiOjEwMCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: be5b711bb6d93e8e9be602544eb86cee256a4f7b8db5d823c1a702be049eb077

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
last-modified: Tue, 03 Oct 2023 07:07:19 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2241085
access-control-allow-credentials: false
x-traceid: e464c8b6d19d34ae41f38d2d075ca241
timing-allow-origin: *, *
content-length: 4682

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ Frame 7062 4 B
371 B 477ms
120ms Fetch
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=655e692fb45b5de3530c3806a3b5fd5c&pvId=655e692fb45b5de3530c3806a3b5fd5c&sid=9630683&pid=207171&idx=0&wId=100&pad=1&org=0&tm=518&eT=3&cnsnt=no_consent&wRV=2010477&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:09 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: f47a9abe56759fc5671bd49087f73fac
Content-Length: 4
Expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B337 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fhsgyA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CB3A 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv11huFUgk5MPyhuTPg8RzE5ehyFjx9Zjt7pk12VP69FM2atUFHtn_16fQdfSVB6VAjyZg3xfENVo1-T1PXjTbKWU2ZK3ujwjUpvfB-AQ3BS5nESqrxvk2EgwZlhzBY&sig=Cg0ArKJSzOhS5Do7gILUEAE&id=lidar2&mcvt=1000&p=161,799,163,800&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2582308588&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696567567475&rpt=546&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ Frame F277 4 B
371 B 351ms
118ms XHR
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1696567569056&sessionId=41153be2-e9c5-3175-d324-ee52fbeac02b&url=4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com&cheqSource=1&cheqEvent=3&responseTime=495
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:09 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 73020fe2cf28e66ebd35f987b4a769d5
Content-Length: 4
Expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 62CB 42 B
64 B 83ms
82ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv_2rnEQtJzgnn10bZZF2ztbLMBOJwgT9IVklW4F6ICj-3SvtzP-F8eBr5U_brJmkz6WvOfcVsQppAfA0aI3Q54CVQtaog4tK4N8_1WVN2KFiMYqa-S4lXaisVRv62i&sig=Cg0ArKJSzB33PTBCZ9JsEAE&id=lidar2&mcvt=1000&p=803,650,1053,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3106542233&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696567567728&rpt=326&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D188 0
0 76ms
76ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310020101&jk=2728082728021033&bg=!FhWlFVrNAAbjlzx0w5c7ADQBe5WfOHlAGcouQUDrtq4PwCV20rUsXSTI8TvQ5F57Q_5eRjyodFyJB428CUWKQMyiJJneAgAAASpSAAAACGgBBwoAtVI7glbEnssMrIs4ZiE2vhHcn0qblrYGE79wbkSvg_pwNygpovJ_MXoKmA9BR_WPikoATUNRKgFD-mVdWJbT9rLGdd9LiExvwl-f4b9X0wqv4TTfQDtH99KQpoKCF6FpqWy1x2hq5cSlfzvcLnJlu1xwHAdWlIQipNhkTZNdHExeOxoDh1MXyBA6r8d_KZDPUICb1NEHRnDYGuGsOUHdfrcUK8AoAswmBD6NcLlWcebGT_zDZXGZAtUSo7ablpg_yTtTYFTjHJXe9ohugsTTbm7pJoInbhaDbN1Qx7kUg2nKPoCYU4cDJbNZbXWNgw-sOiMRu3bF8mLfvX_JHIl4ktWwQwSo0dRQ0IQvAHEX01qiPJr_7RRubu5_ct3ip-69XFXuXOe1IEiuNMjI3duXeoM0ytdnQ_lByhYAUZl1Vo9CQCzLTbVsn5j24wvUxI7jjXxAhb1_UFSL05PbPaZhEiEqElatOfRJziCAUPtqs8U7_Q55sZ41yqnMkTHDCsq4_rkisY-z6Y3cGlBFYWflHR5I5JcXs-H7eQaWpTSkbCfaJEi7KvOpoxgbW-dPmoZb_r6xyV4EHX-gCHdVBYPAhUHEbEfPrrQeioGcMPAQl8l9af9S8SwaSM4AmSZboYg7Dxcl0nHAlEgCHjk_ANlE9vV-pajE2B4v7wLsnDRbHershFmQZEvwpH5Dzkrawtpx_7pyKmXa9VIoJfsKpMFjWm6iUblf06GOfBbBA9wS1qAfSNe28rjCDZbulP0rq62RyhxhnFlRSKpjyRMYTnrhNfRRaKE0TFDb22DMedqT18-FVtC3vPNIVzV9t2WdjxjTEkRcxkK_h_VFS0Wz5_OCLbiD0-gkSmoO9l2hTZc_U7OTSpWmVg1UJxgIh15U-LY6pE5NaZa7l0sc1loELLpiW5mMWnNLKYj49-PeEbH0Kyh0CsSMvp2jRX6vLRAIr8G2XJWQrNA2puvmvFW1HOE-gpi1OQhj0w_wdN9t7WxXC6diLMGkHRhUvp1G7pMU3B6FiG5-qAfNa6EE8hOApmbPwi5cqETzlCnNEkFKTuRMkmDhZADVjlHjvRGhXqTboDr9gRfahkNBna9Uv-eRBTrgkSnwQEFq0SBNgUsZR_igOP2fyg7I3ABxK8IgCxswVt08BfmLeK4OKSjxb5hQi8hqaZT0cwC0QCdC8_FtrwJSHFA1FszXcl_jZOYB2itzRw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DBCF 0
0 109ms
109ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310020101&jk=436921092384428&bg=!ubqluvXNAAbjlzx0w5c7ADQBe5WfOJubGD7BgRpdMAyBRrmuIlppigbhABFYhIh9Lb227yt6RhSrfbi-lQb03V2Anir4AgAAAUpSAAAABWgBBwoAlTWT3Ms_eHZGNvDWTFyzdFZVVTqZmwHw4OGd2vFKz3bXuKLwjbpc4rBpGndC6EwSYQJiM9HECV_CmNKHGVgIuWVmGuALjbrWoLXH1l9iM11cRUGN6coP_RUEpfy5vKD2PiGge5UoEUVNyEAKkvKR8exAVYDmC6X03Rh74BMKaa7p_aHSTvzpUTwL3kXYvD2yxTeVWChemQLolRDIFGun_iFDwhMYIB0ms2hiwx4OBJC7H3EMkmuPNZ1YIj1OAFaydaR3dzxvP2TpO3dII0OKnI4ni38ccJqgcgbMqVkOFzoqa4Fyn7UdMTCWytFY4IUws7wIwXBl-mk-cm9FOYhEn1HH1G6CK1ZPdNLy-wl3viMMgXypiLN8el3tMGHNXDrLvKve9rtKYHCBRY6thr6XoHfzBDWL5jpVGkJ7nJwI8QZFsRCXO6HsyBWIbRyGZeybcugpVLZm1C6F_QKGxlvChoROIxASebYVI7fU8JbpXIxkaFXmaE-TTewoc3E-SjWHVlRLVkFhGp99GXLpGSwIVhg_3e_-ULzG6_mo7QJayTvliLXw5b9uDbmh55IW-Mw5ULpcl27mxiOfwYTsvtk_O0zKDi06lV_OXm9c_Mpx7RigA7kOM5cmvsLE8ygDXvmHBYNJUtAtEYil_3yvP-tFZSvozLMaDXDb7CejvZ-vCiytU9NvKTqjN3hUXOntIegR8ZcR1AfxHXjaYxIuSl6r591Wx0Zuded6JLI8caqFXG5J5G7baSg2qQRdi2ej1az_AKum-vRmytQuzuj_XOjtAUXSXxQLHedvsmcmTRwV51lpWaG8ncRvFj6i0pHdz9LfhunPTaHRSQRu-AJhtOubuFCe9DusRQxEsg2ptbCULYqQWtFEnIbJWayJDwTGvNJoasTqfTbP29E15-HdiCzo9pEw_mQkfmp0LEdl8DYOSCNsLBh_Udz4qmO1UwGqxKm_EQhivGILgTlfmjU9tVME9RnAdoriUIh8XJbWKvveS7npSNorA0BqjFXY982BVnAjNswfTuU-YEHY3NPXGURH5eoZ23vJXukowHZW95M-p_x26t-9uikxe5_yT92nOvH4bxEJZxJHcfKqgvnkV_FPX7yhCYILRlBjtZ-q7AJ7uYmydcISu5SpjAYGoX2IdeS6KgpbOXES48jmnUogteJWw9UOYRb2Ft9Hx1QM02oakBza
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 417A 0
0 110ms
110ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310030101&jk=3496408437350396&bg=!CwilCEfNAAbjlzx0w5c7ADQBe5WfOAiuQfBjU9qzpgdY425Ekql1Dkjc2OK4FZva8bqUGBitNbVV1rpWYheg0goiv0sbAgAAARlSAAAABWgBBwoAGikbqyRabYU-vGfWRr64p4t74guGj1xJwJySmQLd4Q_0CxJ0yeuOCicFof_sP6XO-0axWfpD4HvuHmPfwWYAzZWi2d_WDa6UX65MpDPPkC1KCyyWzkRYoSmUXOKLk7lDDifwtlizr6ODTSMQO48kbpTf7kjjw-KQhkrIKc7cseOe8YO1YwG0kSCH90Fxxao27qyGmBDFtkT6e7-CMmWyhIsyyMyzX1iVifCaur8YQPrSN-KE-njQg0UeYc9vlsz3DBf7WI-EfP1Yvltzq00ET5SUcrrSbxZJu5-4iFuuz2BUe0nJ0n3pui0IC32A-ofLsDSjsbAKgZqT5IfAdXm3au5PQlVJfRtSyqz8FK66yoEOyBoy0tDuaFIM-4RklEeGbUuBuGxaWtpCehaTy-jkfOlf6Fi1Lt66or0bUH0fgsJm8Ueo6hB7alysYUIDtQUIoE4go4knWk5e0PWl5nMmLmfV3oYkdFa2P3ohJy4MyYiL6l7DQNilTG5X1QwQNolQDcKbArtSEpKvEXiXQRSB7lg_iAnKHTnlExYPNlqJ56YVtbOSK-RL7yr5yz4eN5XIbu_QhiH8x9ugpltJWNolEd2WXnho0Jg6TFkSBnfGlAGgLSCtOwa86QfQ3_x-zNoFqsCDLXu3wBoc9Y2sT4E8ttJc5D_AtBd2XhVFNKQtj9DGurN6i2dMBbGcyeg1k3WMbkvcWiLAtEzr4xAKRlUqO0tWbyqwP15cz78A0MQb90XoAwr0nRerXuBv-9tnQoDrfzyUO0QCY0yd13CtW73QRPrfkrdsEh7Pd1W08UAeZfv2WPjbTNjHAWQmOgGCr08wyNN91cDPmHFj_kKvZl90ki8D9llTkdhGZAdZsQCYRepzErvhd-Kw8E8E5AXAIm2-TC-2OAF-YhVlqJg_hSMawtNrtBeTHW1u16rPDQAHpmbNNUqJeU04GuHu_gW8m7atO86fPrUAZd4PsXe-ATu_ENkpgdxBQKhBEInzuKcp4ry1Fp_YEhRSeGcj2Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 62CB 0
0 109ms
108ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310020101&jk=15904226534020&bg=!bG-lbyDNAAbjlzx0w5c7ADQBe5WfOKd4-LsEq2o-Z8AEYZi6ozVo9HUd0dUZIEgHe-7PldBUosakN41beBdb0W6yYWTFAgAAAOxSAAAABWgBBwoAkfswJ7ktDRCHmIcI4Y1l9di8sMkscMNP2_CsIIXep2rLD48wzQAYn37DliMqbtmIdP2erPiwDyY9Q46qOY7ZkzYF02doO5SG8t0OpSr9OeyOYqyRBx_tR9qz_MOJ47Kk5xGcd8tUVkI5xYmXvzf2VGgEyVj2EvbPkZS-OP5EzhITsGmpCqBXn4yWx4IN7TbLud2ZAt44Bz3oCsOHDc6SbyXE0lq7zTdLPqVQeqrWz65JFA9iRw-lmlI6q5SvyKChfDLaqvSb789YvSae6yjkgfB-hnsvMXi4m7sQ4V5ahUn97ki92eAxNZkEsYgHxn27751JhHdyfh9MLnM16ImWRb1AwxbMas8hKXnucbAERhmUaCrLO7HLlvE_k5am4cLypuGloYZVUF_CO4ctfH_icjKvWe6rk89Q7JX5M5t5A9Nqd904d97mq95oKMe2XCK8h65kYoxnwLBQRmzC0ojW7KknxpCtSz6i-LodvTX1612pB9mtiweOnSbLZRlm29icbiLzreQ1Xr5Mr1wnbi_GK9ksibrzLgiH54H0yHft6qOR3OPeO7laUzWOAdufu5NJHz0qNAGuAuwaO1B8giOKbHZbrpE6A29EYeaXvmO4JIw32CwKhSls4HKNTMJnol7S_h7UmBIPGnBD-qKVaswIy1bopdjVsfJgIYte459RawyCOEkGlr0X7PoOEqk7f2n90Lm9bEhTlfUApjwLHLyLWZ1P726ApVsLHxdoKNMH1_KKgNeJJwU4TnpoeDEWapvWrwloQaNQX7VS3vnKAK8eQFZjIF_3lkRtuyktREyOhI2-8ECP16TfWKl_umk-uT_DXjSZ3D4jR2A-4QqRRlji_Gh0PC-xiP9zHgR9P1V1uIuwXn3jDi52B91U2Tao2GbgMVfJRCO0gnAFe-HnHCFu5QBxd3RI1LNmGa6xeHHpUawIyjdMOPSbW4Idmc4hNyMtbDliT7yseHjLTTOKJ8PRf5dR28xbq7Em8FpjjSKcT4vgXqjZ3JOjMbryN1mPtaaN1yRoPYKQA0JWV2m8QHglbdTem-nGksS-fAqBPEb9xCbA2Y5xVTpP3DDvQZ2sEYpf5h3BItz9FnxTNjygcOmY1OmyOwMklLhSoy8CECVDgNa-8FoPSeclkZvdKKn3giobHM5aBLFhIMr9IavmL_bshjMEsQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame F277 990 B
1 KB 40ms
40ms Image
image/svg+xml 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Sun, 05 Nov 2023 04:46:09 GMT
date: Fri, 06 Oct 2023 04:46:09 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ Frame F277 2 B
356 B 118ms
118ms Fetch
text/plain 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=353cf271b134a3317ffbe12741b13054_207171_1696567569223&tm=740&eT=0&widgetWidth=300&widgetHeight=250&widgetX=0&widgetY=0&wRV=2010477&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=538&oo=true&lo=177&obreq=125&odbreq=478&odbres=1016&cet=4g&to=1696567568283.7&umv=1&ll=0&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 04:46:09 GMT
content-encoding: br
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: content-range
X-TraceId: a341ec68b0fba5f75fabc770463ef54e
Content-Length: 6

