dallas.sogoodnews.com Open in urlscan Pro
2a02:4780:21:94d1:cd66:afc:bb37:3eab Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dallas.sogoodnews.com/
Submission: On March 13 via api (March 13th 2024, 11:47:22 am UTC) from US — Scanned from US

Summary HTTP 102 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 10 domains to perform 102 HTTP transactions. The main IP is 2a02:4780:21:94d1:cd66:afc:bb37:3eab, located in Phoenix, United States and belongs to AS-HOSTINGER, CY. The main domain is dallas.sogoodnews.com.
TLS certificate: Issued by R3 on March 11th 2024. Valid for: 3 months.

This is the only time dallas.sogoodnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a02:4780:21:... 2a02:4780:21:94d1:cd66:afc:bb37:3eab	47583 (AS-HOSTINGER) (AS-HOSTINGER)
5	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
27	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
6 9	142.250.65.162 142.250.65.162	15169 (GOOGLE) (GOOGLE)
3 7	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	68.67.160.26 68.67.160.26	29990 (ASN-APPNEX) (ASN-APPNEX)
8	2607:f8b0:400... 2607:f8b0:4006:809::2006	15169 (GOOGLE) (GOOGLE)
1	142.250.72.102 142.250.72.102	15169 (GOOGLE) (GOOGLE)
2	184.29.161.102 184.29.161.102	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
1	18.238.49.47 18.238.49.47	16509 (AMAZON-02) (AMAZON-02)
1	13.35.93.20 13.35.93.20	16509 (AMAZON-02) (AMAZON-02)
1 1	2607:f8b0:400... 2607:f8b0:4006:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4000:1d::a	15169 (GOOGLE) (GOOGLE)
2	54.86.36.182 54.86.36.182	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:261... 2600:9000:261f:ee00:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
7	23.56.162.52 23.56.162.52	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.237.160.116 34.237.160.116	14618 (AMAZON-AES) (AMAZON-AES)
3	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
102	23

5 2a02:4780:21:94d1:cd66:afc:bb37:3eab (Phoenix, United States)

ASN47583 (AS-HOSTINGER, CY)

dallas.sogoodnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:80f::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.65.162 (Plainview, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.160.26 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:809::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.102 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.29.161.102 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-161-102.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.226 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-47.jfk52.r.cloudfront.net

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-20.jfk50.r.cloudfront.net

agen-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200e (United States) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4000:1d::a (United States)

ASN15169 (GOOGLE, US)

r5---sn-q4flrnss.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.86.36.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-36-182.compute-1.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:261f:ee00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.56.162.52 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-52.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.237.160.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-160-116.compute-1.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161 ade.googlesyndication.com — Cisco Umbrella Rank: 306	404 KB
20	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 271 ad.doubleclick.net — Cisco Umbrella Rank: 158 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 562	277 KB
12	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 1086 d9.flashtalking.com — Cisco Umbrella Rank: 1775 cdn.flashtalking.com — Cisco Umbrella Rank: 1356 ad-events.flashtalking.com — Cisco Umbrella Rank: 1417 stat.flashtalking.com — Cisco Umbrella Rank: 1457 secure.flashtalking.com	64 KB
10	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 321 gcdn.2mdn.net — Cisco Umbrella Rank: 1260 r5---sn-q4flrnss.c.2mdn.net — Cisco Umbrella Rank: 97939	411 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 631	5 KB
5	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 3277 data.ad-score.com — Cisco Umbrella Rank: 2910	256 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 256	5 KB
5	sogoodnews.com dallas.sogoodnews.com	76 KB
2	ftstatic.com ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1700 agen-assets.ftstatic.com — Cisco Umbrella Rank: 1470	29 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
102	10

	Domain	Requested by
27	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net
12	tpc.googlesyndication.com	91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com dallas.sogoodnews.com googleads.g.doubleclick.net s0.2mdn.net
8	s0.2mdn.net	dallas.sogoodnews.com s0.2mdn.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	securepubads.g.doubleclick.net	dallas.sogoodnews.com securepubads.g.doubleclick.net
5	dallas.sogoodnews.com	dallas.sogoodnews.com
4	googleads.g.doubleclick.net	91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	data.ad-score.com	js.ad-score.com
3	stat.flashtalking.com
3	cdn.flashtalking.com	ajs-assets.ftstatic.com
3	91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	js.ad-score.com	ajs-assets.ftstatic.com js.ad-score.com
2	d9.flashtalking.com	ajs-assets.ftstatic.com d9.flashtalking.com
2	googleads4.g.doubleclick.net	dallas.sogoodnews.com
2	servedby.flashtalking.com	91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
1	secure.flashtalking.com
1	ad-events.flashtalking.com
1	ade.googlesyndication.com
1	r5---sn-q4flrnss.c.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	agen-assets.ftstatic.com	ajs-assets.ftstatic.com
1	ajs-assets.ftstatic.com	servedby.flashtalking.com
1	ad.doubleclick.net	91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
102	26

This site contains links to these domains. Also see Links.

Domain
generatepress.com

Subject Issuer	Validity	Valid
dallas.sogoodnews.com R3	`2024-03-11` - `2024-06-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.ftstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-27` - `2025-03-11`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-08-19`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://dallas.sogoodnews.com/
Frame ID: 9146278E7FB665163E066012984DAB4F
Requests: 14 HTTP requests in this frame

Frame: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CB3F60DAB1D8DDF1FB2E2D6EF789747B
Requests: 1 HTTP requests in this frame

Frame: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 27514701EFAB2B0F8A11484BE51A33D0
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhiu-o6IAjAB&v=APEucNXKP3VcdF0KQ49Wo29GHS9WCkGkieXnXSPJGNYZlWPYI5oOcck9QPxkqGLB0eCkPZ6MpADKdu6nmQBXZ8P2vlKvO_-GSw
Frame ID: 958A305B55A345ED3A3C6EEB922F04F7
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B642C543F1045442DA096EF17720BFDF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 569C6A82869F4024AA09FD7A8A6A54C5
Requests: 2 HTTP requests in this frame

Frame: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 10ACAAA754D9B32CF28F3879F171F1B0
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj1yciKAjAB&v=APEucNUDNMSJ0pnTtFHIo4HW-prnSVuQEbqICpkSLNbZaXruxME-h5UPv9YvDTdwoqJlQHpQ2-vAojbyUD8ij1hgtAw9n2LKjg
Frame ID: E01B6011922E8D421BE62EE37EA7B625
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C8CADD88F04F364804294EAEF5491D1A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 44B84D48364C777146E351B320776B17
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=oXMFcWSEco&t=1&renderingType=2&ev=01_250
Frame ID: D08707D9C3B809DB7E1E609C3558F85D
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js
Frame ID: 82DBE5238737191B317EFE978874AA4B
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 681489187E757DF8A1F67DFF7E5B59C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

sogoodnews

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

102
Requests

86 %
HTTPS

48 %
IPv6

10
Domains

26
Subdomains

23
IPs

2
Countries

1522 kB
Transfer

3923 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1

Request Chain 23

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfGSR9HM5GoAAEldAE-ACQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1

Request Chain 24

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEC14I-vb37QaX2FJJaPsUqI&google_cver=1

Request Chain 25

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2MTM0NDk1ODM2ODcwMTQyMA%3D%3D

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1

Request Chain 46

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfGSR9HM5GoAAEldAE-ACQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEC14I-vb37QaX2FJJaPsUqI&google_cver=1

Request Chain 48

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2MTM0NDk1ODM2ODcwMTQyMA%3D%3D

Request Chain 73

https://gcdn.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741866439/sparams/ip,ipbits,expire,id,itag,source,xpc,ctier,acao/signature/57580EB74FC642A6A82355902B4CD6B71A92FA37.5F00643A1511E6663C04F09F2044FACBDEC88BD1/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-q4flrnss.c.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741866439/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/5B59936A5156C65EC9E47511D7227C6CAE9D5530.72765037D03753039C7DC67C11D6A3F3484CE9B5/key/cms1/cms_redirect/yes/mh/Lb/mip/2001:550:1d05:1::4/mm/42/mn/sn-q4flrnss/ms/onc/mt/1710329754/mv/u/mvi/5/pl/48/file/file.mp4

102 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dallas.sogoodnews.com/ 142 KB
51 KB 413ms
105ms Document
text/html 2a02:4780:21:94d1:cd66:afc:bb37:3eab
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dallas.sogoodnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:21:94d1:cd66:afc:bb37:3eab Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn / PHP/8.1.27

Resource Hash

0ba560f19ef2d41c7d91b0d65128aac179dc58bb982ad37eede85cb591b16cca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
content-encoding: br
content-length: 51499
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 13 Mar 2024 11:47:17 GMT
etag: "64565-1710244051;br"
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://dallas.sogoodnews.com/wp-json/>; rel="https://api.w.org/"
platform: hostinger
pragma: no-cache
server: hcdn
x-hcdn-cache-status: MISS
x-hcdn-request-id: a4d7e67b2889ddc8af8b68b9fd1c6e4e-phx-edge1
x-hcdn-upstream-rt: 0.006
x-powered-by: PHP/8.1.27
x-ua-compatible: IE=edge

GET
H2 200 style.min.css
dallas.sogoodnews.com/wp-includes/css/dist/block-library/ 108 KB
13 KB 151ms
151ms Stylesheet
text/css 2a02:4780:21:94d1:cd66:afc:bb37:3eab
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dallas.sogoodnews.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3

Requested by

Host: dallas.sogoodnews.com
URL: https://dallas.sogoodnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:21:94d1:cd66:afc:bb37:3eab Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dallas.sogoodnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 157565
alt-svc: h3=":443"; ma=86400
content-length: 13323
x-hcdn-cache-status: HIT
last-modified: Mon, 11 Mar 2024 04:58:30 GMT
server: hcdn
etag: "1ae43-65ee8f76-fc4c8aed26d2ead8;br"
x-hcdn-request-id: 6f68e482fbf152bfd40ce5b92349c819-phx-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 18 Mar 2024 16:01:12 GMT

GET
BLOB 200
OK 711d464a-c884-4559-851e-ec15a2d71f6e
https://dallas.sogoodnews.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://dallas.sogoodnews.com/711d464a-c884-4559-851e-ec15a2d71f6e
Requested by: Host: dallas.sogoodnews.com
URL: https://dallas.sogoodnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 main.min.css
dallas.sogoodnews.com/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 147ms
146ms Stylesheet
text/css 2a02:4780:21:94d1:cd66:afc:bb37:3eab
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dallas.sogoodnews.com/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0

Requested by

Host: dallas.sogoodnews.com
URL: https://dallas.sogoodnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:21:94d1:cd66:afc:bb37:3eab Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dallas.sogoodnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 157565
alt-svc: h3=":443"; ma=86400
content-length: 4356
x-hcdn-cache-status: HIT
last-modified: Mon, 11 Mar 2024 05:03:17 GMT
server: hcdn
etag: "4c6c-65ee9095-c8f715a78fcfa5c1;br"
x-hcdn-request-id: 34a974620b99b37fac5a9864af153a9f-phx-edge1
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 18 Mar 2024 16:01:12 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 88 KB
29 KB 283ms
137ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: dallas.sogoodnews.com
URL: https://dallas.sogoodnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66d55dd177b6dacdf7fe57cde1175f97c663d3847dc2384af58a07cbd6444e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dallas.sogoodnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28838
x-xss-protection: 0
server: cafe
etag: 15 / 19795 / m202403070101 / config-hash: 8657700630701795708
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 11:47:18 GMT

GET
H2 200 menu.min.js Show response
dallas.sogoodnews.com/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 109ms
109ms Script
application/x-javascript 2a02:4780:21:94d1:cd66:afc:bb37:3eab
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dallas.sogoodnews.com/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0

Requested by

Host: dallas.sogoodnews.com
URL: https://dallas.sogoodnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:21:94d1:cd66:afc:bb37:3eab Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dallas.sogoodnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:17 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 157565
alt-svc: h3=":443"; ma=86400
content-length: 1535
x-hcdn-cache-status: HIT
last-modified: Mon, 11 Mar 2024 05:03:17 GMT
server: hcdn
etag: "1b2d-65ee9095-872fced98437af6e;br"
x-hcdn-request-id: c6fd302733048390eeef2a2d156a277b-phx-edge1
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 18 Mar 2024 16:01:12 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
28 KB 146ms
146ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: dallas.sogoodnews.com
URL: https://dallas.sogoodnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e655ff1110524dca6b2b43df06fae905382d3cdc4bba396b3996739a1284eda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dallas.sogoodnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28911
x-xss-protection: 0
server: cafe
etag: 648 / 19795 / 31081784 / config-hash: 8657700630701795708
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 11:47:18 GMT

GET
H3 200 wp-emoji-release.min.js Show response
dallas.sogoodnews.com/wp-includes/js/ 18 KB
5 KB 88ms
88ms Script
application/x-javascript 2a02:4780:21:94d1:cd66:afc:bb37:3eab
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://dallas.sogoodnews.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.3

Requested by

Host: dallas.sogoodnews.com
URL: https://dallas.sogoodnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a02:4780:21:94d1:cd66:afc:bb37:3eab Phoenix, United States, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

hcdn /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dallas.sogoodnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:18 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
age: 157517
alt-svc: h3=":443"; ma=86400
content-length: 4605
x-hcdn-cache-status: HIT
last-modified: Mon, 11 Mar 2024 04:58:30 GMT
server: hcdn
etag: "4904-65ee8f76-1425221f8a8989e7;br"
x-hcdn-request-id: 6bd135e71e521f04a921ffef28900996-phx-edge2
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
platform: hostinger
expires: Mon, 18 Mar 2024 16:02:01 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/ 433 KB
136 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3e271b44a4874258fc6302e7996e949e760208bc02850938bb38a9ad626f2c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dallas.sogoodnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 00:59:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38882
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139281
x-xss-protection: 0
server: cafe
etag: 13505786736550064131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 13 Mar 2025 00:59:16 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 463ms
462ms Fetch
text/plain 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4179367284547729&correlator=4165421853736870&eid=44809527%2C31081715%2C31081566&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fifs&iu_parts=22858765514%2Cdallassogoodnews6&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C320x50&ifi=1&didk=3628471436&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710330438449&lmt=1710330438&adxs=632&adys=20&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdallas.sogoodnews.com%2F&vis=1&psz=728x50&msz=728x50&fws=0&ohw=0&ga_vid=2107204698.1710330438&ga_sid=1710330438&ga_hid=1809474788&ga_fc=false&dlt=1710330437831&idt=589&adks=2732968242&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b224c4120887e60272c8ee7ff02de3c62bfc1b180902f7f291417f0fc2c4455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dallas.sogoodnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9931
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dallas.sogoodnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 851ms
851ms Fetch
text/plain 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4179367284547729&correlator=4165421853736870&eid=44809527%2C31081715%2C31081566&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fifs&iu_parts=22858765514%2Cdallassogoodnews5&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C250x200%7C200x200%7C300x250&ifi=2&didk=949244052&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710330438457&lmt=1710330438&adxs=1080&adys=150&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fdallas.sogoodnews.com%2F&vis=1&psz=360x280&msz=280x200&fws=0&ohw=0&ga_vid=2107204698.1710330438&ga_sid=1710330438&ga_hid=1809474788&ga_fc=false&dlt=1710330437831&idt=589&adks=3855915448&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cd49b7adddf1b746322b222ed41632d74b156ecbb930b28897310573c0e46f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dallas.sogoodnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12649
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://dallas.sogoodnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CB3F 6 KB
3 KB 232ms
81ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dallas.sogoodnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 11:47:18 GMT
expires: Thu, 13 Mar 2025 11:47:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 294ms
141ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87a479694669a1a25d489ecd7138bfadc99116096051c640fc431b1ab0dbad77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dallas.sogoodnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12122
x-xss-protection: 0

