urlscan.io logo urlscan.io
SecurityTrails logo

pe-ca-app.newsmemory.com Open in urlscan Pro
50.17.180.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tinyurl.com/y2ct6fsk
Effective URL: https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Submission: On August 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 16 domains to perform 81 HTTP transactions. The main IP is 50.17.180.6, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pe-ca-app.newsmemory.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 31st 2020. Valid for: 2 years.
This is the only time pe-ca-app.newsmemory.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2606:4700:10::6814:8b41 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.com
11    50.17.180.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-180-6.compute-1.amazonaws.com
pe-ca-app.newsmemory.com
5    23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
4    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
8    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
2    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
googleads.g.doubleclick.net
6    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
securepubads.g.doubleclick.net
1    23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com
z.moatads.com
4    185.33.221.52 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2a00:1450:4001:81f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7c1b29c3df805cf96d19e3a5aa5aa1c9.safeframe.googlesyndication.com
13    2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3eb7971dc2ad06f3092c045295dea467.safeframe.googlesyndication.com
10    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
pe-ca-app.newsmemory.com
tpc.googlesyndication.com
cdn.ampproject.org
11 pe-ca-app.newsmemory.com pe-ca-app.newsmemory.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
pe-ca-app.newsmemory.com
4 fonts.gstatic.com pe-ca-app.newsmemory.com
cdn.ampproject.org
4 www.google.com 2 redirects pe-ca-app.newsmemory.com
4 ib.adnxs.com pe-ca-app.newsmemory.com
4 www.google-analytics.com pe-ca-app.newsmemory.com
3 s7.addthis.com pe-ca-app.newsmemory.com
s7.addthis.com
2 googleads.g.doubleclick.net pe-ca-app.newsmemory.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 adservice.google.com www.googletagservices.com
2 adservice.google.de www.googletagservices.com
2 www.googletagservices.com pe-ca-app.newsmemory.com
1 3eb7971dc2ad06f3092c045295dea467.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 7c1b29c3df805cf96d19e3a5aa5aa1c9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 tinyurl.com 1 redirects
0 dmx.districtm.io Failed pe-ca-app.newsmemory.com
81 22

This site contains links to these domains. Also see Links.

Domain
pe-ca.newsmemory.com
www.addthis.com
www.newsmemory.com
local.digitalfirstmedia.com
Subject Issuer Validity Valid
*.newsmemory.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-31 -
2022-03-31		 2 years crt.sh
odc-prod-01.oracle.com
DigiCert Secure Site ECC CA-1		 2020-07-22 -
2021-10-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2021-03-17		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Frame ID: B70421034B9A357F6AE0DF6F72CDE3BD
Requests: 10 HTTP requests in this frame

Frame: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
Frame ID: FFA7ECF38519B79482D643E0DCE1C700
Requests: 18 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: FCDC70C5D80CFFEA3761C39ECA1BA55D
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 66FBACAC9C09F7E88C95C29D0E495257
Requests: 1 HTTP requests in this frame

Frame: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
Frame ID: 43B60CB54A5821078D464C7DCF5A770D
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js
Frame ID: 2CBB83B8A848562B04BD142352184DFD
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 2151A72F876F96621F60C7823DCF6E52
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js
Frame ID: 35FA65316DF721E7FA59E90FB668AD7B
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: DB8B51E78C41516F443610E2BF9030B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://tinyurl.com/y2ct6fsk HTTP 301
    https://pe-ca-app.newsmemory.com/?publink=2d0550ee4 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

81
Requests

96 %
HTTPS

71 %
IPv6

16
Domains

22
Subdomains

17
IPs

3
Countries

846 kB
Transfer

2389 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tinyurl.com/y2ct6fsk HTTP 301
    https://pe-ca-app.newsmemory.com/?publink=2d0550ee4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 76
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

81 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pe-ca-app.newsmemory.com/
Redirect Chain
  • http://tinyurl.com/y2ct6fsk
  • https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-180-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e0bf46f7cf868ef6644019558586b7e012014dc514dd25d3c5e7d770b867085f

Request headers

Host
pe-ca-app.newsmemory.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 17:43:15 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3095
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Mon, 03 Aug 2020 17:43:14 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=da44ce0d5ad19ed3367d08ac47b4a2f441596476594; expires=Wed, 02-Sep-20 17:43:14 GMT; path=/; domain=.tinyurl.com; HttpOnly; SameSite=Lax TCSR-037905e378e1a0cf09c5199e96bdc4fa=eyJpdiI6IlZoTjV0MlhPd1I3bU9DUEVCNUZpMVE9PSIsInZhbHVlIjoibEZFbnRDQXlLQnpJaXVkUTRMMWNGUT09IiwibWFjIjoiNjYxOGU1ZjBlNzk2Y2EyYWUyMDQxODljOWIzNGY5N2I2YTU1NGEwZmNiMGMyMGFiN2MzNDY0OWYyNzM2MTMyZiJ9; expires=Mon, 03-Aug-2020 17:48:14 GMT; Max-Age=300; path=/; domain=.tinyurl.com; httponly; samesite=lax
X-Powered-By
PHP/7.3.15
Location
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Referrer-Policy
unsafe-url
CF-Cache-Status
DYNAMIC
cf-request-id
045704af94000007429a8c8200000001
Server
cloudflare
CF-RAY
5bd1d6f8ec4d0742-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
publink.css
pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/action/style/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/action/style/publink.css
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-180-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5caeb9df8121d497337dd1e399cfc361f1114fecc53e9aeb87f15c52a1777226