GET
H2 200 monitor.html Show response
widgets.outbrain.com/widgetMonitor/ Frame 9A89 4 KB
2 KB 42ms
41ms Document
text/html 23.32.185.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetMonitor/monitor.html?deletelocalstorage=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-185-60.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f

Request headers

Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 1606
content-type: text/html
date: Fri, 06 Oct 2023 04:46:09 GMT
etag: "1295e69d949ede7964200763acaebc50:1679841729.42395"
expires: Fri, 13 Oct 2023 04:46:09 GMT
last-modified: Sun, 26 Mar 2023 14:35:45 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 eyJpdSI6ImMyMTg1NDIwMDJlZTg3NzQ3MzA1NDAwNDNjODYwOTM2NjFlNWU5YmQ4MWRmNDUzZTg0MDk4YjkyZjI2ZjU0NWQiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ Frame F277 18 KB
18 KB 43ms
42ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImMyMTg1NDIwMDJlZTg3NzQ3MzA1NDAwNDNjODYwOTM2NjFlNWU5YmQ4MWRmNDUzZTg0MDk4YjkyZjI2ZjU0NWQiLCJ3Ijo0ODAsImgiOjI0MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 68f9f57772f4f47b34ff98429cf255be5e6cf2fde0c54573354b96b80eef3695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:46:09 GMT
last-modified: Tue, 03 Oct 2023 07:06:58 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2240911
access-control-allow-credentials: false
x-traceid: 6cd28fecc5b833876fe7ed4f71b3fff6
timing-allow-origin: *, *
content-length: 18380