GET
H2 200 container.html Show response
91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2751 6 KB
3 KB 66ms
65ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dallas.sogoodnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 11:47:18 GMT
expires: Thu, 13 Mar 2025 11:47:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 958A 624 B
826 B 266ms
131ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhiu-o6IAjAB&v=APEucNXKP3VcdF0KQ49Wo29GHS9WCkGkieXnXSPJGNYZlWPYI5oOcck9QPxkqGLB0eCkPZ6MpADKdu6nmQBXZ8P2vlKvO_-GSw

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 11:47:19 GMT
expires: Wed, 13 Mar 2024 11:47:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2751 94 KB
33 KB 273ms
146ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33555
x-xss-protection: 0
server: cafe
etag: 7173713561822972903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 11:47:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2751 42 B
63 B 316ms
190ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B-bauwkQi8OtrhHxd-aQZXt18xKBtEwUrGCcP4k9s5w6DPkTFA4CFdz6WWg0IM3hLXIae69x8ZXQbkZVUa7kC8gdsFW-2bnXHYASwHbSM9_8A3TNg

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 2751 3 KB
1 KB 203ms
70ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/window_focus_fy2021.js

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 20:54:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 2751 20 KB
8 KB 196ms
63ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 20:54:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2751 207 KB
63 KB 188ms
63ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7eecc42aaae1307d934ee4a0255ba91074704cc6a9af55f2df61d0a29c3f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64189
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 12:35:02 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 210ms
81ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dallas.sogoodnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Mar 2024 11:47:19 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B642 13 KB
5 KB 65ms
62ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dallas.sogoodnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 394599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 22:10:40 GMT
expires: Sat, 08 Mar 2025 22:10:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 569C 829 B
1 KB 232ms
85ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

372896213cb352809a0da122ef955cea8e9150dab394806a9c37dd90fb38f266

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G1Dkr5PeLtvLQo6N8jWZcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dallas.sogoodnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-G1Dkr5PeLtvLQo6N8jWZcw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 11:47:19 GMT
expires: Wed, 13 Mar 2024 11:47:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 958A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1

43 B
769 B

83ms
83ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhiu-o6IAjAB&v=APEucNXKP3VcdF0KQ49Wo29GHS9WCkGkieXnXSPJGNYZlWPYI5oOcck9QPxkqGLB0eCkPZ6MpADKdu6nmQBXZ8P2vlKvO_-GSw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vH936U0Q6B7fTBqGmnk2RQbrUGvPBngZMcilgLUhvfimv3hZCP0fntCDDdSockF7%2B7uXMSSwiOCqREhXdcZihy%2Fsq559eOUFmmmntE6pkX4lVIFjnfrnZuTLI%2BDkoIIxCdoaiMV3LlYXNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 863bc9df28a1746e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 958A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfGSR9HM5GoAAEldAE-ACQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1

43 B
737 B

74ms
73ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhiu-o6IAjAB&v=APEucNXKP3VcdF0KQ49Wo29GHS9WCkGkieXnXSPJGNYZlWPYI5oOcck9QPxkqGLB0eCkPZ6MpADKdu6nmQBXZ8P2vlKvO_-GSw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4XyXpE7inwmhiGmyJ%2BCjQ2nDhKdMMAuvMvWP6TMlH5ALvpI%2BcYNQaxLClPHS%2FsywffJraRvZop5ZFPhkdmtY4PIj2VyyakLh%2FmQzObOE%2B7dkOoeR47yrxzDxHbokvdBfeogO81dWBaFUOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 863bc9dfc961746e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 958A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEC14I-vb37QaX2FJJaPsUqI&google_cver=1

43 B
1 KB

71ms
67ms

Image
image/gif

68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEC14I-vb37QaX2FJJaPsUqI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIuw7wEQ3bWDAhiu-o6IAjAB&v=APEucNXKP3VcdF0KQ49Wo29GHS9WCkGkieXnXSPJGNYZlWPYI5oOcck9QPxkqGLB0eCkPZ6MpADKdu6nmQBXZ8P2vlKvO_-GSw

Protocol

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
an-x-request-uuid: 6b2de540-3c0b-425b-bdc6-7305a7d122cd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.71; 38.132.118.71; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEC14I-vb37QaX2FJJaPsUqI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 958A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2MTM0NDk1ODM2ODcwMTQyMA%3D%3D

170 B
243 B

79ms
79ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2MTM0NDk1ODM2ODcwMTQyMA%3D%3D

Requested by

Protocol

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
an-x-request-uuid: 1d6269cf-15b8-4ffd-82b7-caf4d45bac57
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2MTM0NDk1ODM2ODcwMTQyMA%3D%3D
x-proxy-origin: 38.132.118.71; 38.132.118.71; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 10AC 6 KB
3 KB 71ms
70ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dallas.sogoodnews.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 11:47:18 GMT
expires: Thu, 13 Mar 2025 11:47:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2751 0
20 B 153ms
153ms Ping
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1588016588744&version=m202402290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2751 0
20 B 149ms
149ms Ping
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1588016588744&version=m202402290101&ct=119&x=1&cor=6441310654714761000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2751 93 KB
39 KB 121ms
119ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEnBfE8dTZBI_upzcZIgE98EkQnRzmc5E4PcV0o3lphDrDdiUdbSOk7xNj1KNXy4w3kwMNGTBCx0uFjv5Tb9PcV0EOJ6ICFzpLbbWyD-eL5lDs1b_xGkEg5y8OGWy8jaIJbpwbVLjdd1pBugalC7QIxpmIDaru0SHzO99zTNb-ACHh0NmmLvcWDtXm4TGM8Hnns4wtMlXH9XoEumBSFD0DKUtTAejuWN-kS2vgCAyHETTM3YA&cry=1&dbm_d=AKAmf-Ch6TU-ypZdbeJgzq2QknjQyZad928vZZt0dwG6yWoXCKH3KzumTnsEoH9t62_Q_AoP0SrADE6st6DpIKub7O9UVTIUsvjzkKHprqugd_X49Qd3F8AgjcYpNdEMyc03oVnjssPe260TY_v1v18n1yiVjT-4HzkV-2igfDJelHIEfXstlqpjPxw-yCFGz7_QtSb8TocZysWm6aguXfv1tJ2UYIwtXcdsI04pGn0kaelenYL63XcAa_R3n2EA8zOiquxt9rlA3Jjbyw-SFMmlonDzt0x-WcPbk6GeM0V-ej6k68YOXUFKvz-sFDUWo1UUqt4BiMO336kLFicnkkiM1cEb_7lYhIPiDeFSbStDl0F-JlRT5YVsAk1a_N4Qpfw5yDwiRx-hFpbiDrheV-3_3D_ATPGaZEggltKSNSTXHjSUl9ttZh5KAqNffz93CdbDaEXSSXIXUSweRRahheNYJ28NyaP3MquKQyK-EeOV6H091pL2wVwHbAVYL4Dj2S5n1KIq9yYlJ1cAgTXAnU3M0xZudxXF6XuMWIdUOw2l89lmtQtUzQQu_E7PPK1XbYAfHOr5XS9jgMTRRBDdM85si7xVMEWtvCuYDdqE9-oypoErGevlv_YD0NjdhB1cJehnh_Nf70JXJUPiEkI0Vw9HfzDi05ubkAwHn2wK60jJYKkz3XjAWXYoDx6KX8ZE8P5-ThaHWrQ7hUpelHtxKv9YKmEtJ5iseZAR-mLHonv3DRUXnSqPLLzzmJz2_zX6GWPqWfhUjQ_6UogIoJS15zWj6O5mkkCQWdD5pJdQls5fND6K-4B0_XHLpxLrF5TQjHLa7X3ns4RFSJTWt5jC5mBn2gkpeV4_XMIuTW3qOh8Ee8hJX5FbXSh9e9Ita6ichLAHUiRE2qjpKLmy2J1Xp0z43Aq0A9qAnRmkOmgznaQnXAZibXOXwFxjU-3G-lF_b_hkU2SF6VgE7108QIq1zULH6aMJfSEpdCal5bNB_fRajLOIwYoqZ1Sv8gnJLg8BA1xUE-3QlzereGmjPxWwThpO_qvYLqmgVX3drkqXvpkLijYFjYG9Wp3kJn0Hq9JYJmlS3YQRzavb54qbuJOz_Cojvp-4FHh7cHVgnFS2RB8CT8dBAujFVyzpnn-jRAq9-yJngCceKGRdRTN9VCpslyaXzlgLrifc_jx6FpZYRk2tXLhTEP6qqaYkqoIvhX6MGOJ1wa5D6DHBPgkctRnIyi_zMQsRyEqGOhdx1HJgVZ_NGE12EXPf7duDepXXY1OoJD65oOzB5oa5kecXXiPTgY-Yhl5vEHD5cUsCUiIMlnAGpdDAbaEPWciqHvSaWINgZZiWRNsUUdABvbcK8TCblwTekpLlbh5z3eSRV9R6iOKNreiuTBAhwLJgfz8dspELYZuPfgWBfqQCBrdXHV7eI8sFpyfzdUoo5bdXnynb7zb_G_TU9p6ExdBvq1QejlT9aANbtM9aJszeRhBCFsoqgIDecTIWiytBp9kPtQsdlzi1GIrMhzT4n56Ibd2vjousCIwk_CDOVL3q4RtwkhJYidimkXYC0XQWjGz3mur1f3hljKlvGAghre9HUPthpKRR4yr_RDNG3yIBz7WejHQVayMStpmwCcQwgG4GkoVYaKa-WCNprgKCErVOqmD51tggGMBqU-hJJLeUrBuGXHtn-82CGI7Z_ygtOm4zGRqqtmBOgc1FWEIjInNkEwLFiQb8KwEKEGZp623Z6l12Qrmz4n2SvzpFHB1ihTwETS0YALsvZKGRrraXh_tE9-PzoM5Rlp8B27_vTgsOYMQV9zdSA1RqCz-oWk_pEpUdor8tSjwgJ3cYvgXv1yqVG3JAgrpIQxVLyG_OrrklGL1SB2F3iPuTWIQDNJhUuQtpmXEm_D4BR-KkDFrXBEwWy-8IuaUlMC3WkqCF05nYoENWu2U_1WHMGkqngqfgwxgQS2YR0DJsz9DgT0HW8-D48PI9RaOQ63ut6TiLg0M81zQl3OkImVrZRA22MGhjcWv1QBMZTWUMeVoSA8TE1Pzcf0ntHQ8pPfp1jPyNzWuTsDjpKREvz-vcLSDRHxmk7kft1_zsvO-QfD7A7OKE2XwjQRAveYStsuotOQ-cBrAfaHOKVrAAIt00Wlqg4Cojx1o_cx7I1xy-EFa8wo5s1-El3Jp9lqJ9MKO_cS1HBSSODYJTkevnGe_PsM8JDN2KjuGvuwLW2n3-a4qTiiAbUZIdp5NKAdHPoLdbFQSdpyEh8iqxVINkq6U63XGmYubYz6SeY1pJN-PTDHesaWDKxQ0pHFU0t2w-HheKNUkKjdzlYquBq4LbmYGp8ntPu1_LoxzBD7zLQYNBnW-qUZKarDYYAadBg5ARdRiHR1U4gXJU29yI_z6xxDAU0Ifll4IYS5gr0hbB_rvcT6A1_N_NOL4oIgzXVUN9qtvYYF_T4L-4AXJx0lxZ2E2vFj1mczGswO784yOczGhDobBGTGhgEMbA1RMZIzVnQ-cwL0up7Guq3wWj-hMaw1QUKJUpjMHbcmT26ZwgoQXB36s88o_tqNWhpj0SP3EPRtBT7TKhRHhqh0W0gaW9pPaFpPXiYGY6giGC6aEyUxhCOakhZbl2fQs-MPFkrCLC-QP6eTYLWlUf0ws9MsFE-1xuYHqw4Eab7Z6UROZZ5YNlqy2r8zDIqucilgEkz5agTnkuPWXDQJhTgVGZHrRCRttq2RYHmWtHKmp4f36PAAgomKKpjKj1pulba8qoygpNvtBLU1NbfISyDFIGVrh5nFvFhY_h9II5Z3BeRKQeFl7Di4VXYFdLifGI89U75bcB7URNWaUmnlgSmmcw85GRK3R0HlcMoDXtKz8qZi_YFb2YnHKISQ1IeRi7cGc-3uCDL0-4QkPkceV5BdnKNTwT_cj9814Y5TyUNDsVKlwYyXQleKrcvswsfN8nAjdEoT4m8GYtrS3FupxHynSzROjKOYsD4V6xfFP4lNOHKUExIDky_h3BcVGlGfVkFjjhircndrQjF28Ee32HHST5JGQ2pYubyfo4YOS7bQCjEKx8xcWSWu2_6BCNE8n6p0EbeKqCspsSh_hwt-VyWtElsmIwDM3MU6xbIjZFbCt3cHx_jzykFhEcYchgjusHlaRICKTwpgudbG97KXLlK7YG8aruu2OxYQWfCgNUN0kRfEUmLevjLrKue5BQRUXdsmEPgsfjY6YbG6xFfIvjS2X0l3qinTbp4euJvOrkpKHifiKiM37RNpC2XMJs-CbMEDDofkuR3WfGXSsI-WXtsEsQb35GWEyfl2ai0c9bY-i8bg2nNyRs78MXp2eY4Qg634lQSir3SvLSUctu9AyBJqughicWukq4bmHd-mqCYLvP2oWVhgBDKjlnWdAo88JZN0EHNvqByObbrdbVuv9L-giBM_V3eI3Xhk1Pg3Z9WHm1gY_xde6OWDQL-IUdF69bjmrKdsR1X9-nAv0HwaPrN3SdVtNGDm9OGddQuccKHMZMHhisAwNesUw9b1FgbVKV8cUJdUMUq6BNlKSEEZI509O-26z5TA5WN4GF_mQas75KWL7rdUgee9gmRdT1NRM60zBSv3pranPzivH_UKBvhUhiX0Mj3wx3yl69SjaeNAt9VKXaiQ8dTxOEectPu6V9_xh25M2ts-9k0RO-g8SPmrkPdD5JHowZQoc6RJF9AO2ADaRGFHbEsODEH5p1fxrxIvR04sDPzGZXNQdPt-zVGu-nOKKEIQ8wXIaixpdV1mG9UmuAXgqk4-CVXR_T5v6KjK3Kb-c9-7ABI9wjQupq2njrXERneIvhqPlBPR-URH0tJBzlz1EgS7XYvCwBKYdN4nq9Z1Rxilc8ageJ6geMAkrp6hxc5TWEjqUTN9Q9bQAkFWdFnCByZdnvff70EjsKa-OWcQj2zwxZRgR70h3vIupBjLkwlHoJnox6prnN9un4JeXmS4LMe3j8VWhl2co&cid=CAQSTQB7FLtqjskyFlNZjN0l_OrDFKB6DSTe98NMQzmsc4BGOoo_T_8pwfneMsrfhrVlhsxLQJ2AXe0jeOrOrJScIj-gfhLtIgf_dF9wc8zFGAE&dv3_ver=m202402290101&rfl=https%3A%2F%2Fdallas.sogoodnews.com%2F&ds=l&xdt=1&iif=1&cor=6441310654714761000&adk=356101034&idt=317&cac=0&dtd=39