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 17:43:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Feb 2019 16:53:39 GMT
Server
Apache
ETag
"8c87ade-b36-581287370cac0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
911
lg-share-en.gif
s7.addthis.com/static/btn/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s7.addthis.com/static/btn/v2/lg-share-en.gif
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
a277c82c1e9592fcdbb1b3e6c31232f92d90ec761e5b7ecb4e1ec4c9a4f7af4c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Tue, 21 Jan 2020 20:57:37 GMT
server
nginx/1.15.8
etag
"5e2765c1-68b"
content-type
image/gif
status
200
cache-control
public, max-age=86313600
date
Mon, 03 Aug 2020 17:43:16 GMT
x-host
s7.addthis.com
accept-ranges
bytes
timing-allow-origin
*
content-length
1675
low.jpg
pe-ca-app.newsmemory.com/newsmemvol2/california/riversidepressenterprise/20200801/rpe_dly_200801_a_010.pdf.0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pe-ca-app.newsmemory.com/newsmemvol2/california/riversidepressenterprise/20200801/rpe_dly_200801_a_010.pdf.0/low.jpg
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-180-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e57340a34f6f07a615b83fd1db5107f2d8506a19f24f4bd894999679f773390a

Request headers

Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 03 Aug 2020 17:43:16 GMT
Cache-control
private
Last-Modified
Thu 01 Jan 1970 00:26:36 GMT
Server
Apache
Content-Length
4186
Content-Type
image/jpeg
addthis_widget.js
s7.addthis.com/js/250/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/250/addthis_widget.js
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
server
nginx/1.15.8
etag
"5ed917ff-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
status
200
cache-control
public, max-age=600
date
Mon, 03 Aug 2020 17:43:16 GMT
x-host
s7.addthis.com
content-length
116324
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
5257
date
Mon, 03 Aug 2020 16:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 03 Aug 2020 18:15:39 GMT
ajax-request.php
pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ Frame FFA7 		1 KB
795 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-180-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6b3e649302d68897be0522ccf632c03ead058e7364e0b9c7ee7d36108bcc38ec

Request headers

Host
pe-ca-app.newsmemory.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
object
Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4

Response headers

Date
Mon, 03 Aug 2020 17:43:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
630
Content-Type
text/html
collect
www.google-analytics.com/r/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=461747718&t=pageview&_s=1&dl=https%3A%2F%2Fpe-ca-app.newsmemory.com%2F%3Fpublink%3D2d0550ee4&dp=%2Fpublink%2F20200801%2FThe%20Press-Enterprise%20North%2FA10%2F2%20%3AArticle%2FText&ul=en-us&de=UTF-8&dt=Boston%20Marathon%20bomber%E2%80%99s%20death%20sentence%20overturned%20-%20The%20Press-Enterprise&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=342644154&gjid=738285127&cid=1144098596.1596476597&tid=UA-497060-19&_gid=1555984309.1596476597&_r=1&z=1221669548
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 17:43:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pe-ca-app.newsmemory.com/ Frame FFA7 		126 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pe-ca-app.newsmemory.com/?prebid=header&pSetup=riversidepressenterprise
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-180-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e39135a97de5b7a4924b2821b1155d9cfefe661ea67563c76aee35717ffaeef3

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Mon, 03 Aug 2020 17:43:16 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=7200
Content-Length
39978
Expires
Mon, 03 Aug 2020 19:43:16 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame FFA7 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
790a12f6e0077df36aa450fee2a42729645c1d1e8afa044ea23b1e8b69e6ae29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"590 / 23 of 1000 / last-modified: 1596471782"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=7200
timing-allow-origin
*
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
16575
x-xss-protection
0
expires
Mon, 03 Aug 2020 17:43:16 GMT
/
pe-ca-app.newsmemory.com/ Frame FFA7 		208 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pe-ca-app.newsmemory.com/?prebid=sitevariables&pSetup=riversidepressenterprise
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-180-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7e502f485d44f0b0c522bedf51585fbb6e58c0362b35090e7c38f1b80294d7c1

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Mon, 03 Aug 2020 17:43:16 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=7200
Content-Length
171
Expires
Mon, 03 Aug 2020 19:43:16 GMT
/
pe-ca-app.newsmemory.com/ Frame FFA7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pe-ca-app.newsmemory.com/?prebid=tecnaviaheader&pSetup=riversidepressenterprise
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-180-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b17c52e3ca0a20a507a1fc93a6572759b186093bbea0432ad92edfd6092df42c

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Mon, 03 Aug 2020 17:43:16 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=7200
Content-Length
1524
Expires
Mon, 03 Aug 2020 19:43:16 GMT
integrator.js
adservice.google.de/adsid/ Frame FFA7 		109 B
246 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pe-ca-app.newsmemory.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Aug 2020 17:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame FFA7 		109 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pe-ca-app.newsmemory.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Aug 2020 17:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
pubads_impl_2020073001.js
securepubads.g.doubleclick.net/gpt/ Frame FFA7 		257 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
1a1d846a5bf4af0e523bf1fc12389d7c73c2ff454e632372af5570afc5eb06cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Jul 2020 13:10:45 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92315
x-xss-protection
0
expires
Mon, 03 Aug 2020 17:43:16 GMT
analytics.js
www.google-analytics.com/ Frame FFA7 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?prebid=tecnaviaheader&pSetup=riversidepressenterprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
5257
date
Mon, 03 Aug 2020 16:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 03 Aug 2020 18:15:39 GMT
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame FCDC 		0
0
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:43:17 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=32319
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
_ate.track.config_resp
v1.addthisedge.com/live/boost/tecnaviapress/ 		166 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/tecnaviapress/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:43:17 GMT
content-encoding
gzip
etag
659743217
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
status
200
cache-control
public, max-age=33, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
154
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=5f284cb5c7b5d3c9&bkl=0&bl=1&pdt=2341&sid=5f284cb5c7b5d3c9&pub=tecnaviapress&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=pe-ca-app.newsmemory.com&fp=%3Fpublink%3D2d0550ee4&fr=&of=0&pd=0&irt=0&vcl=0&md=2&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1596476597083&jsl=0&uvs=5f284cb572ae09c9000&skipb=1&callback=addthis.cbs.jsonp__61536486754528450
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2e4172c30ac1ace80a8a7ca142171fe1ec370710ff0a69288075793c38a867bd

