www.bakersfield.com Open in urlscan Pro
192.104.183.109  Public Scan

21 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

• https://bcp.crwdcntrl.net/5/c=13855/rand=268408619/pv=y/med=flag%3A%20ap/med=geo%3A%20switzerland/med=geo%3A%20geneva/med=geo%3A%20scotland/med=geo%3A%20edinburgh/med=geo%3A%20moscow/med=geo%3A%20north%20america/med=geo%3A%20united%20states/med=geo%3A%20united%20kingdom/med=geo%3A%20eastern%20europe/med=geo%3A%20russia/med=geo%3A%20europe/med=geo%3A%20western%20europe/med=geo%3A%20france/med=%23OpR%2372333%23Keyword%20%3A%20international%20incidents%2C%20security%20services%2C%20diplomacy%2C%20security%20products%20and%20services%2C%20national%20governments%2C%20military%20legal%20affairs%2C%20consumer%20products%20and%20services%2C%20consumer%20services%2C%20hospitality%20and%20leisure%20industry%2C%20hotel%20operators%2C%20resort%20hotel%20operators%2C%20extradition%2C%20defense%20electronics%20and%20systems%20manufacturing%2C%20information%20technology%2C%20corporate%20legal%20affairs%2C%20indictments%2C%20military%20and%20defense%2C%20military%20intelligence%2C%20corporate%20news%2C%20corporate%20crime%2C%20illegal%20insider%20trading%2C%20legal%20proceedings%2C%20technology%2C%20technology%20issues%2C%20hacking%2C%20government%20regulations%2C%20business%2C%20industrial%20products%20and%20services%2C%20aerospace%20and%20defense%20industry%2C%20fraud%20and%20false%20statements%2C%20international%20relations%2C%20law%20and%20order%2C%20general%20news%2C%20crime%2C%20government%20and%20politics/int=%23OpR%2372332%23Site%20Section%20%3A%20ap/rb=%7B%22meta_tag%22%3A%22international%20incidents%2C%20security%20services%2C%20diplomacy%2C%20security%20products%20and%20services%2C%20national%20governments%2C%20military%20legal%20affairs%2C%20consumer%20products%20and%20services%2C%20consumer%20services%2C%20hospitality%20and%20leisure%20industry%2C%20hotel%20operators%2C%20resort%20hotel%20operators%2C%20extradition%2C%20defense%20electronics%20and%20systems%20manufacturing%2C%20information%20technology%2C%20corporate%20legal%20affairs%2C%20indictments%2C%20military%20and%20defense%2C%20military%20intelligence%2C%20corporate%20news%2C%20corporate%20crime%2C%20illegal%20insider%20trading%2C%20legal%20proceedings%2C%20technology%2C%20technology%20issues%2C%20hacking%2C%20government%20regulations%2C%20business%2C%20industrial%20products%20and%20services%2C%20aerospace%20and%20defense%20industry%2C%20fraud%20and%20false%20statements%2C%20international%20relations%2C%20law%20and%20order%2C%20general%20news%2C%20crime%2C%20government%20and%20politics%22%7D/rt=ifr HTTP 302
• https://bcp.crwdcntrl.net/5/ct=y/c=13855/rand=268408619/pv=y/med=flag%3A%20ap/med=geo%3A%20switzerland/med=geo%3A%20geneva/med=geo%3A%20scotland/med=geo%3A%20edinburgh/med=geo%3A%20moscow/med=geo%3A%20north%20america/med=geo%3A%20united%20states/med=geo%3A%20united%20kingdom/med=geo%3A%20eastern%20europe/med=geo%3A%20russia/med=geo%3A%20europe/med=geo%3A%20western%20europe/med=geo%3A%20france/med=%23OpR%2372333%23Keyword%20%3A%20international%20incidents%2C%20security%20services%2C%20diplomacy%2C%20security%20products%20and%20services%2C%20national%20governments%2C%20military%20legal%20affairs%2C%20consumer%20products%20and%20services%2C%20consumer%20services%2C%20hospitality%20and%20leisure%20industry%2C%20hotel%20operators%2C%20resort%20hotel%20operators%2C%20extradition%2C%20defense%20electronics%20and%20systems%20manufacturing%2C%20information%20technology%2C%20corporate%20legal%20affairs%2C%20indictments%2C%20military%20and%20defense%2C%20military%20intelligence%2C%20corporate%20news%2C%20corporate%20crime%2C%20illegal%20insider%20trading%2C%20legal%20proceedings%2C%20technology%2C%20technology%20issues%2C%20hacking%2C%20government%20regulations%2C%20business%2C%20industrial%20products%20and%20services%2C%20aerospace%20and%20defense%20industry%2C%20fraud%20and%20false%20statements%2C%20international%20relations%2C%20law%20and%20order%2C%20general%20news%2C%20crime%2C%20government%20and%20politics/int=%23OpR%2372332%23Site%20Section%20%3A%20ap/rb=%7B%22meta_tag%22%3A%22international%20incidents%2C%20security%20services%2C%20diplomacy%2C%20security%20products%20and%20services%2C%20national%20governments%2C%20military%20legal%20affairs%2C%20consumer%20products%20and%20services%2C%20consumer%20services%2C%20hospitality%20and%20leisure%20industry%2C%20hotel%20operators%2C%20resort%20hotel%20operators%2C%20extradition%2C%20defense%20electronics%20and%20systems%20manufacturing%2C%20information%20technology%2C%20corporate%20legal%20affairs%2C%20indictments%2C%20military%20and%20defense%2C%20military%20intelligence%2C%20corporate%20news%2C%20corporate%20crime%2C%20illegal%20insider%20trading%2C%20legal%20proceedings%2C%20technology%2C%20technology%20issues%2C%20hacking%2C%20government%20regulations%2C%20business%2C%20industrial%20products%20and%20services%2C%20aerospace%20and%20defense%20industry%2C%20fraud%20and%20false%20statements%2C%20international%20relations%2C%20law%20and%20order%2C%20general%20news%2C%20crime%2C%20government%20and%20politics%22%7D/rt=ifr