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

274ab2dfa71b9a5b59c8f02a87622cea318c70ef9512911a0d219ac9dd8f04bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39719
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame B642 39 KB
15 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Mar 2025 20:35:02 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E01B 624 B
368 B 175ms
171ms Document
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj1yciKAjAB&v=APEucNUDNMSJ0pnTtFHIo4HW-prnSVuQEbqICpkSLNbZaXruxME-h5UPv9YvDTdwoqJlQHpQ2-vAojbyUD8ij1hgtAw9n2LKjg

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 11:47:19 GMT
expires: Wed, 13 Mar 2024 11:47:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 10AC 94 KB
33 KB 136ms
135ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33555
x-xss-protection: 0
server: cafe
etag: 7173713561822972903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 11:47:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10AC 42 B
63 B 124ms
122ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BP10w0RfbL2Q0eR_Ow2VV9VciUnM-CrNNdp2XPDWXiK4Eyhwd1RTRnTL0gmwuXvaj3DGUWjxPbKShzvO--p4qAYWLwG1hNy5CN9REPfIBoxYBpjgc

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 10AC 3 KB
1 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/window_focus_fy2021.js

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 20:54:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 10AC 20 KB
8 KB 69ms
67ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240311/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53567
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8219
x-xss-protection: 0
server: cafe
etag: 17239101513064691842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 20:54:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 10AC 207 KB
63 KB 70ms
69ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7eecc42aaae1307d934ee4a0255ba91074704cc6a9af55f2df61d0a29c3f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64189
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 12:35:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 569C 0
0 125ms
125ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403070101&jk=4179367284547729&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10AC 0
20 B 122ms
122ms Ping
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1979687050980&version=m202402290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10AC 0
20 B 127ms
126ms Ping
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1979687050980&version=m202402290101&ct=77&x=1&cor=11693564884006040000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 10AC 34 KB
20 KB 123ms
122ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ByLMAlp2Xg0L4RNBOU8_qmbtO8_WdCTor-HVtJ9cV8i9NQHZD3nSPrg5jF8xQhry8zhnZBQoh3cTFZq-Q_JUrvZTAkvTCfPs-pTs7D0CAdRAj4xnFeqfvYk5J_l1YN8CCjJIPNN5MxGhKjz-9KMbB7mIJe03JFUhTCp8izyuLDdRNYhwruFSn_0zMBMa8drqi5clsk8BoS1H4KAommcXQIRc_0fw&cry=1&dbm_d=AKAmf-D6cHrRwMjpU7T5u0VyK0J9HEwhQV9SaoV_g3MimmHevLSUfvtTPsuJfHG0OUE4Hafb7EBrBE0lcRTHoaC7FLLnEg26E_nnoi40iCAviR0Esy_tJwb05hUgtXT_3GixhHN6HvTm_45WQIzLjQi9njx8hAt7LiO_uRfsK6Wyc2YrbZyp8ardozTK6mPZgzxgRiiytEu3EuxOtAVG1e71IoLhCLkzYkocbZfRweWAipHs5-od5xd-rfTOG7GTGPdquC10S3iUz59KG0vcyqGnv_41st6ZvqqD-2s3vrmTQuad-DKZtVmXhVVbTnQsVNnkwhmB_5tt-B1GQC0TWycLMoTfBoHyHcE3_71cEWoUzqm4Zx8D9s5l9Ta1qRc5CsuSVW0tynKGN1yZbMtdshd1BGm-7d24DVJNnajSRkIy_Lv1qStPDaK2S1pBd0H2ofldcMuEqgS2Ul0mpNXm-MLQjqFJG7USlzPjr7Be7SgV8JjxIuEfVI9Rhc4gEw-KwSmLDKjYQWUkD7G5xu7xW-pVR0JgKijJlg_B7KUzoWSProq1FC1e7Of81r571Sze7krTa_AGdh7QbEalWrFuGLmpiNkkcZyIjjPVatnM0_MOsZtbxwkVNzKWFyha6uKpk2pWfOjqfIVcfU_GFQuyKa5jKOvY38EQlqeqWdCMhB51oD96Otr1wnV3D28oRBHTjo3kipGMQaLYVx_8PfSo5vq8bS1OthWinEJCEMPeFp3Udj9C5rbUyfkj7CjgNStky7CZTuk3COgGCIsh_Dbh2jHTuaiQOEE_t1rs4ayj0VvU0NdVS9uIlKXzk6f9JPg35y83zKunbYyqO4UPxftiWcTagM-Sx9mJMs8itpAp2Dz600TKKBMbwSoUsAoIMjVY-iKPejT1J9y4Z7R0TF2I_f4SYOq8cNSYnKduXWgLSz7ebsTQsrV2ObDO1D0zVGOm329zEsmk1Jl2X8daenqOcJqbRSfBJSZtuYCMwt0aC7geEdg7Hse3f2rlosHtjfR_bieGQmIzpBpqO8gmNhrcsnWUWv4MuM8wD-tfB-KNxWQiogTTWhfN06ePFtKU_H1LQksExRtGyYEjQTyxuTKvHshBRUS00kvorIWlsdIQjuL7kmyjCPvz7VIJI1w3VxuNInVDoJ-fWp_yoUO_qr09N74PSRVhXroVe7iHA8YQ5hFym48XwHyx4pkDHgu1ndzUFF91AIZwdaXwxOVQJD71Gc9C8Jx9K9iDn6siSrE3Tqkhyzup4DyzZRPrOAOcC01xOdb78aOv7W0NPYeEJYHX7VMv3Uzaidv6mWtDvIfF9IxOrasUtJYoNQNTcXYMjMZrSAduTK8hx39RjJ8pNAGK2fFouT5o1pHxq2hr-rQwA_W_LkGO-gajXSrG0fs9vJPBceeOXzSZI2CYte509TRrl4sJ5vTXBOHn9q0IwDTuNT1IgQkJgCd1qvPIC_fA3AoqlY4iOyf37VRbCjSNvzGiFY_FY5vealusvkhblUvBkyz-O7k0tE532oVCuQu437gJAPQzQUcgWkKtkWsPa_1V1SxJYYl9c-OTmIR3BAZpraOdXkZR1X85EK7u6WjyywRNxycMM5pnUks2bRHpXYufXpkRLpQCuQDEC6jF3wYywqRYN46pFERlWbzw5CYmwL6IRpnAAsV6vxhfF3QWOrUX2O5FoDGMMuPSN8ur9UhSs64OLWP4aR4R7Dt1Kn3NwKSiZDVzmpSc_GOEhce8gfb-h26OV9EZcxvMGpvLK5jlc_Lfa-fh1OoZnnJfktHgRK2GO83qz0PraIkRdBGlnM_8FlYFrFstKPLzzri8YTzjuxg_mTgWGkLAQDxAWQAlJyB_0RE7y0ZO6MMg7cerrX59WmgNd4lEoH_SIC9gKnTQkVW-sOMQyinrxSoX0bWpjt_YrieoX5Hf0_6vFuXk3mds2YJaVuzdaoQ5mah7s5nf8vfdz-bANCA2k_50Ph1yVD0EQ-9LAY_VeZYldXivdeF1-1FUyNuIfYZTAsN9omN3_7ud6vSpFrqmRWOj61WvlKYBTMNvp6n0mDwxAFlGlK9jtRyVX7Otu45JyraoF9M7hWwiND4vFk9lQxvrtR729_HuzpZLMLdQ1r99TxN1ZJoHgSh5yjlP3-n_lWxRzJhhS0nhx3kdz3QtKFr1CNcKJvCzuZbwEI7pWdsVU6MG6m3m0p3d6JTZxtEIZMaFueVBvmhqbHexFAfXEdKO0mB9SLYA0XKZGK27vwJ9ZF-5DBg2gGZPvV6qEKK_tZHAsT1ZiV2832CiGTT3SJBDXzo8MFS3yuY2oZR04MBO5BteZfNHl4wIcYcC74XSUpvj87MBsWFYiVXBz3yToTamA4TaZKR1f8PdhEpoF8QzUzI6GhSwssHhVBLkD4gbrZC1bewGsWWapQGrjFnzvG2ddlqYlVtM7wGqqg1hjzgqLtl1tT3P1HeKMbg8fSqfApjnbJcJhfImxTXqd2h--XjEiLl3rz-iw4AbH4PbESd1_RkI6DBaWmeM9Xf5szd4FJKuFVPilfZWOvv6wKKnjDZ5XDgcqUkoQF8ySste_mDNgD6HJ6yvyMiIlUfOLO0n2uVZsf6KDEN1ps5wKNzP9RQD6eZIFToAxlJjA9E7m35eTpbNbMfsAPKOQbU8N8JM__E1TLLf2ufRKAm9LwVuax3YHsWn_BQvKXg6GI-8sZEZAgUf9bSY10yFl-TZcAeXuz2cJIrRBUZLop3ioyTKiNNiqD4XnMj1ZDDNZUa4FALQGq1Fw9R6v8uO6ogrNQOpfAelPWOwoke80B-kpMOPKY3nn31CQ7isYt5az-GTPu2dOVMuiG3vhpokbXgQC_IrbTxEN_kSNe5D1qLgKszsMnjuIAc7NhrwhDWqztwaz6IYLSsFOmLSZwFLRbCdlsrOSGnoUw2pUnQcq3f6u-HlP_2bUf9L4vNy1yd_Z0eCWSOOPSN00w3OmZmnCfz2-5ehyqcjKiYxTnySvUzoUH3lzz_lPp3J4aykVQJWYg8tjgOIIB9T2I6NKAWNHfYUfg8ndorjpZp_dE9NYBbzTxBHJtm1T_6BA3ZeCn9viqbOFxciBQ0k_fDpZEtJinokGvrFsCp7dY86bVvD6HN5K5CRGLEwB0CGBVKjZ_utdxtHDzDub2jUE6Ivs56hcLccVrYvVuV2tLT4oa6N9Ss5PyfDQdI1Tp6zDLuUQgrMTQKdA36kxbhMxsDnfOZ8e1ZLKQw9NVTYEKdAU2kCG_4FORHfndPp-P3oIEkBjVzk7jCbjDQyKprpP9qz17a219kL4sfncG2_m5XqE8H8O1R_DJjgSU3DmwoNv5KhFRfDpnObtOG0WDH7Du8LoHyuyXeqCw_HKFIMWOU51NML5kG2wlnbuYGKo8KSolhiZFL5de1ZL1bPWiRKTiCMmwxeioZROztTfKc0kq7OKikwi6aUEUmusguNwIrkWBaA3DnrfScNKer2_XtczVuYrsbuVRhz2MKowXKsARq8Txco3939DDFJeIjjBaOQq13qifMM4H4kJB0RDY4jV2QoJk3FMbk94G4DLve7C9zlCXvnLtPcU34ew8kztV7gywVfgBh3ek9apBJeqaO6q191SfR_CCBibvazht2_QqFeX5YvI183VcBISXRW7gi2vSLV2fUqQkPQ7IcyypsEuvDhA6rI6aKl2jQtq3leMLEurOAINL6YS7NtlHchPZiKLyz6i4F0R08yV8D7S94BaCSBJ10WZHoKxFwNGAetVbd846F7vaksjJ4Mpk3yKJnljdWjFJQHQ8vZZhzEgzDETSRup8450kN93pnBidPwK3NMd4S2-dxehM91H6gzOfRKtLwzElHfuGl9nJcwJWwMiRxNoaAhvwu-5BH-upDVfx0NHthxPLJbBWpBvLt2r1op1B-Pp8jqssb9MbDvIN7sYOJzQ4YpAKunbrAXA4V0RH4UPs2cMJ11_ZJoAoL-h_tgV813v02jy7m9kDe7Blzgyy1eS8y03r7cgS_IHhcIoNQVUyEs9Hz-9H1dQg6QmLtDeDHDZkjoy2jAP9RjBn30x9YoxqC05yrIvdJzsw&cid=CAQSTgB7FLtqifD2lstJ8pWqxRZS0aazkctYFddAa7k7vRpIXgKH2BRduIo6c7Ha_EqhFpMxn37we5NLUvKJ_ACvpnBVn7u3QcbbDz4MUH5OTxgB&dv3_ver=m202402290101&rfl=https%3A%2F%2Fdallas.sogoodnews.com%2F&ds=l&xdt=1&iif=1&cor=11693564884006040000&adk=1964084971&idt=148&cac=0&dtd=44