Request headers

Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
pragma
no-cache
date
Mon, 03 Aug 2020 17:43:17 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 66FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-44.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4

Response headers

status
200
server
nginx/1.15.8
content-type
text/html
last-modified
Mon, 09 Sep 2019 15:34:57 GMT
etag
W/"5d767121-1115f"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
25412
date
Mon, 03 Aug 2020 17:43:17 GMT
vary
Accept-Encoding
x-host
s7.addthis.com
ajax-request.php
pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ Frame 43B6 		1 KB
810 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-180-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e54a69aed142bcc6690a603581cbdd8b9e25a49f0c3caa2cd680b0365a276bb2

Request headers

Host
pe-ca-app.newsmemory.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
object
Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
_ga=GA1.2.1144098596.1596476597; _gid=GA1.2.1555984309.1596476597; _gat=1; __atuvc=1%7C32; __atuvs=5f284cb572ae09c9000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pe-ca-app.newsmemory.com/?publink=2d0550ee4

Response headers

Date
Mon, 03 Aug 2020 17:43:17 GMT
Server
Apache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
645
Content-Type
text/html
v1
dmx.districtm.io/b/ Frame FFA7 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame FFA7 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?prebid=header&pSetup=riversidepressenterprise
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
0514d0505864353f0d2117e071df6d8583ebbeb7fb6e2534876beb24f9adde98
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Aug 2020 17:43:17 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.165:80
AN-X-Request-Uuid
60a33fc8-93b3-493e-b946-a4c6d91adf69
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pe-ca-app.newsmemory.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame FFA7 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?prebid=header&pSetup=riversidepressenterprise
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
c3e801ee13de740d3af765d0038ed7ef28f8524203620610d46d7c1b2c7b7002
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Aug 2020 17:43:17 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.80:80
AN-X-Request-Uuid
96854b58-affb-4d1b-b8c6-c6de0e80f082
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pe-ca-app.newsmemory.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame FFA7 		59 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2229704881785048&correlator=1777365353631185&output=ldjh&impl=fifs&adsid=NT&eid=21066092&vrg=2020073001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=21699438956%2Cpe-ca%2Cpublink&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&eri=1&cookie_enabled=1&cdm=pe-ca-app.newsmemory.com&bc=31&abxe=1&lmt=1596476597&dt=1596476597265&dlt=1596476596720&idt=393&ea=0&frm=23&biw=1600&bih=1200&isw=730&ish=100&oid=3&adxs=435&adys=47&adks=2033964606&ucis=pcz6c7l0yca4&ifi=1&ifk=865854894&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fpe-ca-app.newsmemory.com%2Feebrowser%2Fipad%2Fhtml5.check.2500%2Fajax-request.php%3FpSetup%3Driversidepressenterprise%26action%3DloadAds%26ads%3D%252FeeLayout%252F_tan_tecnavia%252Ftan.prebid1.35.0%252Foptionspage%252Ftemplate%252Fsplash7.html&ref=https%3A%2F%2Fpe-ca-app.newsmemory.com%2F%3Fpublink%3D2d0550ee4&top=https%3A%2F%2Fpe-ca-app.newsmemory.com%2F%3Fpublink%3D2d0550ee4&dssz=11&icsg=15275&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x100&msz=730x90&ga_vid=1144098596.1596476597&ga_sid=1596476597&ga_hid=1340233876&ga_fc=true&fws=260&ohw=730
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
0e1368a61d9d280c5e1fba36ddc87dd7823e54ab80c6c4d8fd3c99edc914d483
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:43:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12249
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pe-ca-app.newsmemory.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7c1b29c3df805cf96d19e3a5aa5aa1c9.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame FFA7 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://7c1b29c3df805cf96d19e3a5aa5aa1c9.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame FFA7 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
/
pe-ca-app.newsmemory.com/ Frame 43B6 		126 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pe-ca-app.newsmemory.com/?prebid=header&pSetup=riversidepressenterprise
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-180-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e39135a97de5b7a4924b2821b1155d9cfefe661ea67563c76aee35717ffaeef3

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Mon, 03 Aug 2020 17:43:17 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=7200
Content-Length
39978
Expires
Mon, 03 Aug 2020 19:43:17 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame 43B6 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9f0c9a0d3c880c65b5201a73dd77a31bcd85fe402a0b68718796bdaec7adab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"590 / 315 of 1000 / last-modified: 1596476323"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
16630
x-xss-protection
0
expires
Mon, 03 Aug 2020 17:43:17 GMT
/
pe-ca-app.newsmemory.com/ Frame 43B6 		208 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pe-ca-app.newsmemory.com/?prebid=sitevariables&pSetup=riversidepressenterprise
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-180-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7e502f485d44f0b0c522bedf51585fbb6e58c0362b35090e7c38f1b80294d7c1