Request Chain 77

• https://www.bakersfield.com/tncms/tracking/tncms-dmp/audience-extraction/?d=%7B%22name%22%3A%22client%22%2C%22value%22%3A9613%7D&i=1642594566921, HTTP 302
• https://www.bakersfield.com/_services/v1/client_captcha/challenge?request=X2xiX3JhdGVfZm9yZWlnbjpMM1J1WTIxekwzUnlZV05yYVc1bkwzUnVZMjF6TFdSdGNDOWhkV1JwWlc1alpTMWxlSFJ5WVdOMGFXOXVMejlrUFNVM1FpVXlNbTVoYldVbE1qSWxNMEVsTWpKamJHbGxiblFsTWpJbE1rTWxNakoyWVd4MVpTVXlNaVV6UVRrMk1UTWxOMFFtYVQweE5qUXlOVGswTlRZMk9USXhMQToxNjQyNTk0NTY4OjB4NmMyNDQxODc4NWViMTAzNGFjOGNmNmFjMTliNjYyNTg2MWMwMTUyOQ

Request Chain 106

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 124

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 141

• https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
• https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1

Request Chain 143

• https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEFGQTk4MjQtQTAxNi00NzZDLTk2REItQTQ4OTRBRDUzRUIz&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D4AFA9824-A016-476C-96DB-A4894AD53EB3 HTTP 302
• https://router.infolinks.com/dyn/pbm-usync?uid=4AFA9824-A016-476C-96DB-A4894AD53EB3

Request Chain 144

• https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
• https://router.infolinks.com/dyn/apn-usync?user_id=8446383489359143324

Request Chain 146

• https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
• https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
• https://router.infolinks.com/dyn/VR-usync?uid=y-G7GNS11E2uHfdfFESh9rARXxO9dWb0slpg5lqKk-~A

Request Chain 147

• https://sync.1rx.io/usersync2/infolinks HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3942526635 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3942526635 HTTP 302
• https://sync.1rx.io/usersync/tradedesk/46205c47-64ce-4424-8aad-5cdfbafb009a HTTP 302
• https://sync.targeting.unrulymedia.com/csync/RX-db85f070-edf0-4178-8e40-b4f34c427f16-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-db85f070-edf0-4178-8e40-b4f34c427f16-003 HTTP 302
• https://router.infolinks.com/dyn/r1-usync?uid=RX-db85f070-edf0-4178-8e40-b4f34c427f16-003

Request Chain 148

• https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ HTTP 302
• https://router.infolinks.com/dyn/zmn-usync?uid=

Request Chain 150

• https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.bakersfield.com%252Fap%252Fnational%252Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%252Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&pid=12306&adnxs_uid=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.bakersfield.com%25252Fap%25252Fnational%25252Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%25252Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
• https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&pid=12306&adnxs_uid=4993086899817109661

Request Chain 152

• https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
• https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 HTTP 302
• https://router.infolinks.com/dyn/imd-usync?user_id=7247d3d2-ac51-45e6-8609-ac691b713a10&partner_id=1531

Request Chain 153

• https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
• https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
• https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP95aae841-7921-11ec-9b45-02d2c8aaa600 HTTP 302
• https://router.infolinks.com/dyn/outh-usync?uid=y-FV8hWiZE2uGVnWgL7qMyOC7Vz2yaL20U~A~UP95aae841-7921-11ec-9b45-02d2c8aaa600

Request Chain 154

• https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D HTTP 302
• https://bh.contextweb.com/bh/rtset?pid=558752&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D1%26uuid%3D%25%25VGUID%25%25 HTTP 302
• https://match.bnmla.com/usersync?dspid=1&uuid=bC4cgOUKQkqz&ev=1&us_privacy=${us_privacy}&pid=558752 HTTP 302
• https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
• https://match.bnmla.com/usersync?dspid=6&uuid=0CEDE81DDB8441E4ADE47A6A6A10938C HTTP 302
• https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D

Request Chain 155

• https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID HTTP 307
• https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true HTTP 307
• https://router.infolinks.com/dyn/sovrn-usync?uid=5458769ddccc5cb59cd1abe1

Request Chain 156

• https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
• https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D4AFA9824-A016-476C-96DB-A4894AD53EB3 HTTP 302
• https://router.infolinks.com/dyn/usersync?pmuservalue=4AFA9824-A016-476C-96DB-A4894AD53EB3

Request Chain 157

• https://p.rfihub.com/cm?pub=43153&in=1 HTTP 302
• https://router.infolinks.com/dyn/zeta-usync?uid=5131077720414870356

Request Chain 168

• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YegBCSTHds4Ux3CnO9mufgAABF0AAAAB HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YegBCSTHds4Ux3CnO9mufgAABF0AAAAB&dcc=t

Request Chain 169

• https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YegBCSTHds4Ux3CnO9mufgAA HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMKvkLQmr5LZRHzyOxLCkOA&google_cver=1&gdpr=1

Request Chain 171

• https://ums.acuityplatform.com/tum?umid=8 HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=641189475758

Request Chain 172

• https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2b03d1d3-6f7c-4d30-a4ed-d4078147f6f7