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f05b1a5405f89e9d647eee02d21c6b525a570da6fedc7a66791745a153b71889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20130
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2751 172 KB
61 KB 218ms
62ms Script
text/javascript 2607:f8b0:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: dallas.sogoodnews.com
URL: https://dallas.sogoodnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
Origin: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Mar 2024 20:44:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/elements/html/ Frame 2751 12 KB
4 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CEnBfE8dTZBI_upzcZIgE98EkQnRzmc5E4PcV0o3lphDrDdiUdbSOk7xNj1KNXy4w3kwMNGTBCx0uFjv5Tb9PcV0EOJ6ICFzpLbbWyD-eL5lDs1b_xGkEg5y8OGWy8jaIJbpwbVLjdd1pBugalC7QIxpmIDaru0SHzO99zTNb-ACHh0NmmLvcWDtXm4TGM8Hnns4wtMlXH9XoEumBSFD0DKUtTAejuWN-kS2vgCAyHETTM3YA&cry=1&dbm_d=AKAmf-Ch6TU-ypZdbeJgzq2QknjQyZad928vZZt0dwG6yWoXCKH3KzumTnsEoH9t62_Q_AoP0SrADE6st6DpIKub7O9UVTIUsvjzkKHprqugd_X49Qd3F8AgjcYpNdEMyc03oVnjssPe260TY_v1v18n1yiVjT-4HzkV-2igfDJelHIEfXstlqpjPxw-yCFGz7_QtSb8TocZysWm6aguXfv1tJ2UYIwtXcdsI04pGn0kaelenYL63XcAa_R3n2EA8zOiquxt9rlA3Jjbyw-SFMmlonDzt0x-WcPbk6GeM0V-ej6k68YOXUFKvz-sFDUWo1UUqt4BiMO336kLFicnkkiM1cEb_7lYhIPiDeFSbStDl0F-JlRT5YVsAk1a_N4Qpfw5yDwiRx-hFpbiDrheV-3_3D_ATPGaZEggltKSNSTXHjSUl9ttZh5KAqNffz93CdbDaEXSSXIXUSweRRahheNYJ28NyaP3MquKQyK-EeOV6H091pL2wVwHbAVYL4Dj2S5n1KIq9yYlJ1cAgTXAnU3M0xZudxXF6XuMWIdUOw2l89lmtQtUzQQu_E7PPK1XbYAfHOr5XS9jgMTRRBDdM85si7xVMEWtvCuYDdqE9-oypoErGevlv_YD0NjdhB1cJehnh_Nf70JXJUPiEkI0Vw9HfzDi05ubkAwHn2wK60jJYKkz3XjAWXYoDx6KX8ZE8P5-ThaHWrQ7hUpelHtxKv9YKmEtJ5iseZAR-mLHonv3DRUXnSqPLLzzmJz2_zX6GWPqWfhUjQ_6UogIoJS15zWj6O5mkkCQWdD5pJdQls5fND6K-4B0_XHLpxLrF5TQjHLa7X3ns4RFSJTWt5jC5mBn2gkpeV4_XMIuTW3qOh8Ee8hJX5FbXSh9e9Ita6ichLAHUiRE2qjpKLmy2J1Xp0z43Aq0A9qAnRmkOmgznaQnXAZibXOXwFxjU-3G-lF_b_hkU2SF6VgE7108QIq1zULH6aMJfSEpdCal5bNB_fRajLOIwYoqZ1Sv8gnJLg8BA1xUE-3QlzereGmjPxWwThpO_qvYLqmgVX3drkqXvpkLijYFjYG9Wp3kJn0Hq9JYJmlS3YQRzavb54qbuJOz_Cojvp-4FHh7cHVgnFS2RB8CT8dBAujFVyzpnn-jRAq9-yJngCceKGRdRTN9VCpslyaXzlgLrifc_jx6FpZYRk2tXLhTEP6qqaYkqoIvhX6MGOJ1wa5D6DHBPgkctRnIyi_zMQsRyEqGOhdx1HJgVZ_NGE12EXPf7duDepXXY1OoJD65oOzB5oa5kecXXiPTgY-Yhl5vEHD5cUsCUiIMlnAGpdDAbaEPWciqHvSaWINgZZiWRNsUUdABvbcK8TCblwTekpLlbh5z3eSRV9R6iOKNreiuTBAhwLJgfz8dspELYZuPfgWBfqQCBrdXHV7eI8sFpyfzdUoo5bdXnynb7zb_G_TU9p6ExdBvq1QejlT9aANbtM9aJszeRhBCFsoqgIDecTIWiytBp9kPtQsdlzi1GIrMhzT4n56Ibd2vjousCIwk_CDOVL3q4RtwkhJYidimkXYC0XQWjGz3mur1f3hljKlvGAghre9HUPthpKRR4yr_RDNG3yIBz7WejHQVayMStpmwCcQwgG4GkoVYaKa-WCNprgKCErVOqmD51tggGMBqU-hJJLeUrBuGXHtn-82CGI7Z_ygtOm4zGRqqtmBOgc1FWEIjInNkEwLFiQb8KwEKEGZp623Z6l12Qrmz4n2SvzpFHB1ihTwETS0YALsvZKGRrraXh_tE9-PzoM5Rlp8B27_vTgsOYMQV9zdSA1RqCz-oWk_pEpUdor8tSjwgJ3cYvgXv1yqVG3JAgrpIQxVLyG_OrrklGL1SB2F3iPuTWIQDNJhUuQtpmXEm_D4BR-KkDFrXBEwWy-8IuaUlMC3WkqCF05nYoENWu2U_1WHMGkqngqfgwxgQS2YR0DJsz9DgT0HW8-D48PI9RaOQ63ut6TiLg0M81zQl3OkImVrZRA22MGhjcWv1QBMZTWUMeVoSA8TE1Pzcf0ntHQ8pPfp1jPyNzWuTsDjpKREvz-vcLSDRHxmk7kft1_zsvO-QfD7A7OKE2XwjQRAveYStsuotOQ-cBrAfaHOKVrAAIt00Wlqg4Cojx1o_cx7I1xy-EFa8wo5s1-El3Jp9lqJ9MKO_cS1HBSSODYJTkevnGe_PsM8JDN2KjuGvuwLW2n3-a4qTiiAbUZIdp5NKAdHPoLdbFQSdpyEh8iqxVINkq6U63XGmYubYz6SeY1pJN-PTDHesaWDKxQ0pHFU0t2w-HheKNUkKjdzlYquBq4LbmYGp8ntPu1_LoxzBD7zLQYNBnW-qUZKarDYYAadBg5ARdRiHR1U4gXJU29yI_z6xxDAU0Ifll4IYS5gr0hbB_rvcT6A1_N_NOL4oIgzXVUN9qtvYYF_T4L-4AXJx0lxZ2E2vFj1mczGswO784yOczGhDobBGTGhgEMbA1RMZIzVnQ-cwL0up7Guq3wWj-hMaw1QUKJUpjMHbcmT26ZwgoQXB36s88o_tqNWhpj0SP3EPRtBT7TKhRHhqh0W0gaW9pPaFpPXiYGY6giGC6aEyUxhCOakhZbl2fQs-MPFkrCLC-QP6eTYLWlUf0ws9MsFE-1xuYHqw4Eab7Z6UROZZ5YNlqy2r8zDIqucilgEkz5agTnkuPWXDQJhTgVGZHrRCRttq2RYHmWtHKmp4f36PAAgomKKpjKj1pulba8qoygpNvtBLU1NbfISyDFIGVrh5nFvFhY_h9II5Z3BeRKQeFl7Di4VXYFdLifGI89U75bcB7URNWaUmnlgSmmcw85GRK3R0HlcMoDXtKz8qZi_YFb2YnHKISQ1IeRi7cGc-3uCDL0-4QkPkceV5BdnKNTwT_cj9814Y5TyUNDsVKlwYyXQleKrcvswsfN8nAjdEoT4m8GYtrS3FupxHynSzROjKOYsD4V6xfFP4lNOHKUExIDky_h3BcVGlGfVkFjjhircndrQjF28Ee32HHST5JGQ2pYubyfo4YOS7bQCjEKx8xcWSWu2_6BCNE8n6p0EbeKqCspsSh_hwt-VyWtElsmIwDM3MU6xbIjZFbCt3cHx_jzykFhEcYchgjusHlaRICKTwpgudbG97KXLlK7YG8aruu2OxYQWfCgNUN0kRfEUmLevjLrKue5BQRUXdsmEPgsfjY6YbG6xFfIvjS2X0l3qinTbp4euJvOrkpKHifiKiM37RNpC2XMJs-CbMEDDofkuR3WfGXSsI-WXtsEsQb35GWEyfl2ai0c9bY-i8bg2nNyRs78MXp2eY4Qg634lQSir3SvLSUctu9AyBJqughicWukq4bmHd-mqCYLvP2oWVhgBDKjlnWdAo88JZN0EHNvqByObbrdbVuv9L-giBM_V3eI3Xhk1Pg3Z9WHm1gY_xde6OWDQL-IUdF69bjmrKdsR1X9-nAv0HwaPrN3SdVtNGDm9OGddQuccKHMZMHhisAwNesUw9b1FgbVKV8cUJdUMUq6BNlKSEEZI509O-26z5TA5WN4GF_mQas75KWL7rdUgee9gmRdT1NRM60zBSv3pranPzivH_UKBvhUhiX0Mj3wx3yl69SjaeNAt9VKXaiQ8dTxOEectPu6V9_xh25M2ts-9k0RO-g8SPmrkPdD5JHowZQoc6RJF9AO2ADaRGFHbEsODEH5p1fxrxIvR04sDPzGZXNQdPt-zVGu-nOKKEIQ8wXIaixpdV1mG9UmuAXgqk4-CVXR_T5v6KjK3Kb-c9-7ABI9wjQupq2njrXERneIvhqPlBPR-URH0tJBzlz1EgS7XYvCwBKYdN4nq9Z1Rxilc8ageJ6geMAkrp6hxc5TWEjqUTN9Q9bQAkFWdFnCByZdnvff70EjsKa-OWcQj2zwxZRgR70h3vIupBjLkwlHoJnox6prnN9un4JeXmS4LMe3j8VWhl2co&cid=CAQSTQB7FLtqjskyFlNZjN0l_OrDFKB6DSTe98NMQzmsc4BGOoo_T_8pwfneMsrfhrVlhsxLQJ2AXe0jeOrOrJScIj-gfhLtIgf_dF9wc8zFGAE&dv3_ver=m202402290101&rfl=https%3A%2F%2Fdallas.sogoodnews.com%2F&ds=l&xdt=1&iif=1&cor=6441310654714761000&adk=356101034&idt=317&cac=0&dtd=39

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 20:55:12 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/ Frame 2751 30 KB
11 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4665fbd1c393f6a6340aa12fdfe61c9481dd3a6e9292a850feef98a621e89ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11526
x-xss-protection: 0
server: cafe
etag: 10374153479694904093
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 20:55:12 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2751 41 KB
14 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: dallas.sogoodnews.com
URL: https://dallas.sogoodnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:15:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 394296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Mar 2025 22:15:43 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E01B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1

43 B
741 B

97ms
94ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj1yciKAjAB&v=APEucNUDNMSJ0pnTtFHIo4HW-prnSVuQEbqICpkSLNbZaXruxME-h5UPv9YvDTdwoqJlQHpQ2-vAojbyUD8ij1hgtAw9n2LKjg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mL7DdJyT%2FPfrM3WhvxbO4UtPl0%2Bxe%2FCiF7Sta4kgY%2B4jmQwUG9buVz3knbb8NUmtUNbIXr0rz4TRBNR1S%2FMbonMz4LzmwnH%2BriVhT%2BTD%2B8k8uVbQjOAJ4ESHFkzy9DtRULzbwcBMqnO3rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 863bc9e07a67746e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E01B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZfGSR9HM5GoAAEldAE-ACQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1

43 B
735 B

77ms
72ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj1yciKAjAB&v=APEucNUDNMSJ0pnTtFHIo4HW-prnSVuQEbqICpkSLNbZaXruxME-h5UPv9YvDTdwoqJlQHpQ2-vAojbyUD8ij1hgtAw9n2LKjg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=98ecHXMqbzk4LRgv38XTqhVy2Gh9sZxrXq4qU9I5Mt%2BAvsZQ4yfgPDTSk82hrLsf0eGgMOe%2FbB7ZYrk7mLNkavLya4VMQv9YF%2B%2F0UN8fQ1dFFipakOxnRs1s82xp0%2BojJrY2Gr2UivUieQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 863bc9e10ad8746e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHAoxqsVBCGadxIXP2tFynI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame E01B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEC14I-vb37QaX2FJJaPsUqI&google_cver=1

43 B
1 KB

96ms
95ms

Image
image/gif

68.67.160.26
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEC14I-vb37QaX2FJJaPsUqI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARj1yciKAjAB&v=APEucNUDNMSJ0pnTtFHIo4HW-prnSVuQEbqICpkSLNbZaXruxME-h5UPv9YvDTdwoqJlQHpQ2-vAojbyUD8ij1hgtAw9n2LKjg

Protocol

Server

68.67.160.26 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
an-x-request-uuid: fac8738a-2816-44b6-9e44-6a10c38b0b57
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.71; 38.132.118.71; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEC14I-vb37QaX2FJJaPsUqI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E01B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2MTM0NDk1ODM2ODcwMTQyMA%3D%3D

170 B
188 B

81ms
81ms

Image
image/png

142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2MTM0NDk1ODM2ODcwMTQyMA%3D%3D

Requested by

Protocol

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
an-x-request-uuid: 089cfaa1-9181-491b-80f8-32d2ca94834d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjA2MTM0NDk1ODM2ODcwMTQyMA%3D%3D
x-proxy-origin: 38.132.118.71; 38.132.118.71; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2751 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 249a1965c61efa773bffd2bc7db81d0a83eaa947b7872734bc4744033bc13719