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Mon, 03 Aug 2020 17:43:17 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=7200
Content-Length
171
Expires
Mon, 03 Aug 2020 19:43:17 GMT
/
pe-ca-app.newsmemory.com/ Frame 43B6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pe-ca-app.newsmemory.com/?prebid=tecnaviaheader&pSetup=riversidepressenterprise
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-180-6.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b17c52e3ca0a20a507a1fc93a6572759b186093bbea0432ad92edfd6092df42c

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
cache
Date
Mon, 03 Aug 2020 17:43:17 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=7200
Content-Length
1524
Expires
Mon, 03 Aug 2020 19:43:17 GMT
integrator.js
adservice.google.de/adsid/ Frame 43B6 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=pe-ca-app.newsmemory.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Aug 2020 17:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 43B6 		109 B
168 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pe-ca-app.newsmemory.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Aug 2020 17:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
pubads_impl_2020073001.js
securepubads.g.doubleclick.net/gpt/ Frame 43B6 		257 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
1a1d846a5bf4af0e523bf1fc12389d7c73c2ff454e632372af5570afc5eb06cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Jul 2020 13:10:45 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92315
x-xss-protection
0
expires
Mon, 03 Aug 2020 17:43:17 GMT
analytics.js
www.google-analytics.com/ Frame 43B6 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?prebid=tecnaviaheader&pSetup=riversidepressenterprise
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
5258
date
Mon, 03 Aug 2020 16:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 03 Aug 2020 18:15:39 GMT
v1
dmx.districtm.io/b/ Frame 43B6 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 43B6 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?prebid=header&pSetup=riversidepressenterprise
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
2e48b4701464555d13bd40d22af6704aeb4b590d0bbfbb5fc2974af76901c624
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Aug 2020 17:43:17 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.146:80
AN-X-Request-Uuid
bd8c83d7-d405-4d41-b404-d3a28f5d98f3
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pe-ca-app.newsmemory.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 43B6 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/?prebid=header&pSetup=riversidepressenterprise
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.52 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
5e5bda4f02b00df5e3f9d6928ab58f6d7277cc8ac43136dc9f4bcd88b4195d5b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 03 Aug 2020 17:43:17 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.228:80
AN-X-Request-Uuid
7390ab75-2403-40ea-b321-d13aba0e0b25
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://pe-ca-app.newsmemory.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 43B6 		60 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2850985999772862&correlator=1723950113216489&output=ldjh&impl=fifs&adsid=NT&eid=21066612&vrg=2020073001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=21699438956%2Cpe-ca%2Cpublink&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&eri=1&cookie_enabled=1&cdm=pe-ca-app.newsmemory.com&bc=31&abxe=1&lmt=1596476597&dt=1596476597569&dlt=1596476597281&idt=243&ea=0&frm=23&biw=1600&bih=1200&isw=730&ish=100&oid=3&adxs=435&adys=677&adks=2033793757&ucis=cksvs25h29va&ifi=1&ifk=3292750864&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fpe-ca-app.newsmemory.com%2Feebrowser%2Fipad%2Fhtml5.check.2500%2Fajax-request.php%3FpSetup%3Driversidepressenterprise%26action%3DloadAds%26ads%3D%252FeeLayout%252F_tan_tecnavia%252Ftan.prebid1.35.0%252Foptionspage%252Ftemplate%252Fsplash10.html&ref=https%3A%2F%2Fpe-ca-app.newsmemory.com%2F%3Fpublink%3D2d0550ee4&top=https%3A%2F%2Fpe-ca-app.newsmemory.com%2F%3Fpublink%3D2d0550ee4&dssz=11&icsg=15275&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=730x100&msz=730x90&ga_vid=1144098596.1596476597&ga_sid=1596476598&ga_hid=489222363&ga_fc=true&fws=260&ohw=730
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
812e5e72663bda4f9c916c7b7d9f2708d872f4699fc90c23ce50d4b45ac44bb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:43:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12567
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://pe-ca-app.newsmemory.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3eb7971dc2ad06f3092c045295dea467.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 43B6 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://3eb7971dc2ad06f3092c045295dea467.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 43B6 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
amp4ads-v0.js
cdn.ampproject.org/rtv/012007280015000/ Frame 2CBB 		206 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f44a1114717d339dae9565b73af58004d4cee95749f24fb666dbcce5f0ee7096
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
1756
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57348
x-xss-protection
0
server
sffe
date
Mon, 03 Aug 2020 17:14:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"67e3cc633414a037"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 17:14:01 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 2CBB 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012007280015000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf1325ce561c93e54c85fe261dca05c1d4954f0604daa0cb52742c9ae0adcd0a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
1650
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5911
x-xss-protection
0
server
sffe
date
Mon, 03 Aug 2020 17:15:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2b698f14ce780d2f"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 17:15:47 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 2CBB 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012007280015000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1dc200eea43da1fcbdd99f977309e0004ad62b2d8e774c95275600414638a1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
1756
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29729
x-xss-protection
0
server
sffe
date
Mon, 03 Aug 2020 17:14:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"343248c140f42a43"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 17:14:01 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 2CBB 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012007280015000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b746d08f061ee964adb088db7f87a27ee9d5ea58bf6111f082a025942ddfce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
1664
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1779
x-xss-protection
0
server
sffe
date
Mon, 03 Aug 2020 17:15:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e9949b381080a26e"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 17:15:33 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 2CBB 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012007280015000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c244b38a3f62fee32b4e6f32a69d40865af2e1f7bc2dd73397b8fd0f96125e7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
1664
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15002
x-xss-protection
0
server
sffe
date
Mon, 03 Aug 2020 17:15:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a54c33253427c91"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 17:15:33 GMT
css
fonts.googleapis.com/ Frame 2CBB 		4 KB
721 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Aug 2020 16:48:44 GMT
server
ESF
date
Mon, 03 Aug 2020 17:43:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Aug 2020 17:43:17 GMT
truncated
/ Frame 2CBB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eee80034ad54faa7255ddcdfa9e4adf74d3acdd09e1c3ea252c0100858c0bfbb