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ Frame F277 4 B
371 B 119ms
118ms Fetch
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=353cf271b134a3317ffbe12741b13054&pvId=353cf271b134a3317ffbe12741b13054&sid=9630683&pid=207171&idx=0&wId=102&pad=1&org=0&tm=756&eT=3&cnsnt=no_consent&wRV=2010477&pVis=1&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:09 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 05ebc88a87f617ccdf12ccf312fad2a6
Content-Length: 4
Expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D3D9 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssH5mIWksl1fyCG47SnqfxF5rfO1s7SN0ipnDIcpEzOfMbwJh6M6V6Y64kFKTa3WVJ2LtamIiEvK_CdCwofoJ6fgk3CZFQe_HAi5HelAK9pEIpYP_sIwvkUmj4TdUSl&sig=Cg0ArKJSzI7dBPq0hwYCEAE&id=lidar2&mcvt=1000&p=288,980,888,1140&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=2387504735&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696567567989&rpt=453&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310030101&jk=3921321860314403&bg=!4-Cl4K_NAAbjlzx0w5c7ADQBe5WfOF60SsCsLrlvSDTIYl4JyJe-SWPBOwDCpf2AmmBn-AcNBSfWKYbijL8xWwOj8NMVAgAAAF5SAAAAB2gBBwoAi3nmHEWAJOvR0ow5sDNdDnN2Z_xTd5WrDcHdJ3DhdWTNRF8gSZIcTJPuJpnC7uuc2PaB56izJS7GAEHdukixSjnXtn1A8mHThJVxWIYozpCIJj3w-aK2qcybZcuJonc3w-NMirk6aAdrymbJ1LfTTnPuJod8gEY2hJKXkNE3jkug8qNfKOJCrnMkcN6ZAsVfQ92jBriHIYGWRo764KIMLDQVFDWw-LCocVucP1R-FjZi9BxniExBQp9SVFcPAB08-m7_fZ_r_f0E8UJO1oftnLmJi5TnpeaYQljTxA0DCstiKD-nZLp03ATWr-4xQRO38yXQmavRutf7XS9G2xCQF00PTsgbsiL9fTAp06HcedUr4pqnNnD22P6tyZP7sGiF6FzfFPRzexHsNIS8l64qCQJzvuUmATgf4CSgqbpBUk2hEfjP1vlVHlIKBJFtxYt1lm7Penkv4rOY1mFqdOQlV375GpnvV9GPX15Kgopj8ScqB_lMXY46BikGV2Pu6QN17EvHQgWzkH9h4OXDW9kgBCz4dOODfhNpOOf8xt6Hs7npIORtkeQiLB2VTsIzPy_3phYBq5sK-2y6RHCO8ia5RYY0zi18G8nVdM7bSEWA2I8eS18LeEmvN0KqpXsJWzcOAeDmgFjm7YqocZVhP9JITxMGT_Jk8n6ITEI6MrMWM7FemM4lZuF16i4W0vKv--kWhzhl3wzGy5elZ53bDggdtgPVttkNg9uFlUjvHLdtV8WuCFUsj-6ApPxrzJN5BrDlnRfC35_Nny9cX3NkSSOkCfjOZbnfm9o_45gNaCr6LhD831o3n89sY1NYrDL7TD-ZRfROT6Yd0RmyqvyPIku_k-nhEVwnzdFf20P_4kard_H5JHyIP1MIZCZPkCfX9-W3bxRglijk7XjlcBxYYxyYoqDDtCDADRuuOjDr1PKgPOSwjN6kY3mkMXIA_o5bHndMdygKt7GJ_KuiWux0HTnM5nXYQkb3U-ic7cT7iy3UkYbJ3EZgbWefvaOT5G8W3gyiswKpJd8eC90c0nmcbHdAEB2tK5pzhiIWB6h0_LBW_PuNwt3kUtUstN0iuH9U-PaogFmz5zv_OyXiLz_HmEpSnrlTjagu66p2ZFGaJSYAVd8fQq8T
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7062 42 B
64 B 79ms
78ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqIbd2jPWS8Cs2a7vgLN7JBv7SLInMOS-RDevT4XZcbq-JIEsKsbB8yA4MBUF2Z-4ceVgKcPGiGP_JKLjZ4sMe2bAjvZfI0Bd1s-W2NC2T6fvdreTxUTJMx06QIUpc&sig=Cg0ArKJSzFSxzaDWWhqIEAE&id=lidar2&mcvt=1001&p=163,436,253,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=57877934&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696567568177&rpt=319&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F277 42 B
64 B 77ms
77ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuehGrg5xLNRfOFXdOx-yjocREOO49TKOisVfShmaxPIA5C7cO0QLZMVimf0Mhtj0z57pO79V-25stBRRf684nBRbY9ZTSFZSrBsq0Ak1LPVDFfARDND3y8JRluKOW4&sig=Cg0ArKJSzPVPXTH2QgILEAE&id=lidar2&mcvt=1000&p=803,650,1053,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=181281449&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696567568283&rpt=338&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ Frame D3D9 4 B
371 B 462ms
115ms Ping
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:11 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 471ca762b4a43574b89f01ad8132c288
Content-Length: 4
Expires: 0

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ Frame 7062 4 B
371 B 459ms
115ms Ping
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:11 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 16c59b82b728dfc7a9d82935a03f8e1b
Content-Length: 4
Expires: 0

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 54ms
53ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:11 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 54ms
54ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.timescolonist.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Fri, 06 Oct 2023 04:46:11 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ Frame F277 4 B
371 B 150ms
115ms Ping
application/json 70.42.32.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 04:46:11 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: content-range
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 754256fc461a0d88f1c471b0145919ad
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2C48 281 B
554 B 139ms
40ms Document
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/25542.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.timescolonist.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 06 Oct 2023 04:46:11 GMT
ETag: "40011-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9KXE0TFJ8Y&gtm=45je3a40&_p=780380341&cid=1990525788.1696567566&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1696567566&sct=1&seg=0&dl=https%3A%2F%2Fwww.timescolonist.com%2F&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&en=On%20Load%20Soft%20Prompt&_ee=1&ep.event_category=Push&ep.event_label=Push&ep.Site=82&ep.ParentSite=19&ep.Member=False&ep.Subscriber=False&_et=60
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9KXE0TFJ8Y&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.timescolonist.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2C48 36 KB
11 KB 39ms
39ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 04:46:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Oct 2023 22:01:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=62110
Connection: keep-alive
Content-Length: 10539
Expires: Fri, 06 Oct 2023 22:01:21 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 2C48 7 B
380 B 194ms
40ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: ef823186f233724f4775c0c4b9549d14
Expires: 0