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B642 0
10 B 67ms
64ms Image
text/plain 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kKC12A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame C8CA 38 KB
13 KB 65ms
64ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 393996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 22:20:43 GMT
expires: Sat, 08 Mar 2025 22:20:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/ Frame 10AC 30 KB
11 KB 67ms
65ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ByLMAlp2Xg0L4RNBOU8_qmbtO8_WdCTor-HVtJ9cV8i9NQHZD3nSPrg5jF8xQhry8zhnZBQoh3cTFZq-Q_JUrvZTAkvTCfPs-pTs7D0CAdRAj4xnFeqfvYk5J_l1YN8CCjJIPNN5MxGhKjz-9KMbB7mIJe03JFUhTCp8izyuLDdRNYhwruFSn_0zMBMa8drqi5clsk8BoS1H4KAommcXQIRc_0fw&cry=1&dbm_d=AKAmf-D6cHrRwMjpU7T5u0VyK0J9HEwhQV9SaoV_g3MimmHevLSUfvtTPsuJfHG0OUE4Hafb7EBrBE0lcRTHoaC7FLLnEg26E_nnoi40iCAviR0Esy_tJwb05hUgtXT_3GixhHN6HvTm_45WQIzLjQi9njx8hAt7LiO_uRfsK6Wyc2YrbZyp8ardozTK6mPZgzxgRiiytEu3EuxOtAVG1e71IoLhCLkzYkocbZfRweWAipHs5-od5xd-rfTOG7GTGPdquC10S3iUz59KG0vcyqGnv_41st6ZvqqD-2s3vrmTQuad-DKZtVmXhVVbTnQsVNnkwhmB_5tt-B1GQC0TWycLMoTfBoHyHcE3_71cEWoUzqm4Zx8D9s5l9Ta1qRc5CsuSVW0tynKGN1yZbMtdshd1BGm-7d24DVJNnajSRkIy_Lv1qStPDaK2S1pBd0H2ofldcMuEqgS2Ul0mpNXm-MLQjqFJG7USlzPjr7Be7SgV8JjxIuEfVI9Rhc4gEw-KwSmLDKjYQWUkD7G5xu7xW-pVR0JgKijJlg_B7KUzoWSProq1FC1e7Of81r571Sze7krTa_AGdh7QbEalWrFuGLmpiNkkcZyIjjPVatnM0_MOsZtbxwkVNzKWFyha6uKpk2pWfOjqfIVcfU_GFQuyKa5jKOvY38EQlqeqWdCMhB51oD96Otr1wnV3D28oRBHTjo3kipGMQaLYVx_8PfSo5vq8bS1OthWinEJCEMPeFp3Udj9C5rbUyfkj7CjgNStky7CZTuk3COgGCIsh_Dbh2jHTuaiQOEE_t1rs4ayj0VvU0NdVS9uIlKXzk6f9JPg35y83zKunbYyqO4UPxftiWcTagM-Sx9mJMs8itpAp2Dz600TKKBMbwSoUsAoIMjVY-iKPejT1J9y4Z7R0TF2I_f4SYOq8cNSYnKduXWgLSz7ebsTQsrV2ObDO1D0zVGOm329zEsmk1Jl2X8daenqOcJqbRSfBJSZtuYCMwt0aC7geEdg7Hse3f2rlosHtjfR_bieGQmIzpBpqO8gmNhrcsnWUWv4MuM8wD-tfB-KNxWQiogTTWhfN06ePFtKU_H1LQksExRtGyYEjQTyxuTKvHshBRUS00kvorIWlsdIQjuL7kmyjCPvz7VIJI1w3VxuNInVDoJ-fWp_yoUO_qr09N74PSRVhXroVe7iHA8YQ5hFym48XwHyx4pkDHgu1ndzUFF91AIZwdaXwxOVQJD71Gc9C8Jx9K9iDn6siSrE3Tqkhyzup4DyzZRPrOAOcC01xOdb78aOv7W0NPYeEJYHX7VMv3Uzaidv6mWtDvIfF9IxOrasUtJYoNQNTcXYMjMZrSAduTK8hx39RjJ8pNAGK2fFouT5o1pHxq2hr-rQwA_W_LkGO-gajXSrG0fs9vJPBceeOXzSZI2CYte509TRrl4sJ5vTXBOHn9q0IwDTuNT1IgQkJgCd1qvPIC_fA3AoqlY4iOyf37VRbCjSNvzGiFY_FY5vealusvkhblUvBkyz-O7k0tE532oVCuQu437gJAPQzQUcgWkKtkWsPa_1V1SxJYYl9c-OTmIR3BAZpraOdXkZR1X85EK7u6WjyywRNxycMM5pnUks2bRHpXYufXpkRLpQCuQDEC6jF3wYywqRYN46pFERlWbzw5CYmwL6IRpnAAsV6vxhfF3QWOrUX2O5FoDGMMuPSN8ur9UhSs64OLWP4aR4R7Dt1Kn3NwKSiZDVzmpSc_GOEhce8gfb-h26OV9EZcxvMGpvLK5jlc_Lfa-fh1OoZnnJfktHgRK2GO83qz0PraIkRdBGlnM_8FlYFrFstKPLzzri8YTzjuxg_mTgWGkLAQDxAWQAlJyB_0RE7y0ZO6MMg7cerrX59WmgNd4lEoH_SIC9gKnTQkVW-sOMQyinrxSoX0bWpjt_YrieoX5Hf0_6vFuXk3mds2YJaVuzdaoQ5mah7s5nf8vfdz-bANCA2k_50Ph1yVD0EQ-9LAY_VeZYldXivdeF1-1FUyNuIfYZTAsN9omN3_7ud6vSpFrqmRWOj61WvlKYBTMNvp6n0mDwxAFlGlK9jtRyVX7Otu45JyraoF9M7hWwiND4vFk9lQxvrtR729_HuzpZLMLdQ1r99TxN1ZJoHgSh5yjlP3-n_lWxRzJhhS0nhx3kdz3QtKFr1CNcKJvCzuZbwEI7pWdsVU6MG6m3m0p3d6JTZxtEIZMaFueVBvmhqbHexFAfXEdKO0mB9SLYA0XKZGK27vwJ9ZF-5DBg2gGZPvV6qEKK_tZHAsT1ZiV2832CiGTT3SJBDXzo8MFS3yuY2oZR04MBO5BteZfNHl4wIcYcC74XSUpvj87MBsWFYiVXBz3yToTamA4TaZKR1f8PdhEpoF8QzUzI6GhSwssHhVBLkD4gbrZC1bewGsWWapQGrjFnzvG2ddlqYlVtM7wGqqg1hjzgqLtl1tT3P1HeKMbg8fSqfApjnbJcJhfImxTXqd2h--XjEiLl3rz-iw4AbH4PbESd1_RkI6DBaWmeM9Xf5szd4FJKuFVPilfZWOvv6wKKnjDZ5XDgcqUkoQF8ySste_mDNgD6HJ6yvyMiIlUfOLO0n2uVZsf6KDEN1ps5wKNzP9RQD6eZIFToAxlJjA9E7m35eTpbNbMfsAPKOQbU8N8JM__E1TLLf2ufRKAm9LwVuax3YHsWn_BQvKXg6GI-8sZEZAgUf9bSY10yFl-TZcAeXuz2cJIrRBUZLop3ioyTKiNNiqD4XnMj1ZDDNZUa4FALQGq1Fw9R6v8uO6ogrNQOpfAelPWOwoke80B-kpMOPKY3nn31CQ7isYt5az-GTPu2dOVMuiG3vhpokbXgQC_IrbTxEN_kSNe5D1qLgKszsMnjuIAc7NhrwhDWqztwaz6IYLSsFOmLSZwFLRbCdlsrOSGnoUw2pUnQcq3f6u-HlP_2bUf9L4vNy1yd_Z0eCWSOOPSN00w3OmZmnCfz2-5ehyqcjKiYxTnySvUzoUH3lzz_lPp3J4aykVQJWYg8tjgOIIB9T2I6NKAWNHfYUfg8ndorjpZp_dE9NYBbzTxBHJtm1T_6BA3ZeCn9viqbOFxciBQ0k_fDpZEtJinokGvrFsCp7dY86bVvD6HN5K5CRGLEwB0CGBVKjZ_utdxtHDzDub2jUE6Ivs56hcLccVrYvVuV2tLT4oa6N9Ss5PyfDQdI1Tp6zDLuUQgrMTQKdA36kxbhMxsDnfOZ8e1ZLKQw9NVTYEKdAU2kCG_4FORHfndPp-P3oIEkBjVzk7jCbjDQyKprpP9qz17a219kL4sfncG2_m5XqE8H8O1R_DJjgSU3DmwoNv5KhFRfDpnObtOG0WDH7Du8LoHyuyXeqCw_HKFIMWOU51NML5kG2wlnbuYGKo8KSolhiZFL5de1ZL1bPWiRKTiCMmwxeioZROztTfKc0kq7OKikwi6aUEUmusguNwIrkWBaA3DnrfScNKer2_XtczVuYrsbuVRhz2MKowXKsARq8Txco3939DDFJeIjjBaOQq13qifMM4H4kJB0RDY4jV2QoJk3FMbk94G4DLve7C9zlCXvnLtPcU34ew8kztV7gywVfgBh3ek9apBJeqaO6q191SfR_CCBibvazht2_QqFeX5YvI183VcBISXRW7gi2vSLV2fUqQkPQ7IcyypsEuvDhA6rI6aKl2jQtq3leMLEurOAINL6YS7NtlHchPZiKLyz6i4F0R08yV8D7S94BaCSBJ10WZHoKxFwNGAetVbd846F7vaksjJ4Mpk3yKJnljdWjFJQHQ8vZZhzEgzDETSRup8450kN93pnBidPwK3NMd4S2-dxehM91H6gzOfRKtLwzElHfuGl9nJcwJWwMiRxNoaAhvwu-5BH-upDVfx0NHthxPLJbBWpBvLt2r1op1B-Pp8jqssb9MbDvIN7sYOJzQ4YpAKunbrAXA4V0RH4UPs2cMJ11_ZJoAoL-h_tgV813v02jy7m9kDe7Blzgyy1eS8y03r7cgS_IHhcIoNQVUyEs9Hz-9H1dQg6QmLtDeDHDZkjoy2jAP9RjBn30x9YoxqC05yrIvdJzsw&cid=CAQSTgB7FLtqifD2lstJ8pWqxRZS0aazkctYFddAa7k7vRpIXgKH2BRduIo6c7Ha_EqhFpMxn37we5NLUvKJ_ACvpnBVn7u3QcbbDz4MUH5OTxgB&dv3_ver=m202402290101&rfl=https%3A%2F%2Fdallas.sogoodnews.com%2F&ds=l&xdt=1&iif=1&cor=11693564884006040000&adk=1964084971&idt=148&cac=0&dtd=44

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4665fbd1c393f6a6340aa12fdfe61c9481dd3a6e9292a850feef98a621e89ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 20:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11526
x-xss-protection: 0
server: cafe
etag: 10374153479694904093
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Mar 2024 20:55:12 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 10AC 41 KB
14 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:15:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 394296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Mar 2025 22:15:43 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcxMDMzMDQzOTY2OTg1NwogIHNlcnZlcl9pcDogMTQyODQ1MTM0CiAgcHJvY2Vzc19pZDogMzY0MTI3NDcxNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUy...
ad.doubleclick.net/ddm/activity/ Frame 10AC 0
858 B 258ms
126ms Image
image/png 142.250.72.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcxMDMzMDQzOTY2OTg1NwogIHNlcnZlcl9pcDogMTQyODQ1MTM0CiAgcHJvY2Vzc19pZDogMzY0MTI3NDcxNwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MjEyMjUyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hZG9iZS5jb20iCnhmYV9hdHRyaWJ1dGlvbl9pbnRlcmFjdGlvbl90eXBlOiBWSUVXCmltcHJlc3Npb25fcHJpb3JpdHk6IDAKaW1wcmVzc2lvbl9leHBpcnlfaW5fZGF5czogMzAKZXZlbnRfaW1wcmVzc2lvbl9pZDogMTgyMTg5MDk2MzIxNjI3NjIyMzcKZGVidWdfa2V5OiA1NjE0ODkxMjA5ODI3NDU5Nzk1CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyNC0wMy0xMyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDkyMTIyNTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzOTA1Mjc3NTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQwMDQ5MzEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjEwOTY5NTAyODUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1NTkwMzE1NDEKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWRvYmUuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZmxhc2h0YWxraW5nLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0CmRtYV9wcm9kdWN0X2lkOiAxMjI3MTU4MzcK

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xccab4d0c1c0211fd0000000000000000","13":"0xe411a760ecd67860000000000000000","14":"0x4784b9e35ff8b8ac0000000000000000","15":"0xa45ea6ca0f1f1c640000000000000000"},"debug_key":"5614891209827459795","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"18218909632162762237"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 10AC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aeba8f80e32646c43caf4fd5509ef3513691af6230762a6cf234fe646d854100

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/233518;8243822;201;jsappend;DV360;DV360FY24AcrobatTeamPSPTeamsAudExUSDSKBAN300x600/ Frame 10AC 2 KB
1 KB 230ms
72ms Script
text/javascript 184.29.161.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/233518;8243822;201;jsappend;DV360;DV360FY24AcrobatTeamPSPTeamsAudExUSDSKBAN300x600/?ftOBA=1&ft_domain=dallas.sogoodnews.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fdallas.sogoodnews.com%2F&us_privacy=${US_PRIVACY}&cachebuster=379916.5295343243

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.29.161.102 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-161-102.deploy.static.akamaitechnologies.com

Software

prod-xre-app36.ash11 /

Resource Hash

d8daf6082813a8f8f47c1f4a44051986142fa7e2bed00219d31d3ef6a3717e91

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Mar 2024 11:47:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app36.ash11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 909
Expires: Wed, 13 Mar 2024 11:47:20 GMT