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2CBB 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Aug 2020 02:35:53 GMT
x-content-type-options
nosniff
server
cafe
age
54444
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Tue, 04 Aug 2020 02:35:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2CBB 		295 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
72979
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 03 Aug 2020 21:26:58 GMT
l
www.google.com/ads/measurement/ Frame 2CBB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYY_a-1QpVj3hT1TuHIYI5p5qhRv8exQtTcTMKEiULcTcv6jPylhPRBYanaicHKzynrgQH
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 2CBB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C2qZ8tUwoX8WME9XF7_UP7d2d-Arz-aO3XuTS1JjOC8mQrL2yCRABIJO4mWpguei-gNQBoAHN_6rdA8gBAeACAKgDAcgDCqoEmANP0Ndk7nT5PEOOJpxEaNW9wKYjzvyHRaBblAA0IRlV-Tj560j775wLK9m0i5ZRojIRv9SWrYOZIlx2Q2Tu2OQ82S5cl4Xyx6GnAaY3w0EzK_DuT7ZR4ddB-S05knPmXY0Z3-uXnorjiyJtoG81X5vUXQaR_688Mz48Gs6B8pYP9MNKgNY-Q1mUEM-CmwZJ5tNjnCWQvVrNxjV8HgCxMd6MIo7HruT4NPLLav5PxcrGHXSQy8ciwCPzB27w9s1SpY2HIoa0kBRCzr1D6f8ew5bFITB3scdwDboEs_ek6znSWgL9z166q8jiITBqsFmtB46kwuLMbjHq5yoq0KVGkP9kd2_eyInrbfjnSfxnkygw1YsyhBMCZlkQa63rbcjQte48RJvMX1W9PsRBmssxma7naQJ8HEuJTlzNfEDB8k7A4gU4B4QjWjAJox9ZRDQCIJUsjT-Dl2QPssjaPe4QbbpsNiSK_5s9n7NVCXXXmZVy93euxQRzZFBAMvcRsxoWW_Q-39Cg6YY-gQ6j_vbnVs89T7ZR2Mt6-UHABLm_keCNA-AEAZIFBAgEGAGSBQQIBRgEoAZRgAebgNUiqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKe6A9IICQiA4YBwEAEYHYAKA8gLAdgTDA&sigh=RhfnFPb4Rb0&tpd=AGWhJmsHo3sRypTItDgw1aLhjNQ3vA2o-yFaX5She-mbx0bOcQ
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame FFA7 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020073001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0fd64162424ad0eff772f099024bf07e9e70de72aa386bea2c0555e6124a7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Aug 2020 17:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5623
x-xss-protection
0
4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame 2CBB 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin
https://pe-ca-app.newsmemory.com

Response headers

date
Tue, 21 Jul 2020 13:25:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:26 GMT
server
sffe
age
1138697
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14608
x-xss-protection
0
expires
Wed, 21 Jul 2021 13:25:00 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame 2CBB 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin
https://pe-ca-app.newsmemory.com