Request Chain 173

• https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
• https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=72b36667-a558-4888-a443-79381ce96f54&expiration=1674130569

Request Chain 182

• https://pixel.tapad.com/idsync/ex/receive?partner_device_id=9dc9fcce-03de-4ee3-8b76-5040fedebb33=&partner_id=3337 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=9dc9fcce-03de-4ee3-8b76-5040fedebb33=&partner_id=3337

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
7 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Show response www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/	262 KB 53 KB	1005ms 628ms	Document text/html	192.104.183.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 192.104.183.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.newyork1.vip.townnews.com Software / Resource Hash b6d38fed0cdb17c1584ed0ba2ee9784b47de91210b14ca11f8936d7c905ac0fb Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-type text/html; charset=UTF-8 x-loop 1 referrer-policy strict-origin-when-cross-origin cache-control public, max-age=300 last-modified Tue, 04 Jan 2022 09:31:16 GMT x-robots-tag unavailable_after: Thursday, 03-Feb-22 09:00:00 Z noarchive x-ua-compatible IE=edge link <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.394adeeb6831ca20cb80bc3489a2f345.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script x-tncms 1.60.5; app14; 0.41s; 5M x-frame-options SAMEORIGIN x-content-type-options nosniff x-xss-protection 1; mode=block etag W/70c5f4f2934f54cdb637e4473c0b1db8 content-encoding gzip vary X-IPCountry, Accept-Encoding age 0 x-vcache MISS accept-ranges bytes content-length 51744
GET H2	200	jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/	98 KB 34 KB	166ms 79ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 12152523 cf-ray 6cfffe08cd2d54db-MAN last-modified Wed, 07 Jul 2021 20:09:22 GMT x-vcache MISS server cloudflare etag W/"60e609f2-1882c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Wed, 31 Aug 2022 19:01:16 GMT
GET H2	200	user.js Show response www.bakersfield.com/shared-content/art/tncms/user/	11 KB 4 KB	89ms 88ms	Script application/x-javascript	192.104.183.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://www.bakersfield.com/shared-content/art/tncms/user/user.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 192.104.183.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.newyork1.vip.townnews.com Software / Resource Hash 9476713709bfb2efbef10bee7267250bd6ef908f0f31927fc3f55d0d801a60d5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:13:23 GMT content-encoding gzip last-modified Thu, 06 Jan 2022 21:42:24 GMT age 162 etag W/"61d76240-2b02" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=600 x-vcache HIT accept-ranges bytes content-length 3994 service-worker-allowed /
GET H2	200	bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/	39 KB 11 KB	145ms 59ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 17019811 cf-ray 6cfffe08cd2f54db-MAN last-modified Fri, 06 Sep 2019 14:16:03 GMT x-vcache MISS server cloudflare etag W/"5d726a23-9bd8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Wed, 25 May 2022 06:41:49 GMT
GET H2	200	common.08a61544f369cc43bf02e71b2d10d49f.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/	32 KB 12 KB	149ms 62ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 576053 cf-ray 6cfffe08ed5e54db-MAN last-modified Wed, 05 May 2021 20:06:42 GMT x-vcache MISS server cloudflare etag W/"6092fad2-8154" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Wed, 11 May 2022 19:01:18 GMT
GET H2	200	tnt.394adeeb6831ca20cb80bc3489a2f345.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/	9 KB 3 KB	171ms 85ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.394adeeb6831ca20cb80bc3489a2f345.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a769d4bf461200d7c95adb57e300810ce0c5e61951f031755e91aad1329c4691 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 576053 cf-ray 6cfffe08ed6054db-MAN last-modified Tue, 04 Jan 2022 21:06:17 GMT x-vcache MISS server cloudflare etag W/"61d4b6c9-25b9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Thu, 05 Jan 2023 20:01:21 GMT
GET H2	200	application.cb897187c4718280fd69d2e6d6c3909d.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/	4 KB 2 KB	137ms 52ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 17019811 cf-ray 6cfffe08cd3054db-MAN last-modified Wed, 05 May 2021 20:06:24 GMT x-vcache MISS server cloudflare etag W/"6092fac0-104a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Wed, 25 May 2022 06:41:51 GMT
GET H2	200	tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/	2 KB 975 B	142ms 56ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 16986489 cf-ray 6cfffe08cd3254db-MAN last-modified Tue, 06 Jul 2021 13:05:12 GMT x-vcache HIT server cloudflare etag W/"60e45508-9ae" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Wed, 06 Jul 2022 19:01:24 GMT
GET H2	200	bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/	107 KB 18 KB	146ms 77ms	Stylesheet text/css	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 1177198 cf-ray 6cfffe08cd2654db-MAN last-modified Tue, 04 Jan 2022 21:06:09 GMT x-vcache MISS server cloudflare etag W/"61d4b6c1-1ab8e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Thu, 05 Jan 2023 20:01:21 GMT
GET H2	200	layout.2ce6292643f5129895871a2478a4614d.css bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/	150 KB 27 KB	118ms 48ms	Stylesheet text/css	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.2ce6292643f5129895871a2478a4614d.css Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5893bd080d50d15706acc7a4a216160ed89641c7f7ef286418a57ca2d684d744 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 1177198 cf-ray 6cfffe08cd2a54db-MAN last-modified Tue, 04 Jan 2022 21:07:22 GMT x-vcache MISS server cloudflare etag W/"61d4b70a-25797" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Thu, 05 Jan 2023 20:01:21 GMT