GET
H3 200 2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js Show response
pagead2.googlesyndication.com/bg/ Frame C8CA 51 KB
20 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d97b809cd86ff5976b2e1f38d0320082eb68914dd4b8b282b59bd1400409cf89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20134
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 22:27:28 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 44B8 38 KB
13 KB 62ms
61ms Document
text/html 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 393996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Mar 2024 22:20:43 GMT
expires: Sat, 08 Mar 2025 22:20:43 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16436046419864873880/ Frame D087 88 KB
23 KB 206ms
78ms Document
text/html 2607:f8b0:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=oXMFcWSEco&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc75105ce4ce3cf9f561899ff717756705ff49c5428dbfffd737986be5fdc417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 11:47:20 GMT
expires: Thu, 13 Mar 2025 11:47:20 GMT
last-modified: Thu, 15 Feb 2024 20:18:06 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2751 0
0 272ms
130ms Fetch
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_1HkhcnQXKJo_ySZNhm8zqUK2R8g18TUX0m_G3EZTrOuptl3ab8pCR4gzNzAfHTBaPs8f_ObfzPrr9tg-Dpu6x3rAStBPq5wNj6iC3BQrzf0uK4WyyqsL0XMeAWfMC9HHsec5ZSuMD32j0XbB2EA23qVI0fFUrHUKK_txR1tWrOLLYifAB-AX77Zee3RcY72vNqJ3SlPYvvAXKxZMUmMxSkvPvXbBqXe-huNU5nETiJMKQdO-8xvPNN0wRtswJoZYUUCmp2A3Rx44axe4DqIdNy85f0Go_ETGXGITKFmYAo4leLRKsSMj1AoSfGuz0JZN7LB9cOZNMEQ-qUpE0qepIxK8Z8VfTTbDSrhYp6LnM4aWuqsauyw0NTsXRqxeCv7h8RZ4_h2A-iZkhj-cgJqROrhDQrDMSjxLharmLxQagNLO_UB49ye2ZdzBsCWsDJNB-vkrhPRECqEhxKteKJ1nDunztWuXh0PdWcw7o2OVmNjZQFWgEMksUpQIshKd_MeAPJZE-6zjbgbBEmf0rufGoi5mnt2iU-OnIEI3Kkg4EtIeVIRVTty4zxKOVV4ivJnjGggG9veet0PCgGNrCqHrzvl4B0O_UWry0DK5RocfyPHkTK1UQvHPDeMhvEp_kO6F27iVCdNcJtvfwBFBYzKgKNaY8ULtT_EPpaDNUSRcdi4V6w6KX2TjYBTV90sxKaYdI7lDSBSddi3JSexHgXAQm5MIjUPa23sSsoaqtESd474yE2hbetK3d3hhZhnPvagjcOy5WcWTHYDhpgYNugaHSAz7VlBbwz64zjr8ifcMovzcXDteEsaC4AQRtD8PufY5MuBmEjDG1aPqCB3HO93SGMPRssdsi3gykpvo5Sl0KpA5DjP9SftIRf-zg6d6lt754DoN_rbKNOrmF5rsOZZ9cqY2tVp5CmHdI9cc7NzafLYcQ7ctK_PjwzaFIPQY9J_aEvZ70rBOCHpRqu14K_d1oSeCoinXTkoupI82WwFTw4lMKwkNes8uodprIuyPGCCPgVQLTMNEZ3D6W4nChKC3nQKrG8cmdHOE8aufgtJ3RazwQn_gwx7B4siXViW2Scbzl4sOgociJrzlh9Yf_iSIW4LKu7YSS9lOuDh1K9hXNnfFo-AqvGeqYnSm6L7pa5dU0TWOjMLhpwzxG9aBwhc5fQbzllfcxEzPrN2GvKgCRqY9lNGbSISrzmBuVfmGOrdlZ_93HuqT7XyTsMDbTpG-esR3jyW1PFN56Tk2y-FxTcIYA0CpYd5FaL7H7p4fu2xkfAeCnbZmBqD0q4y7kzIRvqtuAgcDtMqGoF35WehL9oFU0w3zSR7_A6_He4aayc6JH_ykMqssCNqnMO0mfM6KFL_OTfLkl8oV58e0wPKezzlkgIE6zNFfYtVejQyM7omBRaK43z8nZw0Xa4IK14WKPyybjix1c_1PMdxOQm4FfolZyHyeDulbhZ_G&sai=AMfl-YRb31SQZ-hoiw4RvLZY7R0UaWq8_-kLVFAj21-Gj1pb_PovVzIqGm9mSXufyj0UDDHp0y4PA_MsZtXqMuym-g68Gx5WEyz_1CQ5QEGuZUnrTarH3z_gsvn7txiw2-jiCN0Q_6vBDr7_xQYhv636WATTRSFKV5DgmaUxUcpWUvaDSqOwDw_FFNlBBT50e5-rQE3y45l76ee7dD0NzneRiB64pDnJp9dm-7Sis28DFonOF1LImrVKkO7eIzMEBCgq8I63PvjSjpcweNQotvMfkKpgo3OF8Rh6fS0&sig=Cg0ArKJSzF6yYNvu7zAqEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=368&cbvp=1&cstd=358&cisv=r20240311.52816&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: dallas.sogoodnews.com
URL: https://dallas.sogoodnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 13 Mar 2024 11:47:20 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 13 Mar 2024 11:47:20 GMT

GET
H3 200 2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js Show response
pagead2.googlesyndication.com/bg/ Frame 44B8 51 KB
20 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2XuAnNhv9ZdrLh840DIAgutokU3UuLKCtZvRQAQJz4k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d97b809cd86ff5976b2e1f38d0320082eb68914dd4b8b282b59bd1400409cf89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:27:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20134
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Mar 2025 22:27:28 GMT

GET
H2 200 ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame 10AC 86 KB
26 KB 238ms
69ms Script
application/javascript 18.238.49.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/233518;8243822;201;jsappend;DV360;DV360FY24AcrobatTeamPSPTeamsAudExUSDSKBAN300x600/?ftOBA=1&ft_domain=dallas.sogoodnews.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fdallas.sogoodnews.com%2F&us_privacy=${US_PRIVACY}&cachebuster=379916.5295343243
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-47.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7214455123e5fb1fd165f99f9a43a3c0a1311403e16701deac74c63a7cef350

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 15:54:43 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.1), 1.1 145a3c1a881b9a37bb761d4b0890859a.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
age: 71557
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26453
last-modified: Mon, 04 Mar 2024 15:53:41 GMT
server: AmazonS3
etag: W/"ff56f311f5a69d0213d01af94b111f42"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=86400
x-varnish: 911241931 859117416
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: kqZgYSs7nWJUBi1M3SqbzGOrlySjTbPJH4NE7n0vux1pTh_Ew4Rf5A==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C8CA 0
20 B 126ms
125ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCVXER5LxZcOHG8T5xtYP3-m1eAAAAAA4AeAEAg&bg=!V1SlVBvNAAZdgtM0fYI7ADQBe5WfOOybOibp4s_NGNYDdvswotd7vrSObTru5j7-w7dtjcQVugpgS537GC7oaOuywCGOAgAAAJ5SAAAABGgBB5kDHczAN-SSMHvK6egcVU5xCqXTq00O7XX5PH7yCNRaBE2kPio4sB2Sf0_Q_ZevkRfrSUPPnp1nADIZhVI9C6f9TkGnDoWZcR9M0P4IHAoOo0RTwFpkbnUqWYnlD5Osi1XPtpwEo2AssFTVyNPE-1mUv9eodopZbzqci7zYu9lUlH8QFK0-VC8KUo6RMvBAZGJeUMpSKBl8g07uI7Pgkx701xZPgp0aktKewHLmq_OzYdX0IRzBaT5yYMMujHru_CmSGwhDdBRh9zReEMOJZ7DfnB6vnxne3drDq0j3LzPhnpwmAJ26Q8BtYBKyxOe9Mw0ceXl6uvNqYCqY7-empJ0SbrGDX8430NB4W8kcdIloLIc8CUVZXQttMm48tioMrf1JhSyd0mnw_EzmBaxx3mZrVyndlYgV_sCB9IRaBfL6_2l0jjksRGwXhqD6lgxbx-NWDaBC1aGgQTi3Wgy0EWyEeQeF_GOwCAEpa-zvT6Rgn8VAbynfnRyJALcTA73Ge5B_YE2rsI5nKGgrPufg5nhztugKpNF7XcbCzPVoKBJxDPFzq2qhV0TmgA0Rws6RrDbUD7VDvRZtAXx007umEYzz87GxXvAM6NLl2hYdfPhu3HRNm9gPdGo1a6f9qEMaLXXORI7_2RvKIl4DTE_qaDsL75QoKCCRtkwkiqIG54bQbRhsCWddBLVluvPyVqmsQGNL6nuTxlPJ2J4AC9RJcdm8wl_qp5RbVRVPVKT9PGKxZTpa3bZI4CcmGqImAzVws5ClnmTwbemJV1KmgdBsvKGu66yOI1_iHdb70utPXmDcxBhd27-N6GwLIDOFYfDSVQRJMS_xWbwnb4LAoU3XGlIAKHoCXFrQMabcqqP0JS3ceOVVjmZ2IrwIp-7UeTH3zH8rhoXH8ImO_DL8I8kSr7mMhEruhDWFgDkQIzP5zwRnTzx6LFdiaHq4EqCerr_EMu9S3a7auE8WKP7GlvJIS4KQDag31IL6C_IN_T22qcZU86xlLkH3vMytJiPQsrnEtdNDK7ZEcrhVP1Cz9JYVkkto8_QIrVNohIkQ81o77JE2

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 44B8 0
20 B 129ms
128ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BfpzXR5LxZaHxKM7JjvQP3eKlyA0AAAAAOAHgBAI&bg=!WVqlWhXNAAZdgtM0fYI7ADQBe5WfOHgpw-ilWLGQUOarQB000_9g84ajFkbOD3LGv_UIOlu_wly0Ci9Lzw90-gmKsDyrAgAAAFNSAAAAA2gBB5kDFKgMeOQc42oJxG-jsmn42PiZXEL9ZrkE2AdHbE5BpgzLsmwZrEZANZhfFljPmQnNiP1ufbnxInsVpbbJZ9D8TyqZx24IYFcHmDuVeefVa96V0ZvuarOEqMibBQ-4WQHFQSqH7-R9jOm22YBJurQ5OL_77rBB_T1vsIHjC5qeZ673sQKukkahIthso-ws_r3GPPYyruvQEUTmaaU0Qz7zVlcPHJd4gT_1UDkIpiayU4QSqoVKRYZ8VKr-_OdRpFy3En8KvuiLDerI8kaTxxHEZ9wh0mntcD7MPDvv_pdpwep0W0Mxxlh9TJwRO4cy4LvBClVf3DAU3av_6-wrEltBj8Yqo4a_Rzg9Y7bLchiO8CtJh7i9pwGIs28SKc6ZhxjNjTcsZguI2tTbVUCblCld_ZJNoa8bL1Ml1PTbpT4YXHtqsyWHX4kEJaOwhA1mGMDI1XSBLCoHKTelOnvniFz8yj7bHFFmBxWO98tbPgQoRTJRCG84PMdebHNcfmF9xaAJkliQFVK5gqGeDaQS06tkWKTj6CCNyFMv7pfoTc29smOhZqDJPEzpQifsGyWA_nvtxGCS07h9ru3l62vGurFqJ_Am33CAv51S7Uv3id2yCWRNaynkCco-jtNnU-X4EVuFSBWfH_6Zr3uh6zwSxAQAuiHxna-rT5z2Uqg20qtkQ9yaTlUkE6zuC-bCXoefRW5KMYNtvxyAFJCYZS8IoXNcYrWVmW0rkgTvoS2-3G_WaFXt_kreHxvbJZi-_pQB_66naF8oPVE7yqsaIf9vDlEEU5jkax5iTmk8KLAT5Ze7hlad7x6NMdXsNPIkaMEQKfPje-nX-i57IXCID4KuFpZWt4TU3iMwo2jON7yfYpnCCBjrpwL1KTEYH84Y-_XzkFwYZelS2CVvyhCiP0TutDhGATaczHoMDUWjMBR-KhPYWk0YwHU-Tofbatchadmkdcl9hDwxRqZuJ1vTonm-uPK_FwhY3rz16UbChAmUK0q9gu_TOAehphcPXrNwe3jQNRl_gKhrKZHQyVC0UUjYlX2U2ataPoEG

Requested by

Host: 91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
URL: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame D087 120 KB
41 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=oXMFcWSEco&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=oXMFcWSEco&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49744
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Mar 2024 21:58:16 GMT