Response headers

date
Tue, 21 Jul 2020 12:59:22 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:18 GMT
server
sffe
age
1140235
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14816
x-xss-protection
0
expires
Wed, 21 Jul 2021 12:59:22 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FFA7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:43:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Mon, 03 Aug 2020 17:43:17 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2CBB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Mon, 03 Aug 2020 17:43:17 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 2151 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Mon, 03 Aug 2020 16:55:01 GMT
expires
Tue, 03 Aug 2021 16:55:01 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2896
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2CBB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Aug 2020 02:35:53 GMT
x-content-type-options
nosniff
server
cafe
age
54444
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Tue, 04 Aug 2020 02:35:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2CBB 		295 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
72979
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 03 Aug 2020 21:26:58 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/012007280015000/ Frame 35FA 		206 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f44a1114717d339dae9565b73af58004d4cee95749f24fb666dbcce5f0ee7096
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
1756
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57348
x-xss-protection
0
server
sffe
date
Mon, 03 Aug 2020 17:14:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"67e3cc633414a037"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 17:14:01 GMT
amp-ad-exit-0.1.js
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 35FA 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012007280015000/v0/amp-ad-exit-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf1325ce561c93e54c85fe261dca05c1d4954f0604daa0cb52742c9ae0adcd0a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
1650
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5911
x-xss-protection
0
server
sffe
date
Mon, 03 Aug 2020 17:15:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2b698f14ce780d2f"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 17:15:47 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 35FA 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012007280015000/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1dc200eea43da1fcbdd99f977309e0004ad62b2d8e774c95275600414638a1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
1756
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29729
x-xss-protection
0
server
sffe
date
Mon, 03 Aug 2020 17:14:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"343248c140f42a43"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 17:14:01 GMT
amp-fit-text-0.1.js
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 35FA 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012007280015000/v0/amp-fit-text-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b746d08f061ee964adb088db7f87a27ee9d5ea58bf6111f082a025942ddfce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
1664
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1779
x-xss-protection
0
server
sffe
date
Mon, 03 Aug 2020 17:15:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e9949b381080a26e"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 17:15:33 GMT
amp-form-0.1.js
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 35FA 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012007280015000/v0/amp-form-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c244b38a3f62fee32b4e6f32a69d40865af2e1f7bc2dd73397b8fd0f96125e7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
1664
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15002
x-xss-protection
0
server
sffe
date
Mon, 03 Aug 2020 17:15:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6a54c33253427c91"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Aug 2021 17:15:33 GMT
css
fonts.googleapis.com/ Frame 35FA 		4 KB
698 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Aug 2020 17:16:08 GMT
server
ESF
date
Mon, 03 Aug 2020 17:43:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Aug 2020 17:43:17 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 35FA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Aug 2020 02:35:53 GMT
x-content-type-options
nosniff
server
cafe
age
54444
etag
11660698925711390587
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Tue, 04 Aug 2020 02:35:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 35FA 		295 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 02 Aug 2020 21:26:58 GMT
x-content-type-options
nosniff
server
cafe
age
72979
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
public, max-age=86400
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 03 Aug 2020 21:26:58 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16025795338844898647/ Frame 35FA 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16025795338844898647/downsize_200k_v1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8848a54994cb679e925df2f013ea346e45a10dcca1cbd0dfd0201cab141a7682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Jul 2020 04:36:40 GMT
x-content-type-options
nosniff
age
2207197
x-dns-prefetch-control
off
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29579
x-xss-protection
0
last-modified
Wed, 29 Aug 2018 09:21:44 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jul 2021 04:36:40 GMT
truncated
/ Frame 35FA 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4278863caca9eeaa206ba06333dd2107796b732d0b7d478e025e7bb241e7805a

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
l
www.google.com/ads/measurement/ Frame 35FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQvwDu16bc2NFSz3jMhwjX3UwiXUsdcbiNDERGQNE5le9FSSz7p-nLBKOPb83vKFjMkr1Zp
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 35FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChVkMtUwoX7fzJKDC7_UPo4WsqAOo6oKeVq6YyZf6CMOi65rUGBABIJO4mWpguei-gNQBoAGFt8ibA8gBAakC-uRKaQSssz7gAgCoAwGqBJcDT9C9KL67_6tfOPbAa33NHNru9l-zwGNpKkzqJiE0_MEEXQfDHB6u4baG-tmTZXCHZvqYDJB1CdpApyVosKzBGncmKI9MlemfaaYciOlxAf0leTTpisMtiQGx0W7PF18gEQaidnnEz0dQ6-AoYzeZloNw4idNvl-L5dkRXxECG1U9ILVCQvyaSw7jCniFYPelIvNcH5v8FAvOsuPdBY7KksIFWwQQen7eSOLD7RZ_gagxhUOwmpqXBaeiVgdgZYOpLPTTOvgJO_Am5RW9uHFwxjx9C1w4Bqq9sOZlLQRVjHKo71DOd4Dokw_376xVLjrX0c18m5lFa-hJbWezedZfsaLPajBAIO0rzWbEgd72EiqMRQASoxYQxnj1c0U-py79eCNSdUhWvAXCZpKhe7tTecqd7-Z1nocV2G0kcPuYWtGbGg_OJG2K8oCZzCXAJJIi_cDq-Xz20MfIcfBM5Bm75uKXxA4ag9uld_MjcEveHaKPyiU77BaTN-v1LG-3eUCc6KjWvRw9cxhuxFVA6dSnHLTV_SrsfhjABKzcp8iEAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfjyLdkqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEOuqA9IICQiA4YBwEAEYHYAKA8gLAdgTDYgUAQ&sigh=_tX1maXsYfs&template_id=5001&tpd=AGWhJmvs6IGcNXbGje1TaTrNXZoDUjBBFEE4i9pN4gscBSpnOA
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 43B6 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020073001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c7c582ec7dbc29038c0c8c5118c429fa75110397f38da24739b664cc9b62ca5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 03 Aug 2020 17:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
5678
x-xss-protection
0
4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame 35FA 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v16/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin
https://pe-ca-app.newsmemory.com

Response headers

date
Tue, 21 Jul 2020 13:25:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:26 GMT
server
sffe
age
1138698
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14608
x-xss-protection
0
expires
Wed, 21 Jul 2021 13:25:00 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v16/ Frame 35FA 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v16/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Origin
https://pe-ca-app.newsmemory.com