GET H2	200	theme-basic.feb84265ed22ec1b578ffb91ddb31be4.css bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/	41 KB 8 KB	126ms 57ms	Stylesheet text/css	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/styles/theme-basic.feb84265ed22ec1b578ffb91ddb31be4.css Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3290a47b7591b700d705708ab09b138f5fb9d337e5546e92c33a5c2a9af7f4ad Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 1177198 cf-ray 6cfffe08cd2b54db-MAN last-modified Tue, 04 Jan 2022 21:07:35 GMT x-vcache MISS server cloudflare etag W/"61d4b717-a330" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Thu, 05 Jan 2023 20:01:21 GMT
GET H2	200	cc.js Show response tags.crwdcntrl.net/c/13855/	38 KB 11 KB	38ms 8ms	Script application/json	65.9.58.60 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/c/13855/cc.js?ns=_cc13855 Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.60 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-58-60.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 57ef78316a4d7fc739e9680ed7067e21563c455b340b3c389347831d1bc20d79 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 06:20:18 GMT content-encoding gzip etag W/"82d0ea8f859c2b8ae008d794a4f300f4" last-modified Tue, 15 Dec 2020 17:01:11 GMT server AmazonS3 age 21514 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/json via 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop FRA56-C1 x-amz-cf-id f_2JR1qVyqF-0Sp1UaUuAgTDdRKo75Culo-TPcQyM3GYeNICEycRsQ==
GET H2	200	access.js Show response www.bakersfield.com/shared-content/art/tncms/api/	86 KB 34 KB	90ms 90ms	Script application/x-javascript	192.104.183.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://www.bakersfield.com/shared-content/art/tncms/api/access.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 192.104.183.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.newyork1.vip.townnews.com Software / Resource Hash b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de Request headers Referer https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Origin https://www.bakersfield.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:11:45 GMT content-encoding gzip last-modified Thu, 09 Dec 2021 21:16:30 GMT age 261 etag W/"61b2722e-15686" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=600 x-vcache HIT accept-ranges bytes content-length 34923 service-worker-allowed /
GET H2	200	user-controls.578df3df79d812af55ab13bae47f9857.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/	532 B 454 B	42ms 39ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 17019810 cf-ray 6cfffe09aec354db-MAN last-modified Wed, 05 May 2021 20:06:25 GMT x-vcache MISS server cloudflare etag W/"6092fac1-214" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Wed, 25 May 2022 06:41:53 GMT
GET H2	200	op.js Show response tagan.adlightning.com/townnews/	44 KB 18 KB	45ms 10ms	Script application/javascript	18.66.139.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/townnews/op.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-110.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 5836d865eacff3565d333b5111b7b6f2988c9389f6fd58cebeaa3fcda1c78a91 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-version-id PT0f6rhOS1fH45IgWL3blu8LtJGoK1gp content-encoding gzip etag "4705b9e33f7ff70907c6554fdfed6945" age 2549 x-cache Hit from cloudfront content-length 18355 x-amz-meta-git_commit 7b120a5 last-modified Wed, 19 Jan 2022 07:32:59 GMT server AmazonS3 date Wed, 19 Jan 2022 11:33:40 GMT content-type application/javascript via 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop FRA60-P4 accept-ranges bytes x-amz-cf-id 3t6pb7UOnhRCsf2OHtgq7cSv_BZanA40tiqABVOqkI27a0VUI-wj4g==
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	78 KB 27 KB	56ms 32ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash 7ca9b311fb6c27a8056fd9efaa83a57c9d41ebe04cf49d8857920b9645f709fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26992 x-xss-protection 0 server sffe etag "1106 / 16 of 1000 / last-modified: 1642594075" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Wed, 19 Jan 2022 12:16:06 GMT
GET H2	200	tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/	4 KB 2 KB	39ms 37ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c1f33558d1045531b408a422d50e71ad01b0b33984d74d6a3a06d97e4cfd3d81 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 4992024 cf-ray 6cfffe09aec454db-MAN last-modified Fri, 19 Nov 2021 15:27:22 GMT x-vcache MISS server cloudflare etag W/"6197c25a-1151" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Tue, 22 Nov 2022 16:01:32 GMT
GET H2	200	sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/	1 KB 973 B	41ms 38ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/sms-link.8eefede3265fd6c6de07bc0cb5f3f779.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9180a94ecd3d5f93f0fb9fcd95a68ec3a9e1decce55694bfb9e5ce6281bdd672 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 23419414 cf-ray 6cfffe09aec654db-MAN last-modified Mon, 16 Nov 2020 16:04:54 GMT x-vcache MISS server cloudflare etag W/"5fb2a326-5b2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Sat, 20 Nov 2021 08:54:24 GMT
GET H2	200	tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/	200 B 278 B	129ms 60ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 17019810 cf-ray 6cfffe08cd3354db-MAN last-modified Fri, 16 Apr 2021 14:04:15 GMT x-vcache MISS server cloudflare etag W/"6079995f-c8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Sat, 23 Apr 2022 12:00:22 GMT
GET H2	200	tracking.js Show response www.bakersfield.com/shared-content/art/tncms/	3 KB 1 KB	87ms 87ms	Script application/x-javascript	192.104.183.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://www.bakersfield.com/shared-content/art/tncms/tracking.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 192.104.183.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.newyork1.vip.townnews.com Software / Resource Hash 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:11:44 GMT content-encoding gzip last-modified Thu, 06 Jan 2022 21:42:24 GMT age 261 etag W/"61d76240-a4b" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=600 x-vcache HIT accept-ranges bytes content-length 1149 service-worker-allowed /