GET
H3 200 preload.jpg
s0.2mdn.net/sadbundle/16436046419864873880/ Frame D087 2 KB
2 KB 63ms
63ms Image
image/jpeg 2607:f8b0:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16436046419864873880/preload.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=oXMFcWSEco&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c64bc40632fa695cc9d2625524e1708a17f7c331fab12a9cc46a78eddc362257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=oXMFcWSEco&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sat, 08 Mar 2025 22:13:28 GMT
date: Fri, 08 Mar 2024 22:13:28 GMT
x-content-type-options: nosniff
age: 394432
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2255
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 4639230.json Show response
agen-assets.ftstatic.com/display/8243822/ Frame 10AC 4 KB
2 KB 239ms
60ms XHR
application/json 13.35.93.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/8243822/4639230.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-20.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a52317aa906518b407b70985ac3ddad8dc4d14ef00c4d9d804a78bf3ddc121f3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:10 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.2), 1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 12
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1755
last-modified: Wed, 06 Mar 2024 15:30:13 GMT
server: AmazonS3
etag: W/"83a7060d0258ad4d68e6deb097b7f240"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 673060180
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: b3zIC2ztWoCyDQIdiqG72Nyu20lzQkc1sHl9wjPtdBaejTuqx01M_A==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 125ms
125ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403070101&jk=4179367284547729&bg=!QEOlQwzNAAZsmiNCTJo7ADQBe5WfOCd3e9Pbl06Gux-7Hlb74C3TxILKg28kPtGfzjQjpxxiOiaOo-yM-J11tnB4voTpAgAAAXNSAAAAA2gBB5kCw0elekXhe-mhX1mvvvZx3w4WI8-UvQb5u3LcQ9z5cuUrTbsBu0i_srmXQ9PFtQtSHdMU2XTP1_swCj4k56qoes9nl1qngS56blKIlDd1u_2nvQZJieE8zgB1aMvByYZJqeJE52REwe9lITYXtFPGLRyKiDtXQng3GB9XlxkSTl2N89tsn2t95CMLy1NpR8Dkq6moUOhlp22VkDY5EQ3xG4U3ziVX51jIa0GxZ-TD52OEkJ2xu8i0nZLseAP6RUaOY-XT0-Apudxk-fq-wbcvVq2kls6GtZFV1L-QDdlCN1--fPtg0XWQD8gTmaihaCV91Dm6g_ypzuQ4FXHqoGMD-yD3unrwHymAXZHrqXVNKtrhofRubINlqUalrYkmm-RYkvOEvgw9S_Bt-v5Ctfhby2AT_sXm4XLMr7OJlsHwDPKXNr4IJykiFZvz0aN0H3yOvXwLUAbcG5hmfMwM4pT3nX0xwYC7iAt8NgHD0jWgKbQDUMRCxe6S-u9S1n1IpxTgJIPAwuJmPFb6T5WzHS6Vvzr2pr-AxDJix4q8qDtXaQd0dcDI3HafLTWeV5-fOufGyD_CsmE0vkyj30Vqt63y-1DEUxkjxsWEHjc8O43GpFR1C4H3w9By4UU5nAjvLUT81zQKAkdTM0POheW63qGVWp_cJ_T9gOWdORqq10pTlZogukhwJhBxdtnV50CIvRnR4imv_q3QOyeYQOsTtQsKyP-CS1XdFOVr7IecKQ79gqyWHO1LlxnEfeeYzX4AXJC6t4MYGBT7G9z4kcpSO8OLVInCZ-MNUd6dJRseNtgOE76A3jNAfKh4ZveIA0nf2axTIj7fupBgqlcAzho3qnoyQARgiNZSIOEimugai-aZq9eozYlLUnExN9Asahx2kfgE2pi8XtodW-xdTgPqtFD-5hMRRKmWD4KxkqgK4kn26MoqETb1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dallas.sogoodnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D087 8 KB
6 KB 133ms
131ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21438bfe0f729146911dd129aa807e57945705203da4442cf5001a045b615c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6044
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2751 0
0 128ms
127ms Fetch
image/gif 142.251.40.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_1HkhcnQXKJo_ySZNhm8zqUK2R8g18TUX0m_G3EZTrOuptl3ab8pCR4gzNzAfHTBaPs8f_ObfzPrr9tg-Dpu6x3rAStBPq5wNj6iC3BQrzf0uK4WyyqsL0XMeAWfMC9HHsec5ZSuMD32j0XbB2EA23qVI0fFUrHUKK_txR1tWrOLLYifAB-AX77Zee3RcY72vNqJ3SlPYvvAXKxZMUmMxSkvPvXbBqXe-huNU5nETiJMKQdO-8xvPNN0wRtswJoZYUUCmp2A3Rx44axe4DqIdNy85f0Go_ETGXGITKFmYAo4leLRKsSMj1AoSfGuz0JZN7LB9cOZNMEQ-qUpE0qepIxK8Z8VfTTbDSrhYp6LnM4aWuqsauyw0NTsXRqxeCv7h8RZ4_h2A-iZkhj-cgJqROrhDQrDMSjxLharmLxQagNLO_UB49ye2ZdzBsCWsDJNB-vkrhPRECqEhxKteKJ1nDunztWuXh0PdWcw7o2OVmNjZQFWgEMksUpQIshKd_MeAPJZE-6zjbgbBEmf0rufGoi5mnt2iU-OnIEI3Kkg4EtIeVIRVTty4zxKOVV4ivJnjGggG9veet0PCgGNrCqHrzvl4B0O_UWry0DK5RocfyPHkTK1UQvHPDeMhvEp_kO6F27iVCdNcJtvfwBFBYzKgKNaY8ULtT_EPpaDNUSRcdi4V6w6KX2TjYBTV90sxKaYdI7lDSBSddi3JSexHgXAQm5MIjUPa23sSsoaqtESd474yE2hbetK3d3hhZhnPvagjcOy5WcWTHYDhpgYNugaHSAz7VlBbwz64zjr8ifcMovzcXDteEsaC4AQRtD8PufY5MuBmEjDG1aPqCB3HO93SGMPRssdsi3gykpvo5Sl0KpA5DjP9SftIRf-zg6d6lt754DoN_rbKNOrmF5rsOZZ9cqY2tVp5CmHdI9cc7NzafLYcQ7ctK_PjwzaFIPQY9J_aEvZ70rBOCHpRqu14K_d1oSeCoinXTkoupI82WwFTw4lMKwkNes8uodprIuyPGCCPgVQLTMNEZ3D6W4nChKC3nQKrG8cmdHOE8aufgtJ3RazwQn_gwx7B4siXViW2Scbzl4sOgociJrzlh9Yf_iSIW4LKu7YSS9lOuDh1K9hXNnfFo-AqvGeqYnSm6L7pa5dU0TWOjMLhpwzxG9aBwhc5fQbzllfcxEzPrN2GvKgCRqY9lNGbSISrzmBuVfmGOrdlZ_93HuqT7XyTsMDbTpG-esR3jyW1PFN56Tk2y-FxTcIYA0CpYd5FaL7H7p4fu2xkfAeCnbZmBqD0q4y7kzIRvqtuAgcDtMqGoF35WehL9oFU0w3zSR7_A6_He4aayc6JH_ykMqssCNqnMO0mfM6KFL_OTfLkl8oV58e0wPKezzlkgIE6zNFfYtVejQyM7omBRaK43z8nZw0Xa4IK14WKPyybjix1c_1PMdxOQm4FfolZyHyeDulbhZ_G&sai=AMfl-YRb31SQZ-hoiw4RvLZY7R0UaWq8_-kLVFAj21-Gj1pb_PovVzIqGm9mSXufyj0UDDHp0y4PA_MsZtXqMuym-g68Gx5WEyz_1CQ5QEGuZUnrTarH3z_gsvn7txiw2-jiCN0Q_6vBDr7_xQYhv636WATTRSFKV5DgmaUxUcpWUvaDSqOwDw_FFNlBBT50e5-rQE3y45l76ee7dD0NzneRiB64pDnJp9dm-7Sis28DFonOF1LImrVKkO7eIzMEBCgq8I63PvjSjpcweNQotvMfkKpgo3OF8Rh6fS0&sig=Cg0ArKJSzF6yYNvu7zAqEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=792&vt=11&dtpt=424&dett=3&cstd=358&cisv=r20240311.52816&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: dallas.sogoodnews.com
URL: https://dallas.sogoodnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s39-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 13 Mar 2024 11:47:20 GMT

GET
H3 200 replay.png
s0.2mdn.net/sadbundle/16436046419864873880/ Frame D087 457 B
485 B 72ms
71ms Image
image/png 2607:f8b0:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16436046419864873880/replay.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4701179c17827a7d417dbc7d9a40cdd6fbb0112d29e90b822bbf5b2a33d63af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=oXMFcWSEco&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sat, 08 Mar 2025 22:14:19 GMT
date: Fri, 08 Mar 2024 22:14:19 GMT
x-content-type-options: nosniff
age: 394381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 457
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 poster.jpg
s0.2mdn.net/sadbundle/16436046419864873880/ Frame D087 31 KB
31 KB 65ms
64ms Image
image/jpeg 2607:f8b0:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16436046419864873880/poster.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3f742877e2197f3098bd00681b25b9afb2430805a2b98a98a4f74381b38b775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=oXMFcWSEco&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sat, 08 Mar 2025 21:23:59 GMT
date: Fri, 08 Mar 2024 21:23:59 GMT
x-content-type-options: nosniff
age: 397401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31455
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H/1.1

206
Partial Content

file.mp4
r5---sn-q4flrnss.c.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741866439/sparams/acao,ctier,expire,id,i... Frame D087
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741866439/sparams/ip,ipbits,expire,id,itag,sou...
https://r5---sn-q4flrnss.c.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741866439/sparams/acao,ctier,exp...

246 KB
247 KB

223ms
64ms

Media
video/mp4

2607:f8b0:4000:1d::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-q4flrnss.c.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741866439/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/5B59936A5156C65EC9E47511D7227C6CAE9D5530.72765037D03753039C7DC67C11D6A3F3484CE9B5/key/cms1/cms_redirect/yes/mh/Lb/mip/2001:550:1d05:1::4/mm/42/mn/sn-q4flrnss/ms/onc/mt/1710329754/mv/u/mvi/5/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2607:f8b0:4000:1d::a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

edb50fc5e0fdb9eecbfb20b0429a1ccf2cb9967734281e417896a853599bd5ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 11:47:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Feb 2024 20:18:27 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-251968/251969
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 251969
Expires: Wed, 13 Mar 2024 11:47:20 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:20 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-q4flrnss.c.2mdn.net/videoplayback/id/c514daf314accf51/itag/59/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1741866439/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source,xpc/signature/5B59936A5156C65EC9E47511D7227C6CAE9D5530.72765037D03753039C7DC67C11D6A3F3484CE9B5/key/cms1/cms_redirect/yes/mh/Lb/mip/2001:550:1d05:1::4/mm/42/mn/sn-q4flrnss/ms/onc/mt/1710329754/mv/u/mvi/5/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D087 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 replay.png
s0.2mdn.net/sadbundle/16436046419864873880/ Frame D087 457 B
485 B 64ms
63ms Image
image/png 2607:f8b0:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16436046419864873880/replay.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4701179c17827a7d417dbc7d9a40cdd6fbb0112d29e90b822bbf5b2a33d63af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=oXMFcWSEco&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: Sat, 08 Mar 2025 22:14:19 GMT
date: Fri, 08 Mar 2024 22:14:19 GMT
x-content-type-options: nosniff
age: 394381
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 457
x-xss-protection: 0
last-modified: Thu, 15 Feb 2024 20:18:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 prod_studio_01_250_videomodule.js Show response
s0.2mdn.net/879366/ Frame D087 13 KB
5 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_250_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16436046419864873880/index.html?e=69&leftOffset=0&topOffset=0&c=oXMFcWSEco&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 22:20:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4955
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:43 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 13 Mar 2024 22:20:37 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D087 17 KB
6 KB 108ms
108ms Script
text/javascript 2607:f8b0:4006:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Mar 2024 11:47:20 GMT

GET
H2 200 d9core Show response
d9.flashtalking.com/ Frame 10AC 11 KB
11 KB 281ms
114ms Script
application/javascript 54.86.36.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.36.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-36-182.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 41899ac8c6bf57f53c115ab3ceba382d65b98a516dddfda61742fbc0d0f476c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:20 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
etag: 5bc31bf7d4a298e1bef9d35fce222bfc
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: d9.flashtalking.com
content-type: application/javascript;charset=utf-8
cache-control: private, must-revalidate, proxy-revalidate, max-age=172800
access-control-allow-credentials: true

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame 10AC 553 KB
161 KB 281ms
77ms Script
application/javascript 2600:9000:261f:ee00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:ee00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 131d7169096c801784d2d6daf390825f1913ac5346cb234759c39ad83df5d1c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Tue, 12 Mar 2024 17:52:48 GMT
Content-Encoding: br
Via: 1.1 fa2ecff4e65c01748abe1c8c2a9dfb72.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK52-P3
Age: 64472
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 12 Mar 2024 17:52:48 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: vJ0DvCiz4oshxxO-6arlTb_rvlkGucUTj3QmTOppi2uMX4Nwo2rtDw==
Expires: Wed, 13 Mar 2024 17:52:48 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame 10AC 17 KB
6 KB 298ms
65ms Script
application/javascript 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 11:47:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
X-FT-Origin: us
Vary: Accept-Encoding
X-Varnish: 413862034 236107414
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Thu, 14 Mar 2024 11:47:20 GMT

GET
H/1.1 200
OK FY24Q2_DC_Team_AcrobatDC_us_en_Business-Moves-Faster-Device_AN_300x600.jpg
cdn.flashtalking.com/194232/4639230/ Frame 10AC 35 KB
36 KB 302ms
72ms Image
image/jpeg 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/194232/4639230/FY24Q2_DC_Team_AcrobatDC_us_en_Business-Moves-Faster-Device_AN_300x600.jpg?543094800
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: a42c5097388e587fa35bb8e1a50c8752ce5a1e1c4e7a347bc007c4ad76ee0a57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 11:47:20 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 36289
Last-Modified: Wed, 06 Mar 2024 15:24:39 GMT
Server: Flashtalking (AKA)
ETag: W/"02e91e957db26c72c3b7f0508a9fdab1"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
X-Varnish: 9897330 6038674
Accept-Ranges: bytes
Expires: Wed, 13 Mar 2024 12:07:20 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame 10AC 1 KB
2 KB 296ms
66ms Image
image/png 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 11:47:20 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:31 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin: us
X-Varnish: 108102152
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Fri, 12 Apr 2024 11:47:20 GMT

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 82DB 39 KB
15 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Mar 2025 20:35:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2751 42 B
64 B 126ms
125ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDk--6ihTfOCxv926is43EddI3J5XoBQ1tmRZebVcHXAo9XWn_JFDfScdNooEXIayXbtaPuITGhDLPUq4iVzng7OlFpPS30IPUAG1R8WLFh0hSmo_lmHapxxpxsWm3IZwAQZlBy_XPUf9Arb2HrNupZ3Z90GOTIpc&sai=AMfl-YTzFiAP-XLvc28fbkqJQECxLU7bIsYkMn9Hjvu-sizRm3SeYrFSq4SFW0IDO-0fQQAPyS0Gzug7A5ik5yLcL23jB-u2fmaSm69K5ora_bkioSf7BLSXPUtQ8TbMgL46oOB0V0lNT6-QLP6GnRg&sig=Cg0ArKJSzHZ-dGdOjR4lEAE&cid=CAQSTQB7FLtqjskyFlNZjN0l_OrDFKB6DSTe98NMQzmsc4BGOoo_T_8pwfneMsrfhrVlhsxLQJ2AXe0jeOrOrJScIj-gfhLtIgf_dF9wc8zFGAE&id=lidar2&mcvt=1000&p=20,632,110,1360&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240311&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2732968242&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=626323900&rst=1710330438940&rpt=761&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIg8eqspXxhAMVxLzRBB3fdA0PEAAYACDzsqhkQhMI_s3ysZXxhAMVTtzjBx3NDgxV;dc_eps=AHas8cBQEu5vRdD3mv_RYuTFSUz32t3dQnfRjffqhurzZJMpCQfrC_lAaPn7m8BbPbU9t7X01GGyyV5apn4GFgD6o0A;met=1;&timestamp=171033...
ade.googlesyndication.com/ddm/activity/ Frame 2751 42 B
251 B 152ms
124ms Image
image/gif 142.250.65.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIg8eqspXxhAMVxLzRBB3fdA0PEAAYACDzsqhkQhMI_s3ysZXxhAMVTtzjBx3NDgxV;dc_eps=AHas8cBQEu5vRdD3mv_RYuTFSUz32t3dQnfRjffqhurzZJMpCQfrC_lAaPn7m8BbPbU9t7X01GGyyV5apn4GFgD6o0A;met=1;&timestamp=1710330440904;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.162 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 lgc Show response
d9.flashtalking.com/ Frame 10AC 103 B
574 B 143ms
140ms XHR
application/json 54.86.36.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.36.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-36-182.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: eed6830ff19b546be51ba4f348cd1a7e6618ebec0fc92bb0b55cff8ade667dc5

Request headers

Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 13 Mar 2024 11:47:21 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
content-type: application/json;charset=ISO-8859-1
access-control-allow-credentials: true
content-length: 103

GET
H2 200 /
ad-events.flashtalking.com/state/8243822;4639230;0;271;87EA7214-8F98-5AAD-9481-44172777F1A9/ Frame 10AC 0
67 B 207ms
57ms Image
text/plain 34.237.160.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/8243822;4639230;0;271;87EA7214-8F98-5AAD-9481-44172777F1A9/?cachebuster=545869842
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.160.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-160-116.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 11:47:21 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 10AC 1 B
377 B 279ms
74ms Image
text/plain 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-8243822;4639230;0-304-0-0-866116047
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Mar 2024 11:47:21 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Wed, 13 Mar 2024 11:47:21 GMT