Response headers

date
Tue, 21 Jul 2020 12:59:22 GMT
x-content-type-options
nosniff
last-modified
Wed, 04 Dec 2019 18:44:18 GMT
server
sffe
age
1140236
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14816
x-xss-protection
0
expires
Wed, 21 Jul 2021 12:59:22 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 43B6 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Mon, 03 Aug 2020 17:43:18 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 35FA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: pe-ca-app.newsmemory.com
URL: https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date
Mon, 03 Aug 2020 17:43:18 GMT
x-content-type-options
nosniff
server
safe
status
302
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame FFA7 		0
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020073001&jk=2229704881785048&bg=!6eql6vJYVHLg5eVvw0kCAAAAW1IAAAAdmQGxQ1SyIBSmk6laRtzrriPyNlIKEyZ_Ry7-6PmU7SSOuNpR1C5hJODwLffpVkmjaykVn_ga5g7eMTK7NCBMWuxTz_sSkYmPB1cJz1KxElAffMg7hQQt8jTmkkFKf1e8VHsX0Jwe4ZZm10O5BFL76p9qg5E3vauFlRoWT6yernC1QWLYW_eHZTlvCiGVLiMKRWHGfDaAX1VkI5WfGmr-PUFBh95HviSKmYMuqOWfsz7mRJkbgadnukvur-YuTJYmGk2KRoPYVvTyasqk7xdZP7iuT0TIt3K-tiwemBPNGpNomRS7WT7cL-Ey1vRGzmReOJPhPxrPo5e7hV5E-UbVEEFwCQNjIZhhnIeLl1wfi-4BtBsLJGPFTG7blTWn65fOZfZ41kAONJLsByzW1DNZ1YtWKVepfntDZcOM3_IV4sT48UyZEftwu9h6ODzvMqBk6RXb59P0pcFHjnmf3C4WDowUUYMBNqEiMUeShhLnDakn9VegUXGN8vDLirfXsPleBYq7VdYZlgdsTlnzCCBAcXmVhXPoQEmio2bY5LFw55VMq3NCLx6eETOxfFSg7JD2gLD8sw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 17:43:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame DB8B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Mon, 03 Aug 2020 16:55:01 GMT
expires
Tue, 03 Aug 2021 16:55:01 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2897
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 43B6 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020073001&jk=2850985999772862&bg=!9_Sl9OxY_Jgedqnk_xcCAAAASlIAAAAMmQGxs80ij_s8mJRbui-luwUUCjDWT5PfFOSARllUsd-l0E2CUzwmSt9vb9FfFDl_HI4ptlReLQDsBomvy8m6HCa6E5VbqGA3zUN-mKgD_-8xbo3UxcnTME96lyoS6I-cXPyhPwuPYl39Ubx9pLBIGiO2dPbT9rkCkw-2fGrp6Va98KJSJFyv9TNAOG60tgF_6CAo-s4fHYV6ovD2Q2YomUsgDFCyJ2OUxZ6fZzHHCbmeGyJUv9SrVtBfap6WQXeYJylk-PXKMwTkasZ7S94UlG0GdPs0zeMpIzIJ0oBaevc5YS7THEOdlqmcFj05zHN5gxhGu1VTs7JPo-drkGynNdoznYAUAp37mv8srtIntdkzM7EY1cIYCF4YWBZA_WgrUo4XhRT29LlgcZzv7qduTtr54CSAy7GA01xr_-a1sngHvPXzxE5k97TdyMiaj5I4Kpi6EYdVDS_GGCNKru6QMEbZQZQ4BA-qp_38jnIOVDpzdDbJComt9vO0Al6cIejrA9UuruRINIg7YhCuF8vfMyGeXMx56AJhF-vOYffzfxo4GGQiApOCIb9lu4hZxH4vD0hKQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 17:43:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2CBB 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvjV93_4JGebXjjOSJEl3-uETdb8bgblpl_lGnSbtxym8lKSnLJbnVaQSuQE4zFATQe-bNlEx_pL3bHJSOw8KZjEeANIANd5GuXXbl8FKQD4wjkhlu4vXE3CJyMRQ&sai=AMfl-YRkpWfl7NnKZ8D4NVq2GFquqkDPy4pmMflhBGGO9Hyxo39n4rKacDTJ3lRi9AMU1dQjVC_KtWQEt84m6J8h3tAVkRHWR-fcgnNq2NPtNDRu92ZfIrGuISr970C2njyU&sig=Cg0ArKJSzKsLY-ic8sbHEAE&cid=CAASPeRoN9rh4ifm4JEHN1exWluzP5AxsCycFmt2MFpT7z1ju9qaG_MmMdOsdt1GVTkRw5lCX7iJww7B_-CEl28&id=ampim&o=435,47&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=150&tls=1151&g=100&h=100&tt=1151&r=v&avms=ampa&adk=2033964606
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 17:43:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 35FA 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGIEFr2-xws9oWVN0EOal3MHye4_p5ceLB2mDYWPYHCbfI2KjxIKGK8g6k5cn_l2DqwcF-Nd7Ohze_qj4HdGwy6JvFgsY65NexzT5y7Hutapkb9FAJMKdboLBFV3TuQ2XIN4rUbKYXgQFyNL18sGFt&sai=AMfl-YTznE0cHYKSO02LB64vdzgQ_AwBtO1a-ZyTftTHQWwaeGQBg3hVX-W-bT2QfAJebkT_0SiGHLZ7WFf4-rfdgyceZvAGE8tOMqq5VPurGj-ouKqIMqsFmPhc0w6hQYE&sig=Cg0ArKJSzDN1rqUELDNbEAE&cid=CAASPeRoUzyNQCnLH-a0BJRDPagOPIqhLuU03FnwvYUkv-rPGXj9rlvzq1JaX6pn6Ag-mm2Tko2CDu_QgPZoXFM&id=ampim&o=435,677&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=108&tls=1108&g=100&h=100&tt=1108&r=v&avms=ampa&adk=2033793757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pe-ca-app.newsmemory.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 17:43:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/b/v1

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| data object| addthis_config function| resizeWrapper string| pagenum string| title string| artnum string| arttype string| date string| viewmode string| eedition string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| oattr boolean| __@@##MUH object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