GET H2	200	fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/	253 KB 91 KB	61ms 59ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 12152523 cf-ray 6cfffe09aec854db-MAN last-modified Wed, 25 Aug 2021 16:36:45 GMT x-vcache MISS server cloudflare etag W/"6126719d-3f553" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Wed, 31 Aug 2022 19:01:16 GMT
GET H/1.1	200 OK	load.js Show response s.ntv.io/serve/	389 KB 113 KB	144ms 46ms	Script application/x-javascript	104.108.145.83 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s.ntv.io/serve/load.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.108.145.83 Berlin, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-145-83.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash e43093c06c8f9c7b919924e29e95936ea776f462adf4c1a7bb8b8714f3907d21 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Date Wed, 19 Jan 2022 12:16:06 GMT Content-Encoding gzip x-amz-request-id 47Z8VAPKNCEFVWHX x-amz-server-side-encryption AES256 Transfer-Encoding chunked Connection keep-alive, Transfer-Encoding x-amz-id-2 6UPKFjR9GVialReSc12Whq3+/eXagyTPg4DNMkAtysGBWAmA51c2FP0SXYvvB1FgCqFBhpv4DO8= Last-Modified Thu, 13 Jan 2022 19:51:28 GMT Server AmazonS3 ETag "62f0fc828fa7fc16f48e5d93db315540" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/x-javascript Access-Control-Allow-Origin * Cache-Control public, max-age=3600 Accept-Ranges bytes Access-Control-Allow-Headers *
GET H2	200	tracker.js Show response www.bakersfield.com/shared-content/art/stats/common/	9 KB 3 KB	88ms 88ms	Script application/x-javascript	192.104.183.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://www.bakersfield.com/shared-content/art/stats/common/tracker.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 192.104.183.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.newyork1.vip.townnews.com Software / Resource Hash d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:11:43 GMT content-encoding gzip last-modified Thu, 08 Jul 2021 16:46:36 GMT age 263 etag W/"60e72bec-2200" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=600 x-vcache HIT accept-ranges bytes content-length 3224 service-worker-allowed /
GET H2	200	frontpage-large.jpg frontpages.bakersfieldcdn.com/TBC/	260 KB 261 KB	137ms 41ms	Image image/jpeg	172.67.133.146 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://frontpages.bakersfieldcdn.com/TBC/frontpage-large.jpg Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.133.146 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa240f90a41974ce5a0965e25d5f8f2d790df912da5b7689094fcf31f161b90b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT cf-cache-status HIT last-modified Wed, 19 Jan 2022 08:30:31 GMT server cloudflare age 3763 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skTP46Wuw8J29gKPjuaVf3q20Uyc4Tk9cTEC91ppBGw03NtWQePQ8%2Fy6UcvjNvhzMq%2FBmadx%2BL74CmiVocFbPQSSjynNSXQYSwgmpMWkdpdFLMYwu25hLC1HlkEY0SfiC6WWvR9%2BMGhbxi32h7vf%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=7200 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6cfffe0a48d67a55-DUS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 265929
GET H2	200	asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/	941 B 487 B	43ms 42ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/asset-edit.60e8e67e04be1194326dcfbe7f00b8c3.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a65fab80371f3ad4c16be0cf8ae8d6542553bb33564b80748ebca97cb615d08 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 17019810 cf-ray 6cfffe096e5054db-MAN last-modified Wed, 05 May 2021 20:06:23 GMT x-vcache MISS server cloudflare etag W/"6092fabf-3ad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Wed, 25 May 2022 06:41:52 GMT
GET H2	200	tnt.ads.core.fa820af8c4b7651b60faff4dca7ed722.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/	11 KB 4 KB	48ms 45ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.core.fa820af8c4b7651b60faff4dca7ed722.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 69c1ad804d66f46498c27b981ba3ab3ec1be2e41db1dfb2d309a5a3994c6e741 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 6800935 cf-ray 6cfffe09aebc54db-MAN last-modified Fri, 29 Oct 2021 16:42:08 GMT x-vcache HIT server cloudflare etag W/"617c2460-2d89" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Tue, 01 Nov 2022 19:01:41 GMT
GET H2	200	withinviewport.1f94ee79a22e6ee8e9c0bb61dec9999b.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/	2 KB 1 KB	72ms 69ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/withinviewport.1f94ee79a22e6ee8e9c0bb61dec9999b.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34fc4e7529fac73aeaa0c93e5d6c40dcf6dc896aa0df459fac69542fb8a2a547 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 17019810 cf-ray 6cfffe09aebe54db-MAN last-modified Wed, 05 May 2021 20:06:39 GMT x-vcache MISS server cloudflare etag W/"6092facf-9c5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Wed, 25 May 2022 06:41:53 GMT
GET H2	200	jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/	1 KB 467 B	41ms 38ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.withinviewport.6ef0fee1774e9b313c264a5736522e35.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef363fc8d14e4cdfc401792ea044108d84aa709594566611808f8e5aa0779c4c Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 138990 cf-ray 6cfffe09aebf54db-MAN last-modified Fri, 16 Apr 2021 14:03:39 GMT x-vcache MISS server cloudflare etag W/"6079993b-591" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Sat, 23 Apr 2022 08:47:06 GMT