OPTIONS
H2 200 event
prebid-a.rubiconproject.com/ Frame 0
0 41ms
41ms Preflight 52.59.82.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.82.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-82-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.timescolonist.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 06 Oct 2023 04:46:11 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 204 event Show response
prebid-a.rubiconproject.com/ 0
125 B 41ms
41ms XHR
text/plain 52.59.82.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-a.rubiconproject.com/event
Requested by: Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/25542.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.82.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-82-184.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 06 Oct 2023 04:46:11 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-12M2XZC8V4&gtm=45je3a40&_p=780380341&cid=1990525788.1696567566&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&sid=1696567567&sct=1&seg=1&dl=https%3A%2F%2Fwww.timescolonist.com%2F&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-12M2XZC8V4&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LBSLQ6JW94&gtm=45je3a40&_p=780380341&cid=1990525788.1696567566&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1696567566&sct=1&seg=0&dl=https%3A%2F%2Fwww.timescolonist.com%2F&dt=Victoria%20Times%20Colonist%20-%20Victoria%20Times%20Colonist&_s=3
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LBSLQ6JW94
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.timescolonist.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 04:46:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.timescolonist.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.timescolonist.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 25e5d02bc8271105cce14580db15a04b6cc1d831a98e4c947d0a5b9b2b8d245f
.www.timescolonist.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 25e5d02bc8271105cce14580db15a04b6cc1d831a98e4c947d0a5b9b2b8d245f
www.timescolonist.com/	1969-12-31 23:59:59	Name: Value: test
.timescolonist.com/	1970-01-20 15:16:09	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.timescolonist.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1696567566273%2C%22slts%22:0}
.timescolonist.com/	1970-01-21 00:45:31	Name: _parsely_visitor Value: {%22id%22:%22pid=97b36556-1d11-4261-8fb5-ca2768569697%22%2C%22session_count%22:1%2C%22last_session_ts%22:1696567566273}
www.timescolonist.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: B9D_EsTkcEVX64n9lafm-dBmCrYy1nEEAdVhZmh-9wjUutgmrBS3oBu7G0BuF23RUcg2rjpZ2kFraOvRh4KZ4QqYR4fziwt1GGa7MJUyX9o1
.timescolonist.com/	1969-12-31 23:59:59	Name: __psid Value: 1696567566477
.timescolonist.com/	1970-01-20 15:16:07	Name: lotame_domain_check Value: timescolonist.com
.timescolonist.com/	1970-01-20 17:25:43	Name: _fbp Value: fb.1.1696567566631.1347753982
www.timescolonist.com/	1970-01-21 00:01:43	Name: flipp-uid Value: 83f9e246-7e47-4531-9934-02ae21e50e7c
.timescolonist.com/	1970-01-21 00:52:07	Name: _ga_9KXE0TFJ8Y Value: GS1.1.1696567566.1.0.1696567566.60.0.0
.rubiconproject.com/	1970-01-21 00:01:43	Name: khaos Value: LNE4IWGV-Z-HDZ8
.rubiconproject.com/	1970-01-21 00:01:43	Name: audit Value: 1\|naVuGyos1qqglyYxTsy0HANb0fGVcfL/XWaA1sYWTLE9gLr7Yht2fcDgeB+QzBvpcGo/FXllJk9s+g7bEK4tw9SbTiINwSnmIvmEBe9plWmyjthOpvN3G77FQD2yB//h40Qpx8nGAQE=
.timescolonist.com/	1970-01-20 15:16:09	Name: _sp_ses.ba4e Value: *
.timescolonist.com/	1970-01-20 15:17:33	Name: _gid Value: GA1.2.947154070.1696567567
.timescolonist.com/	1970-01-20 15:16:07	Name: _gat_gtag_UA_5137365_64 Value: 1
.timescolonist.com/	1970-01-20 15:16:07	Name: _gat_gtag_UA_37383801_16 Value: 1
.openx.net/	1970-01-21 00:01:43	Name: i Value: 4dcea5b1-435e-4f45-a92c-0b9d8b3ed935\|1696567566
.timescolonist.com/	1970-01-21 00:52:07	Name: _sp_id.ba4e Value: a3438c2b-b504-41ee-9da8-859813a6a11d.1696567567.1.1696567567..2ff3e487-118b-46fa-a53a-fcb6135b4459..4e864286-b4e9-42a1-9183-9786523ce5d7.1696567566825.1
.criteo.com/	1970-01-21 00:37:43	Name: uid Value: cba6d259-5017-4aaa-9296-4b197611e8ab
.p.flipp.com/	1970-01-21 00:52:07	Name: gid Value: "9PlCjAAEXHM8ULZfAVz05w=="
.timescolonist.com/	1970-01-21 00:52:07	Name: _ga Value: GA1.1.1990525788.1696567566
.timescolonist.com/	1970-01-21 00:52:07	Name: _ga_12M2XZC8V4 Value: GS1.1.1696567567.1.1.1696567567.0.0.0
.timescolonist.com/	1970-01-21 00:37:43	Name: __gads Value: ID=08f0e82ee69c1868:T=1696567566:RT=1696567566:S=ALNI_MYXzpkyYkp_CuYipQMn9g3hvUZqoQ
.timescolonist.com/	1970-01-21 00:37:43	Name: __gpi Value: UID=00000c8f7588780c:T=1696567566:RT=1696567566:S=ALNI_MbaiH6ZhbB3QVOeemuqgRewbm-27g
.timescolonist.com/	1970-01-21 00:37:43	Name: cto_bundle Value: QIwB419nZ01teXoxdFB2YyUyRkxPbVFJb2lnNXBZSm93ZFVOaFJ0NlU4UldrcHlrQktSc2szdzRhZjJ3b1FQbUdCajU3ejlidUJ0MFBzU0dmOWdTMCUyRk1hRHdJU1FwJTJCV0tMSGZSenlLWEVvNlBhSld2RVhheWdKdmc4eW1JbTJlZWhTdFB4dndCZXdJcWhJaVluNm5RUHdUVHJ0Y1V2Z3NaR0IzWkRTMnhTS2JBUWhtYXclM0Q
.timescolonist.com/	1970-01-21 00:44:55	Name: _awl Value: 2.1696567567.5-2ceb1e4b4473c9f84c09aa885f617b1d-6763652d6575726f70652d7765737431-0
.doubleclick.net/	1970-01-21 00:37:43	Name: IDE Value: AHWqTUmFerql9VUlxNPs10_FX6lTv7QXd3mmbyK9PE3qm3vZHh9ofyiPUXZfLRPrKO4
.timescolonist.com/	1970-01-21 00:52:07	Name: _ga_LBSLQ6JW94 Value: GS1.1.1696567566.1.0.1696567567.59.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/712559.gif?partner_uid=83f9e246-7e47-4531-9934-02ae21e50e7c Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