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 10AC 1 B
377 B 243ms
64ms Image
text/plain 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-8243822;4639230;0-306-0-0-961005166
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Mar 2024 11:47:21 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Wed, 13 Mar 2024 11:47:21 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/8243822;4639230;0;401;87EA7214-8F98-5AAD-9481-44172777F1A9/ Frame 10AC 42 B
342 B 70ms
70ms Image
image/gif 184.29.161.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/8243822;4639230;0;401;87EA7214-8F98-5AAD-9481-44172777F1A9/?ft_data=d9:bfcaee32d3204cac9aa990b106549b6f;d9s:bfcaee32d3204cac9aa990b106549b6f&cachebuster=330727159

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.29.161.102 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-161-102.deploy.static.akamaitechnologies.com

Software

prod-xre-app4.ash11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Mar 2024 11:47:21 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app4.ash11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Wed, 13 Mar 2024 11:47:21 GMT

GET
H/1.1 200
OK nlp-bp.min.js Show response
js.ad-score.com/ Frame 10AC 300 KB
94 KB 69ms
68ms Script
text/javascript 2600:9000:261f:ee00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/nlp-bp.min.js?pid=1000925&tt=g
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:ee00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 51157c1fe1d48f4cea4477c2a7b8e9d0db34a75f6d177ed1d5087fbdea1092fa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Tue, 12 Mar 2024 17:52:47 GMT
Content-Encoding: gzip
Via: 1.1 fa2ecff4e65c01748abe1c8c2a9dfb72.cloudfront.net (CloudFront)
Last-Modified: Tue, 12 Mar 2024 16:45:54 GMT
X-Amz-Cf-Pop: JFK52-P3
Age: 64474
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Id: 4cCvR5MRiQBWk2mGehPS5LLVt6EdqtVWo5yiywIgVSMqw5JRoHYdyw==

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 10AC 121 B
717 B 499ms
244ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=EHUVYlARzQooGDMCzDoFrUsynRkGVNDn-FE7fPshldVTkKDga037PFk/D-E03APM9hblvkPg==&pm_ct=9292403d9484c767944f5d72&pm_pl=1710330441095&pm_td=21&pid=1000925&en=1.1&callback=__pm_glbl_zuCPIDBWiBcnhLI5QqRvHQmE._gc1&tt=g&v=f4fb108
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 2ce4475946cb5909c53ec575489c5acf6d1cac33b788c311584303093f962b72

Request headers

Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 13 Mar 2024 11:47:21 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 121

GET
DATA 200
OK truncated
/ Frame 6814 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 10AC 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 8324921f-cd43-48ee-82c0-ea49eaf997e0
https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/ Frame 10AC 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/8324921f-cd43-48ee-82c0-ea49eaf997e0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK cf0e3f40-81f5-4625-91bf-97ad7aca14cb
https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/ Frame 10AC 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/cf0e3f40-81f5-4625-91bf-97ad7aca14cb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 10AC 0
20 B 122ms
121ms Ping
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1979687050980&version=m202402290101&ct=77&x=1&cor=11693564884006040000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2751 0
20 B 122ms
121ms Ping
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1588016588744&version=m202402290101&ct=119&x=1&cor=6441310654714761000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK d1a3c321-cacf-4b86-8979-b4d79d1a2c28
https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/ Frame 10AC 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/d1a3c321-cacf-4b86-8979-b4d79d1a2c28
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 10AC 1 B
320 B 140ms
140ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=EHUVYlARzQooGDMCzDoFrUsynRkGVNDn-FE7fPshldVTkKDga037PFk/D-E03APM9hblvkPg==&pm_ct=9292403d9484c767944f5d72&pm_pl=1710330441095&pm_td=527&pid=1000925&en=1.1&callback=__pm_glbl_zuCPIDBWiBcnhLI5QqRvHQmE._gc2&tt=g&v=f4fb108
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
Date: Wed, 13 Mar 2024 11:47:21 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 10AC 6 KB
6 KB 382ms
70ms Image
image/png 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 11:47:21 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin: us
X-Varnish: 977502517 975897158
Content-Type: image/png
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Wed, 13 Mar 2024 12:07:21 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 10AC 42 B
64 B 127ms
127ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQXsfqCx0TxeX8RDTCtoPXZ8Rj3n9fMOHqvHzFQISDpOHg7BGQ8r0fEsfrBXRopseLUYp8FFl4I5b-fPZIUujGxNtoCsSh50y00MqglApRl8oSsCH33ABFAjRtwnLIqzdUwd906gWCtVTNpE_ZtEj_UY95S7QX29Q&sai=AMfl-YTq5eGwWiyrbAv26WPTT4xS_hPXXklIa180iQq-jRcE4VKw2lWOnBvScfjfLDwUoeYbRZrUfFf7jFWHHJ1sa5BeeUio4BVqAbzQ4zdKKkNAZzRLBIDnqg2f4aoKMl2CoP-vQuj6DF8CpSoMo8aB&sig=Cg0ArKJSzM-kWAi15JVMEAE&cid=CAQSTgB7FLtqifD2lstJ8pWqxRZS0aazkctYFddAa7k7vRpIXgKH2BRduIo6c7Ha_EqhFpMxn37we5NLUvKJ_ACvpnBVn7u3QcbbDz4MUH5OTxgB&id=lidar2&mcvt=1000&p=190,1339,230,1380&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240311&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3855915448&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=626323900&rst=1710330439323&rpt=494&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 11:47:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 10AC 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 10AC 1 B
320 B 70ms
69ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=EHUVYlARzQooGDMCzDoFrUsynRkGVNDn-FE7fPshldVTkKDga037PFk/D-E03APM9hblvkPg==&pm_ct=9292403d9484c767944f5d72&pm_pl=1710330441095&pm_td=673&pid=1000925&en=1.1&callback=__pm_glbl_zuCPIDBWiBcnhLI5QqRvHQmE._gc3&tt=g&v=f4fb108
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
Date: Wed, 13 Mar 2024 11:47:21 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 10AC 1 B
377 B 85ms
84ms Image
text/plain 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-8243822;4639230;0-307-0-0-458717777
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 Mar 2024 11:47:22 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Wed, 13 Mar 2024 11:47:22 GMT

GET /
ad-events.flashtalking.com/state/8243822;4639230;0;202;87EA7214-8F98-5AAD-9481-44172777F1A9/ Frame 10AC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad-events.flashtalking.com
URL: https://ad-events.flashtalking.com/state/8243822;4639230;0;202;87EA7214-8F98-5AAD-9481-44172777F1A9/?cachebuster=498489119

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 04:41:30	Name: IDE Value: AHWqTUkAkbzoU-j6Q3W4OuGkF1dzx9AKwbjDSirxvW0mfBatPDbX5BI3KyN0noFW
.sogoodnews.com/	1970-01-21 04:27:06	Name: __gads Value: ID=27bbf6540f6e1444:T=1710330438:RT=1710330438:S=ALNI_MbGKseuQ0ee8Q2xf8TPC6fDsraheQ
.sogoodnews.com/	1970-01-21 04:27:06	Name: __gpi Value: UID=00000dd216d11013:T=1710330438:RT=1710330438:S=ALNI_MbtH0gws3NtR8FuUnhnqi-Tl_t2hA
.sogoodnews.com/	1970-01-20 23:24:42	Name: __eoi Value: ID=0c06ff52eb3bcbf6:T=1710330438:RT=1710330438:S=AA-AfjY-89hmX7h-21kLvtIeE0Y7
.casalemedia.com/	1970-01-21 03:51:06	Name: CMID Value: ZfGSR9HM5GoAAEldAE-ACQAA
.casalemedia.com/	1970-01-20 21:15:06	Name: CMPS Value: 2724
.casalemedia.com/	1970-01-20 21:15:06	Name: CMPRO Value: 2724
.doubleclick.net/	1970-01-20 23:24:42	Name: APC Value: AfxxVi6HZbC2VvzShlE0MpH5My8lsDyor2KHMzpiaeI-Bu3_ROlX3A
.doubleclick.net/	1970-01-20 23:24:42	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:15:06	Name: XANDR_PANID Value: w74AeUqroHibyzmbiXyfkSjUjWfDNe395bhmd8VgqGNcpU57-ZsGUQYJJp_rtbFdtCRjxtwL8ESALtu4vX5TPvZ_PyaUC7RXH4JCeNYr94I.
.adnxs.com/	1970-01-21 04:41:30	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:15:06	Name: uuid2 Value: 2061344958368701420
.adnxs.com/	1970-01-20 21:15:06	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaS_OJI7!1yIE`fS1ueD1W-044)d+]Uf-FbC!vUASjUUq)<rp5moJ>eR`(1@)`Z_4ZtK%nugO%v4VB%nlmt)j=:f
.doubleclick.net/	1970-01-20 19:48:42	Name: ar_debug Value: 1
.flashtalking.com/	1970-01-21 04:34:54	Name: flashtalkingad1 Value: "GUID=591624E48654CA"
.flashtalking.com/	1970-01-21 03:51:06	Name: _D9J Value: 7cf4bfcd15ea49fc878b9578cf16a881

95 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g(Line 1) Message: Failed to create WebGPU Context Provider
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dallas.sogoodnews.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

91a5b6ef42a919a81dc3ea263913c626.safeframe.googlesyndication.com
ad-events.flashtalking.com
ad.doubleclick.net
ade.googlesyndication.com
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
cdn.flashtalking.com
cm.g.doubleclick.net
d9.flashtalking.com
dallas.sogoodnews.com
data.ad-score.com
dsum-sec.casalemedia.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
js.ad-score.com
pagead2.googlesyndication.com
r5---sn-q4flrnss.c.2mdn.net
s0.2mdn.net
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
stat.flashtalking.com
tpc.googlesyndication.com
www.google.com
ad-events.flashtalking.com
104.18.36.155
13.35.93.20
130.211.115.4
142.250.65.162
142.250.72.102
142.251.40.226
18.238.49.47
184.29.161.102
23.56.162.52
2600:9000:261f:ee00:a:deb0:3380:93a1
2607:f8b0:4000:1d::a
2607:f8b0:4006:809::2006
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2004
2607:f8b0:4006:80f::2001
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2002
2a02:4780:21:94d1:cd66:afc:bb37:3eab
34.237.160.116
54.86.36.182
68.67.160.26
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
03656ff565d2cc90c3b8f2c1963c5804304e5d9dc796e920db21a6db906a942d
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
0b224c4120887e60272c8ee7ff02de3c62bfc1b180902f7f291417f0fc2c4455
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba560f19ef2d41c7d91b0d65128aac179dc58bb982ad37eede85cb591b16cca
131d7169096c801784d2d6daf390825f1913ac5346cb234759c39ad83df5d1c4
21438bfe0f729146911dd129aa807e57945705203da4442cf5001a045b615c11
249a1965c61efa773bffd2bc7db81d0a83eaa947b7872734bc4744033bc13719
274ab2dfa71b9a5b59c8f02a87622cea318c70ef9512911a0d219ac9dd8f04bb
2ce4475946cb5909c53ec575489c5acf6d1cac33b788c311584303093f962b72
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
372896213cb352809a0da122ef955cea8e9150dab394806a9c37dd90fb38f266
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3e655ff1110524dca6b2b43df06fae905382d3cdc4bba396b3996739a1284eda
41899ac8c6bf57f53c115ab3ceba382d65b98a516dddfda61742fbc0d0f476c4
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cd49b7adddf1b746322b222ed41632d74b156ecbb930b28897310573c0e46f1
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51157c1fe1d48f4cea4477c2a7b8e9d0db34a75f6d177ed1d5087fbdea1092fa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594ea28ece633b47536a3549082809e82c6772e5f2f324f26f8bc0f5de6842d2
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
66d55dd177b6dacdf7fe57cde1175f97c663d3847dc2384af58a07cbd6444e87
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
87a479694669a1a25d489ecd7138bfadc99116096051c640fc431b1ab0dbad77
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3f742877e2197f3098bd00681b25b9afb2430805a2b98a98a4f74381b38b775
a42c5097388e587fa35bb8e1a50c8752ce5a1e1c4e7a347bc007c4ad76ee0a57
a52317aa906518b407b70985ac3ddad8dc4d14ef00c4d9d804a78bf3ddc121f3
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
aeba8f80e32646c43caf4fd5509ef3513691af6230762a6cf234fe646d854100
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4665fbd1c393f6a6340aa12fdfe61c9481dd3a6e9292a850feef98a621e89ba
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
c4701179c17827a7d417dbc7d9a40cdd6fbb0112d29e90b822bbf5b2a33d63af
c64bc40632fa695cc9d2625524e1708a17f7c331fab12a9cc46a78eddc362257
c7eecc42aaae1307d934ee4a0255ba91074704cc6a9af55f2df61d0a29c3f66f
cdb7911dd984dc9b0840a0a94e711600b05dd72d612465fdb18ecfb67ea9e66c
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d8daf6082813a8f8f47c1f4a44051986142fa7e2bed00219d31d3ef6a3717e91
d97b809cd86ff5976b2e1f38d0320082eb68914dd4b8b282b59bd1400409cf89
dc75105ce4ce3cf9f561899ff717756705ff49c5428dbfffd737986be5fdc417
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edb50fc5e0fdb9eecbfb20b0429a1ccf2cb9967734281e417896a853599bd5ac
eed6830ff19b546be51ba4f348cd1a7e6618ebec0fc92bb0b55cff8ade667dc5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05b1a5405f89e9d647eee02d21c6b525a570da6fedc7a66791745a153b71889
f3e271b44a4874258fc6302e7996e949e760208bc02850938bb38a9ad626f2c4
f7214455123e5fb1fd165f99f9a43a3c0a1311403e16701deac74c63a7cef350
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

dallas.sogoodnews.com Open in urlscan Pro 2a02:4780:21:94d1:cd66:afc:bb37:3eab Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

102 Requests

86 %HTTPS

48 %IPv6

10 Domains

26 Subdomains

23 IPs

2 Countries

1522 kBTransfer

3923 kBSize

16 Cookies

1 Outgoing links

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

dallas.sogoodnews.com Open in urlscan Pro
2a02:4780:21:94d1:cd66:afc:bb37:3eab Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

86 %
HTTPS

48 %
IPv6

10
Domains

26
Subdomains

23
IPs

2
Countries

1522 kB
Transfer

3923 kB
Size

16
Cookies

102 HTTP transactions
6 data transactions