GET H2	200	jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/	976 B 541 B	47ms 44ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/jquery.scrollstop.934c2bd4d6bebe0494bcb9dd4b1b6ca1.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d06b0e662cfd11cf87c4c75d9a1c22bb7f710d0d1b9c6d5dfc099e52672a4246 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 17019810 cf-ray 6cfffe09aec054db-MAN last-modified Wed, 05 May 2021 20:06:41 GMT x-vcache MISS server cloudflare etag W/"6092fad1-3d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Tue, 24 May 2022 10:37:40 GMT
GET H2	200	tnt.regions.54d9f15b0d238de6bb20ec82ed8307ac.js Show response bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/	3 KB 1 KB	47ms 44ms	Script application/x-javascript	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.regions.54d9f15b0d238de6bb20ec82ed8307ac.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc168c638e5100e78d92f788ab0e1119353fb2cff24ccbbabd5fced1b9af4b8b Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cf-cache-status HIT age 23419414 cf-ray 6cfffe09aec154db-MAN last-modified Fri, 23 Oct 2020 13:08:13 GMT x-vcache MISS server cloudflare etag W/"5f92d5bd-cd5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 x-robots-tag noarchive expires Thu, 04 Nov 2021 06:16:01 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	182 KB 61 KB	47ms 24ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4a0c95652f32fa0b1a9ef7184bc017126b09074d8a0c1f348c6bf497c4bc7c7e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 62142 x-xss-protection 0 last-modified Wed, 19 Jan 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 19 Jan 2022 12:16:06 GMT
GET H2	200	b-7b120a5-e6d21384.js Show response tagan.adlightning.com/townnews/	73 KB 28 KB	9ms 8ms	Script application/javascript	18.66.139.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-110.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 02 Sep 2021 05:53:24 GMT content-encoding gzip age 12032563 x-cache Hit from cloudfront content-length 28181 x-amz-meta-git_commit 7b120a5 last-modified Tue, 03 Aug 2021 18:05:42 GMT server AmazonS3 etag "1bd25d5a0b3f617a7b96bfd3148d7cb9" x-amz-version-id TCazak92uXLsB7S2fwnGUUKnJeDNkgd8 via 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 accept-ranges bytes content-type application/javascript x-amz-cf-id AxyOHEUVHZ8-VtlcyMLdzYfq8YC-Qtv-wGZNmTSmdeOQkbDn8YiNgg==
GET H2	200	bl-0af0356-cb23639b.js Show response tagan.adlightning.com/townnews/	51 KB 22 KB	13ms 11ms	Script application/javascript	18.66.139.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/townnews/bl-0af0356-cb23639b.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-110.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 915205860aab296908c039c7e046d556bed52faf0398badefba5999f3bfbdb32 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 07:33:17 GMT content-encoding gzip age 16970 x-cache Hit from cloudfront content-length 21985 x-amz-meta-git_commit 0af0356 last-modified Wed, 19 Jan 2022 07:32:05 GMT server AmazonS3 etag "ada8709e985460354103d6a31d991056" x-amz-version-id xsKCQkEi45s2.HLaOGHIny8r9Fqndf_H via 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 accept-ranges bytes content-type application/javascript x-amz-cf-id xv5IbUe31Ax87VxzIZHVZSUmWNFNR4XeS5dlP3mlXp7gyHXU11OG7Q==
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	134 KB 36 KB	62ms 12ms	Script application/javascript	65.9.71.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.173 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-173.fra56.r.cloudfront.net Software Server / Resource Hash c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-version-id SKwQUYZY6s9wJPymt5_yhNbSVWOe2iBW content-encoding gzip etag 8d3665a9b316600491247ca6d78c204c age 363 x-cache Hit from cloudfront server Server x-amz-rid 04J58FA60NARH97J5MZN date Wed, 19 Jan 2022 12:10:05 GMT vary Accept-Encoding content-type application/javascript via 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront) cache-control public, max-age=900 x-amz-cf-pop FRA56-C1 accept-ranges bytes timing-allow-origin * x-amz-cf-id pcQ9-zpGv-RdiQ74oYmL-eaUdBhRVyiMMkBxXXZ1ISOw8MrQwZv2HA==
GET H2	200	tracker.gif www.bakersfield.com/shared-content/art/stats/common/	0 145 B	87ms 87ms	Image image/gif	192.104.183.109 LEE-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.bakersfield.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=164259456665016001200959501619205&tnms_dt=US%20catches%20Kremlin%20insider%20who%20may%20have%20secrets%20of%202016%20hack%20%7C%20National%20%7C%20bakersfield.com&tnms_upage=1&tnms_do=www.bakersfield.com&tnms_uri=/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&tnms_ref=&rt=1642594566655 Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 192.104.183.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.newyork1.vip.townnews.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT last-modified Thu, 16 Oct 2008 20:11:25 GMT age 0 etag "48f79fed-0" x-vcache MISS content-type image/gif cache-control no-cache, no-store accept-ranges bytes content-length 0
GET DATA	200 OK	truncated /	73 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	search.png www.bakersfield.com/content/tncms/live/global/resources/images/	3 KB 3 KB	89ms 88ms	Image image/png	192.104.183.109 LEE-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.bakersfield.com/content/tncms/live/global/resources/images/search.png Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 192.104.183.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.newyork1.vip.townnews.com Software / Resource Hash 40893d56a579b814e6c51f7098be60ac66ad21673bb00d25cf47dc132f285c01 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:15:23 GMT last-modified Tue, 28 Apr 2020 11:57:39 GMT age 42 etag "5ea81a33-d12" x-vcache HIT content-type image/png cache-control public, max-age=600 accept-ranges bytes content-length 3346