070e2f53b533b0ed7d8547ef6312f8d2.safeframe.googlesyndication.com
4e97b620026493296dcaf4e8a6338720.safeframe.googlesyndication.com
5dae2c147f3e040a215aed8823e6000e.safeframe.googlesyndication.com
9676e82442a02437030737452586d745.safeframe.googlesyndication.com
bcp.crwdcntrl.net
beginnerpancake.com
cdn-gateflipp.flippback.com
cdn-ima.33across.com
cdn.ad.plus
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.parsely.com
cdn.prod.mktg.evvnt.com
cdn.prod.uidapi.com
com-evvnt-prod1.collector.snplow.net
connect.facebook.net
discoverevvnt.com
discovery.evvnt.com
eus.rubiconproject.com
events.getsitectrl.com
fastlane.rubiconproject.com
fe745a2caaf3ca290cd2554931751bd0.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
gum.criteo.com
id5-sync.com
idsync.rlcdn.com
images.outbrainimg.com
invstatic101.creativecdn.com
l.getsitecontrol.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
micro.rubiconproject.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
odb.outbrain.com
p.flipp.com
p1.parsely.com
pagead2.googlesyndication.com
prebid-a.rubiconproject.com
region1.analytics.google.com
region1.google-analytics.com
s2.getsitecontrol.com
securepubads.g.doubleclick.net
serving.stat-rock.com
sr.studiostack.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
tcheck.outbrainimg.com
timescolonist.com
token.rubiconproject.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.timescolonist.com
www.vmcdn.ca
144.76.28.41
146.75.118.132
162.19.138.118
172.64.152.89
178.250.7.13
18.66.112.105
18.66.147.39
18.66.97.86
184.30.22.30
184.30.25.193
20.49.104.7
2001:4860:4802:32::36
23.201.255.110
23.32.185.60
2400:52e0:1e00::1047:1
2400:52e0:1e00::1081:1
2600:1901:0:4277::1
2600:9000:206f:600:18:a82e:7180:93a1
2600:9000:2156:8400:3:1a27:3000:93a1
2600:9000:21f3:9800:8:4487:bd00:93a1
2600:9000:21f3:c400:8:48e:53c0:93a1
2600:9000:2250:fc00:a:e047:753:6381
2602:803:c003:200::31
2606:4700:10::6816:3556
2606:4700::6810:5514
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:400c:c03::9d
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.136.222.64
34.102.146.192
34.120.107.143
34.195.236.117
34.249.118.122
34.96.70.87
34.98.64.218
35.244.174.68
51.104.28.77
52.170.7.25
52.59.82.184
54.155.18.159
65.9.61.60
65.9.66.104
69.173.144.165
70.42.32.191
78.140.185.31
00e2d2a3b34f5dcc70816f6c35a5b65fbaa57c2949cfa3d388c139bfb2cd2e3b
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a3aa8462b9826053b8fa9c34701223b10828731a4ebd80a7261f7a9dc7315c3
0db14a5901b98fa00efca10feac343f181e9cf6709029378a4215955418e5027
0dcc3085a4770ef75a29e47fda6ee1fba1a1666731e61aab40b2301d9633f1f8
16f97878909c2763c2d7c1219472c3d3130a8007a6ea852049e388ea752fb697
1abbe630a225d7567dcfe02803639d185ed8dc34bfb87e00ab03a44028275090
1d955922a1fda8beec73c809bd39eafe2ee06a063c6dee41bf252a5092d45ae0
20c91e8fbcd29044b6c5f439edc4e293ee0821944202bdbc801d02303a6f72a1
2446e996cbacd3e30335d54ea38ff6377060763657ee926bc7e720adfc42d664
247c14caeae34037bb79af5d318f14dd3d6f29715fa23bfe589fcb73f0547046
254fd27c36e073f89ef5961a63316c877148fa78dbf20e612fb3fc1dbc3af906
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28af502d1eeb51cef49dc6097c236f21c453b47a033a9bb546026c0e2c5f25a0
2911edbc1b520fe2817d35531c4c3c691e6a09e98b65ac60ba343369a38f3a3c
2d33b9d69281a0e049f69af6e39ad98c7e7db554f5e5372a4dfa3ed2b67d69c9
2dd2ef26debf40e0edd9a62277cddf59a939b4026c8805af018fbea29496a62b
2e2022ef446865386fc282ae7479f4bec9aa0b65f20c3adfb1af9dd3cf853a43
2f3d236c71c54380d4ca1efedc9751caa17019a1143c6e71339fcfa0e0306eb9
2fb3ff3fdf4bdda5062c62c3520fe8ac474d736949350b0c6327f4acf262a870
3412745aa97815bd64a8c4f0411148d520025e6c7488962dc8f8f1ecab5c4f1a
37d44df61428260da98324576010ebd04c0d5a1ce6774bbed15bbfbdfc141a0c
37f24d2b3120f9a1ca72fcc796aae64e33aa2a669e758b5ad6edde17988e61a7
3829fb03536d89624526b78f3901e9a099e1d34f555a9c51e30973e91dfed037
39c77efa78f4b3c551e7001fe9e89443cd818e1fd16a7f3b824b4c0b546a9c46
3ac63d889b1d0519b6c52298bc4570b557607e74d6b65a9ac90d5495a345f952
3b6d3992a5365ec845649ae1c07aea9e1783dbcce5f66cea3195fb3b04fddcd2
3dce2c1f723d37991b4fe8620d8d9ed677c62f58dce06c2c3df15ba37a4fe6ea