7 Cookies

Domain/Path Name / Value
.addthis.com/ Name: loc
Value: MDAwMDBFVUJFMDAyMzEzMTg1MTAwMDAwMDBDSA==
.addthis.com/ Name: uvc
Value: 1%7C32
pe-ca-app.newsmemory.com/ Name: __atuvs
Value: 5f284cb572ae09c9000
pe-ca-app.newsmemory.com/ Name: __atuvc
Value: 1%7C32
.newsmemory.com/ Name: _gat
Value: 1
.newsmemory.com/ Name: _gid
Value: GA1.2.1555984309.1596476597
.newsmemory.com/ Name: _ga
Value: GA1.2.1144098596.1596476597

2 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js(Line 421)
Message:
Powered by AMP ⚡ HTML – Version 2007280015000 https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash7.html
console-api info URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js(Line 421)
Message:
Powered by AMP ⚡ HTML – Version 2007280015000 https://pe-ca-app.newsmemory.com/eebrowser/ipad/html5.check.2500/ajax-request.php?pSetup=riversidepressenterprise&action=loadAds&ads=%2FeeLayout%2F_tan_tecnavia%2Ftan.prebid1.35.0%2Foptionspage%2Ftemplate%2Fsplash10.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3eb7971dc2ad06f3092c045295dea467.safeframe.googlesyndication.com
7c1b29c3df805cf96d19e3a5aa5aa1c9.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
dmx.districtm.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
m.addthis.com
pagead2.googlesyndication.com
pe-ca-app.newsmemory.com
s7.addthis.com
securepubads.g.doubleclick.net
tinyurl.com
tpc.googlesyndication.com
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagservices.com
z.moatads.com
dmx.districtm.io
s7.addthis.com
172.217.16.130
185.33.221.52
23.210.248.44
23.210.250.213
2606:4700:10::6814:8b41
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2001
2a00:1450:4001:816::2001
2a00:1450:4001:816::200e
2a00:1450:4001:818::2002
2a00:1450:4001:819::2001
2a00:1450:4001:81d::2004
2a00:1450:4001:81f::2001
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2002
50.17.180.6
02fec5849f8ab7bceb4450d167f382e9079bd3a5d0f33a00942869641811ab3a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0514d0505864353f0d2117e071df6d8583ebbeb7fb6e2534876beb24f9adde98
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0e1368a61d9d280c5e1fba36ddc87dd7823e54ab80c6c4d8fd3c99edc914d483
1a1d846a5bf4af0e523bf1fc12389d7c73c2ff454e632372af5570afc5eb06cc
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
2e4172c30ac1ace80a8a7ca142171fe1ec370710ff0a69288075793c38a867bd
2e48b4701464555d13bd40d22af6704aeb4b590d0bbfbb5fc2974af76901c624
4278863caca9eeaa206ba06333dd2107796b732d0b7d478e025e7bb241e7805a
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
55b746d08f061ee964adb088db7f87a27ee9d5ea58bf6111f082a025942ddfce
5c7c582ec7dbc29038c0c8c5118c429fa75110397f38da24739b664cc9b62ca5
5caeb9df8121d497337dd1e399cfc361f1114fecc53e9aeb87f15c52a1777226
5d1dc200eea43da1fcbdd99f977309e0004ad62b2d8e774c95275600414638a1
5e5bda4f02b00df5e3f9d6928ab58f6d7277cc8ac43136dc9f4bcd88b4195d5b
6b3e649302d68897be0522ccf632c03ead058e7364e0b9c7ee7d36108bcc38ec
6c244b38a3f62fee32b4e6f32a69d40865af2e1f7bc2dd73397b8fd0f96125e7
790a12f6e0077df36aa450fee2a42729645c1d1e8afa044ea23b1e8b69e6ae29
7e502f485d44f0b0c522bedf51585fbb6e58c0362b35090e7c38f1b80294d7c1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
812e5e72663bda4f9c916c7b7d9f2708d872f4699fc90c23ce50d4b45ac44bb6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8848a54994cb679e925df2f013ea346e45a10dcca1cbd0dfd0201cab141a7682
a277c82c1e9592fcdbb1b3e6c31232f92d90ec761e5b7ecb4e1ec4c9a4f7af4c
b17c52e3ca0a20a507a1fc93a6572759b186093bbea0432ad92edfd6092df42c
b9f0c9a0d3c880c65b5201a73dd77a31bcd85fe402a0b68718796bdaec7adab6
bf1325ce561c93e54c85fe261dca05c1d4954f0604daa0cb52742c9ae0adcd0a
c3e801ee13de740d3af765d0038ed7ef28f8524203620610d46d7c1b2c7b7002
e0bf46f7cf868ef6644019558586b7e012014dc514dd25d3c5e7d770b867085f
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e39135a97de5b7a4924b2821b1155d9cfefe661ea67563c76aee35717ffaeef3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54a69aed142bcc6690a603581cbdd8b9e25a49f0c3caa2cd680b0365a276bb2
e57340a34f6f07a615b83fd1db5107f2d8506a19f24f4bd894999679f773390a
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
eee80034ad54faa7255ddcdfa9e4adf74d3acdd09e1c3ea252c0100858c0bfbb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fd64162424ad0eff772f099024bf07e9e70de72aa386bea2c0555e6124a7ac
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f44a1114717d339dae9565b73af58004d4cee95749f24fb666dbcce5f0ee7096
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955