GET H2	200	f0515b1c-2667-11e9-9777-53bcf85f57d3.png bloximages.newyork1.vip.townnews.com/bakersfield.com/content/tncms/custom/image/	6 KB 6 KB	50ms 50ms	Image image/webp	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/content/tncms/custom/image/f0515b1c-2667-11e9-9777-53bcf85f57d3.png Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b32b92b76404212b728512339583c219599fe5f1492ddf2f5393a143f235808 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:06 GMT vary Accept cf-cache-status HIT age 531198 cf-polished origFmt=png, origSize=11786 last-modified Fri, 01 Feb 2019 21:25:46 GMT content-disposition inline; filename="f0515b1c-2667-11e9-9777-53bcf85f57d3.webp" content-length 6086 x-robots-tag noarchive x-vcache MISS server cloudflare etag "5c54b95a-2e0a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type image/webp access-control-allow-origin * expires Fri, 09 Dec 2022 18:14:51 GMT cache-control public, max-age=31536000 accept-ranges bytes cf-ray 6cfffe09df3854db-MAN cf-bgj imgq:85,h2pri
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 541df9709e639a31e400f0b9d0255d2b096ec4cefefe496c38450b96f6e7ff0e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	var=tncms_aud Show response ad.crwdcntrl.net/5/c=9613/pe=y/	73 B 308 B	108ms 29ms	Script application/javascript	54.229.233.249 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ad.crwdcntrl.net/5/c=9613/pe=y/var=tncms_aud Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.229.233.249 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-229-233-249.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 021ad1922ab3b6e1d8da0ddb300425284daf76bab7c60e61451f42fb5fe3bc80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:07 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.1.124 content-type application/javascript;charset=utf-8 content-length 73 expires 0
GET H2	200	/ Show response www.bakersfield.com/tncms/search/mlt/	19 KB 7 KB	148ms 148ms	XHR application/json	192.104.183.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://www.bakersfield.com/tncms/search/mlt/?origin=a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2&app=editorial&preview=1&type=article%2Ccollection%2Cvideo%2Cyoutube Requested by Host: bloximages.newyork1.vip.townnews.com URL: https://bloximages.newyork1.vip.townnews.com/bakersfield.com/shared-content/art/tncms/templates/libraries/flex/components/asset/resources/scripts/tnt.nextPrev.283bfb49ef55c073fceda15ffbf58de8.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 192.104.183.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.newyork1.vip.townnews.com Software / Resource Hash 06224f1542c54d2ce3b563806a462ddec5b3c38fe29fadaf49ba6799e2315625 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:07 GMT content-encoding gzip x-content-type-options nosniff age 0 last-modified Tue, 04 Jan 2022 09:31:16 GMT content-length 6579 x-xss-protection 1; mode=block x-loop 1 referrer-policy strict-origin-when-cross-origin x-vcache MISS x-frame-options SAMEORIGIN etag W/4e0adfa02cc467ff93fbff660f6bd694 vary X-IPCountry, Accept-Encoding content-type application/json; charset=UTF-8 x-tncms 1.60.5; app1; 0.05s; 3.1M cache-control public, max-age=300 accept-ranges bytes x-robots-tag noarchive
GET H2	200	pubads_impl_2022011002.js Show response securepubads.g.doubleclick.net/gpt/	352 KB 118 KB	19ms 18ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software sffe / Resource Hash e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:12:58 GMT content-encoding gzip x-content-type-options nosniff age 188 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 121009 x-xss-protection 0 last-modified Mon, 10 Jan 2022 21:10:00 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Thu, 19 Jan 2023 12:12:58 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	119 B 125 B	46ms 17ms	XHR application/json	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bakersfield.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash cef738d02dfb5865cdef2c5cdc2ba7e991c3e593ea993d21eb4c4f4ad008156c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 19 Jan 2022 12:16:06 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0 expires Wed, 19 Jan 2022 12:16:06 GMT
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	57 B 417 B	22ms 21ms	XHR application/json	65.9.71.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.bakersfield.com&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.173 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-173.fra56.r.cloudfront.net Software Server / Resource Hash 8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 08:45:19 GMT via 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront) server Server age 12647 x-cache Hit from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://www.bakersfield.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 content-length 57 x-amz-cf-id 7S3EjrYFg8015Bhk44vzdlcEPAes3jNQIujXbZd3MJXg9Q7JO9KlGA==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	37ms 8ms	XHR application/javascript	65.9.71.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.173 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-173.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 07:37:55 GMT content-encoding gzip vary Accept-Encoding,Origin age 16692 x-cache Hit from cloudfront access-control-allow-origin * last-modified Wed, 22 Dec 2021 01:41:37 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET x-amz-version-id L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96 via 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop FRA56-C1 content-type application/javascript x-amz-cf-id oixdr-bi6f89eOLQCCLcfipAroxvjnSh_Jce_TawATkZXjM5SYRxBQ==