3f76e7b51353152adf05d1ea281552c4bcb9d8b3456b174e1fe5ece63b82e0da
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
421c3f4099b79c560e89da5e82ea35cba3966f656fb8037d986031b597fe5633
423a9e3fc9cd594913f4d30527509babc1040d619984aa244f7eaacae1259a7b
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44c01234e7ee6240f166d753fadfcc59baecf09389ddf5879d75185cae5dfc9f
46216ea1d58aaaa7c6db7e7b3933b56b167dae4f16777d5f22af50c37eb017c2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
470986ff44d1f739fd02686f17110fa3f9bc2f029a65825e007fd5901615c7ae
47c0c8597d41f1db7726d7d182e02cd263db141e983d55f85be94826f943c997
48e75bceb657217fc848c84bdf8eeb661476f94e66ed231dfe2fd1a6eb8212aa
5301865c5df2d755330b0be4ae37c8fc3293704d8039f3b0e1febe40087bfbeb
53ad2d9f45d7a5d06fb1a70679ba2d8836ecb3aa9efee2002e82e283158596d7
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58ed5cc76264302f9dbaad024a307d32458dac639df966b2231a35f85864bbd2
5b0f6a070952cfdb5bbaace0a4eb1297fc25f2b74eb5d70815659181f96753bb
60622d59f64716ecf1f91f3cd763a62a89f260296de6f3aad16f6b884c46fc50
61419fb440d1503d2daec0c0d184b7d8dfbc292a4198e791477bf33faf35dc2e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
66c49c78219c3141a759bb2ecd97aac2674e9191c2cbf232910b493c356221f7
66ff9972e9b8e795536669a564a120777a701df7388052753e81ed4b97af0e7c
68f9f57772f4f47b34ff98429cf255be5e6cf2fde0c54573354b96b80eef3695
6a16884188426376f22c688c82917873d1080856c289b853dadbb411e3079b95
6b5502d179ab3e2b6fb8d0a44338c1e5e5e96dd8e3d81584c9af65f676ce44d5
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6caae8e76bcb7c3b1c777f9ddc873538c8947cb41286a46b928a72234ebb38d4
6d40ac22199a81a3ac31411a398333b279e9dc96a6f1ab5d960a80c538e7a9b8
714779b6a08010a319b7802ac78facee6aeda9a0517a7668eb7b83e0dd332f3a
7188423c548d0761358ba2b6570354989e3f98f7318ed998adfb04e063c05915
72392d1ac892809f20182d861477b0181ea96f8d38b92038b701e3e044af849f
729ae004736a616de197614f15a39d92405bbf0ca3a23d1fc5fc608ca4c13f93
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
753a79f75821b5ba407fdd1aaa46773bd7bd855d49c6b100951e202e47c8b42c
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
7984c9dae40f38d65fb48d5872306685e92151ddc150dbca4d25793370902e8a
7a1150217f6edcfde0a1204f1159e50b65174cf64114b3acc60102cdbc34db4a
7b934e621895ba7896d91001267adf8ab3a9475ed345b4e55342034f242d9413
7c8bdbbc9f6850f074a9c6c1d79337926945776ff1399a9f902c6f24dc16b436
7ca4f4c031a086231c5789abbc04aea54b387256bfcefc27694fe2ae70611fee
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e95019e6fb117df89850872ce2456fd2bff9ba874c089ed826033e124d48555
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860ff19f786725e01af9cf24846e0e8c982408c189c9a8a5820e41af94eaf3d1
87eb618fdaf4463e8f3b523459a983014b02589b05c16815048c6f3ffa32cbd9
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
89c18ec02bc070e5d6d3a21316a7ecd9bda0c143c4b4f9c278a07fecf618fe4a
8e13b990ba95d19746bb5ba999bb22823ecaa39f5964725795eb589985d4d496
9182aa29b47ea60b2979f1d02fe31215f4f660d489b05c3a094f7cf93762d660
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
94135c088792ce51af23a2c0008f7063222841061a12659bc50f427149900383
971234b8d67baf99b8bb6c1375b06d467f40584730efd071e01660802e0d67cd
983e70ad299e65d2bdc81585ad74f0489b16bf96d583004e0a104b874d5bb25a
9ab1e5ef8baed1d906b9e8ea4126ad958556881a46150cd6712ad5ebc40f4e46
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9e92ebaa4fbf87633a222a30333827c155ce315a682ceab8035adabb83876ecd
9ff4b86ab4db1b5474e80a99cd03392feffd19a6f1dd66736450e11c0788e213
a2ee594a2fa148201e01aec6bfa9b02a4795bc90a40f8da32b9883c621b526bd
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5c132a7429199fe569e32f6aacfd2dee487548e3fdab64d42888ba37d91a212
ab33bb269f5d469aaa053c29777d536ee3579be104a6e16d922c95af5f40ba1d
ae3febbac761ac6a28ebd6c5252a4c3ed4e3a1a5eb55dc14c39007708d2d747b
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b184e87eda4ea090c3af32debcfd7e7844c1bbbcdb776d75039a0f8fa5fe93a7
b40daee35f0d53eb726d97b519eac32436cacd6fb1c87dd9865687bd182fb1b6
b5b1cc01a5082030446a0a631e2cd540fec8412c5641ac22c4a3c9a8c5898f01
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b72ec921f88f5aec1cc3791ef01c6a9fd31c6b8763e3395ef28e51f7a8e219c8
b84009ecf1373c80ea33e60d88b829f6167b93a15db5772f4e03cb3bcd8c0e60
bc7ecf1cd7d6ffa4a851b97817810452a8501202506a3069f661693104a0724b
be5b711bb6d93e8e9be602544eb86cee256a4f7b8db5d823c1a702be049eb077
bf1284d9567690c16aa5a09b910158e6305db40143ce879567a7b27417b467d9
bf5dbb76dec2501feffb908acef66c2e039098836cea57ce66b7ad83504bda36
c03cd4ac71e7e2c0459f2aa5f13524bdec8d9aed91ca7ba400edc82705e41fb5
c083f1d0970b48ad23f7f82574cee30051b025d541db144d93008957e10e0653
c0bc803ded3eb30a6da6c3a037589f7554a759eb01357fe52de1adc19193d87b
c280232de6f03c8f03787cce1e328bfabe8b707e84ac317a3850ac6a4b66ad32
c550961c64fcfc26e556c028ef9747b25f32e5eb0fc45a20a2ef0d87ee52e8e9
c772ce27f971858ba94a51b8653f6303ad90ec63fed2ff8f05c7f09e2d597b8f
c7840726e9d5a8afff99d99f49e456c89df49bbc90e6b0cc0634aafcb5549e24
c8f01cf0aad7d61de4abe5ce4a6b6178fa9fe295df520c2ba15778e31eb97d2d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6c96e1cbca6e03c3c70c6df213c6b2e82a567079dd999bc6733eef6f74fce1
cb886f4c083307381f0a765ddb93e3db36f6a7949796b1e26aa61cde62d21054
ccf32c4bc4ad19303ee31fc19ac8af6f6bc65c827bfaeced09f60b220869374b
cd97a99d3e65b092551486a23fb468420574a6b6d649e8ecdf0bcb74fe52b990
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3771b0d9018321d4da3b1cadc2dab61863ac2ffd3460e4d2eae3c712148ace4
d44928469e42e2bbc751e3350da63e1e5d2d24dcf4a2b77e9b3d0e0ea6b84360
d664868779db60fa28f3e2b1d20765ebc66c3ab5ab41f4da25d0a74393e06c09
daeb6682331f94036a090d9ed07bfd0a06bbd2cd99b086ea49e2e9301449c869
dba6ea9ecb296ddd7d0c150a586fe6949b8f79fc8026db799723690ac9aa36bf
dc6389c855ae4b7d961402be9f9706865bd4fa8b0550cd693d527986e3510243
dd94cc7df3dd76c094a9b5269ab1cfc954a0eb2562d96bf5aea90e9d7be60050
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de516b4acb4ee5faedabea9e25206442889f9880aa24eaa807dfb117a1836ce2
e01f4e7e75b7a6d14cd9fa9bf25b9b5670b685b4f79f34875d957af0f0c10fc9
e0ac0a173056e216169bf5984a5a566d8adda0034bd3788cda9ea8b68bf7cde9
e252dfbcda9738db02e7f462ac25304ca504f7cdf3733ee5ecfc7e02cc470dd2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52fbc5177f80a7175b06b05008b70b08e5dd1cb4e5b3dc19ee196a54a4d20e4
e641289a84dccd3f02be13957ce937b6010c9f64f4fac5e880fca2f639b3c05f
e74225242085a7bd25577b2b528b5c4d99bb997fdb8dd4bd4c33884d3b0c9c6a
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ead4576828cae40843d797ac681f6adc60ec6876ddac4dd72348ac8229efb6b0
eb4c9cceb3f24edb1df271404bf5a0803fa97af9b37ec0e30369d3fc88ede02b
ebd3cc72ec07c03702be0c8e340637541d192e50422bd839c0b2eb7e6cb903e4
ec707252865599b5f506834557373719a08955c2ee379aa09145fad1b2672668
ed2dc6197db320dbb5f71701e2c6726f550c664ac2af93a45be77fd5aa6bbf57
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2f3a1f9b98efe5883c98199cd070cb8210b8f5b1c9171bfa9d88acc5a43872
f025c66b16ad0c4d4b9000c40f0e5beb2f4b3e27aaaee2dad763a319e31d23be
f12fbc2e4919613355d1053c664072f16ab9cca4aac71decf20cfae72b8696c0
f412fec2c86b652e6520eedc32f638888f6725116b98f06d8ad04f7c4351f7b2
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f550c2aed0073f93de67a467541d8b88d8e7703033601d01162c57d7629ccd78
f68fc6b61c173662f77a4ac2f51953c42ba45770bd0891d0ed94bed485924c38
f783f50d16dc6bea1fcd66db728853f7a864c5e4217bf90f0cd08765d1164a9d
fabe8086691b1e70e97aadc94cebae5140a479853570f793bae4ca35994c835e
fd481cdf1eacc4557cc0a68758204cb9e99b57842d830132b5dbcdda2f4852f2
fdda1761d3bfb48b1bfbccbc258b354203fc80aa0f5f95bdbfd84fcfee37681c

www.timescolonist.com Open in urlscan Pro 20.49.104.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

281 Requests

99 %HTTPS

48 %IPv6

40 Domains

66 Subdomains

58 IPs

7 Countries

3771 kBTransfer

10513 kBSize

29 Cookies

44 Outgoing links

Page URL History

Redirected requests

281 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.timescolonist.com Open in urlscan Pro
20.49.104.7 Public Scan

Screenshot
Live screenshot

Full Image

281
Requests

99 %
HTTPS

48 %
IPv6

40
Domains

66
Subdomains

58
IPs

7
Countries

3771 kB
Transfer

10513 kB
Size

29
Cookies

281 HTTP transactions
9 data transactions