GET H2	200	t Show response jadserve.postrelease.com/	2 KB 1 KB	361ms 161ms	Script text/javascript	54.226.129.154 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&ntv_mvi Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.226.129.154 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-226-129-154.compute-1.amazonaws.com Software nginx/1.12.1 / Resource Hash 9a9e484af84bf53ab9931337b95a0e580481c585fe9a8ffd3fb9a7295218ca24 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:07 GMT content-encoding gzip server nginx/1.12.1 p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-type text/javascript;charset=UTF-8 content-length 922 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H2	200	61b3f934c4fb2.preview.jpg bloximages.newyork1.vip.townnews.com/bakersfield.com/content/tncms/assets/v3/editorial/5/09/509e83a4-5a1e-11ec-b6f1-2bd4d0fa25c8/	3 KB 3 KB	40ms 39ms	Image image/webp	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/content/tncms/assets/v3/editorial/5/09/509e83a4-5a1e-11ec-b6f1-2bd4d0fa25c8/61b3f934c4fb2.preview.jpg?resize=150%2C84 Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 677773c156569506432778a5d9aae623841cc8240c9a6601e0e6ac8986552f5a Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:07 GMT vary Accept cf-cache-status HIT age 41481 cf-polished qual=85, origFmt=jpeg, origSize=3128 last-modified Sat, 11 Dec 2021 01:04:52 GMT content-disposition inline; filename="61b3f934c4fb2.webp" x-robots-tag noarchive x-vcache MISS server cloudflare etag "4ac59b9fdbbdf81927c0ffeb21a1c544" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type image/webp access-control-allow-origin * expires Thu, 12 Jan 2023 18:25:45 GMT cache-control public, max-age=31536000 cf-ray 6cfffe0bba5f54db-MAN cf-bgj imgq:85,h2pri
GET H2	200	60a42d6912c2a.image.jpg bloximages.newyork1.vip.townnews.com/bakersfield.com/content/tncms/assets/v3/editorial/4/0d/40dcd3d4-b81c-11eb-bc1a-bfb59b6ef723/	4 KB 4 KB	46ms 45ms	Image image/jpeg	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/content/tncms/assets/v3/editorial/4/0d/40dcd3d4-b81c-11eb-bc1a-bfb59b6ef723/60a42d6912c2a.image.jpg?resize=150%2C84 Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e01efa1332b0fd4d27e3d38322da88991421b0f13d02acba2fcee79eb30315c Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:07 GMT cf-cache-status HIT age 41481 cf-polished origSize=4129, status=webp_bigger last-modified Tue, 18 May 2021 21:11:07 GMT strict-transport-security max-age=604800 content-length 3991 x-robots-tag noarchive x-vcache MISS server cloudflare etag "feab3caa3bd348825f0f1175276afef6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Sun, 29 May 2022 07:02:25 GMT cache-control public, max-age=31536000 accept-ranges bytes cf-ray 6cfffe0bba6254db-MAN cf-bgj imgq:85,h2pri
GET H2	200	60a42ed42d2a7.image.jpg bloximages.newyork1.vip.townnews.com/bakersfield.com/content/tncms/assets/v3/editorial/d/d4/dd4894be-b81d-11eb-bc2f-8b1178c78e0d/	4 KB 4 KB	44ms 44ms	Image image/jpeg	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/content/tncms/assets/v3/editorial/d/d4/dd4894be-b81d-11eb-bc2f-8b1178c78e0d/60a42ed42d2a7.image.jpg?resize=150%2C84 Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e01efa1332b0fd4d27e3d38322da88991421b0f13d02acba2fcee79eb30315c Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:07 GMT cf-cache-status HIT age 41481 cf-polished origSize=4129, status=webp_bigger last-modified Tue, 18 May 2021 21:17:10 GMT strict-transport-security max-age=604800 content-length 3991 x-robots-tag noarchive x-vcache MISS server cloudflare etag "af1d7786f3795bf1511e8bc0c83fdc8f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Wed, 25 May 2022 06:01:59 GMT cache-control public, max-age=31536000 accept-ranges bytes cf-ray 6cfffe0bba6554db-MAN cf-bgj imgq:85,h2pri
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	28ms 6ms	Script text/javascript	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 4501 date Wed, 19 Jan 2022 11:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 19 Jan 2022 13:01:06 GMT
GET H3	200	gtm.js Show response www.googletagmanager.com/	94 KB 34 KB	31ms 16ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 748f16e3bd8d2ed951ea55394b43f9f42ba40603dce41315b29f9e249d62fae6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:07 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35113 x-xss-protection 0 last-modified Wed, 19 Jan 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 19 Jan 2022 12:16:07 GMT
GET H2	200	/ Show response www.bakersfield.com/tncms/search/recommend/	60 KB 5 KB	340ms 339ms	XHR application/json	192.104.183.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://www.bakersfield.com/tncms/search/recommend/?app=editorial&t=article&inline=summary&preview=1&k=international%20incidents%2Csecurity%20services%2Cdiplomacy%2Csecurity%20products%20and%20services%2Cnational%20governments%2Cmilitary%20legal%20affairs%2Cconsumer%20products%20and%20services%2Cconsumer%20services%2Chospitality%20and%20leisure%20industry%2Chotel%20operators%2Cresort%20hotel%20operators%2Cextradition%2Cdefense%20electronics%20and%20systems%20manufacturing%2Cinformation%20technology%2Ccorporate%20legal%20affairs%2Cindictments%2Cmilitary%20and%20defense%2Cmilitary%20intelligence%2Ccorporate%20news%2Ccorporate%20crime%2Cillegal%20insider%20trading%2Clegal%20proceedings%2Ctechnology%2Ctechnology%20issues%2Chacking%2Cgovernment%20regulations%2Cbusiness%2Cindustrial%20products%20and%20services%2Caerospace%20and%20defense%20industry%2Cfraud%20and%20false%20statements%2Cinternational%20relations%2Claw%20and%20order%2Cgeneral%20news%2Ccrime%2Cgovernment%20and%20politics Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 192.104.183.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.newyork1.vip.townnews.com Software / Resource Hash cf6616509f5310e8e113e8aaf8f25b6bf53ef8996f4d31cf06d827046e2b79b7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:07 GMT content-encoding gzip x-content-type-options nosniff age 0 last-modified Wed, 19 Jan 2022 12:16:07 GMT content-length 4653 x-xss-protection 1; mode=block x-loop 1 referrer-policy strict-origin-when-cross-origin x-vcache MISS x-frame-options SAMEORIGIN etag W/89ab3e72a884d312011484c2fdd62edb vary X-IPCountry, Accept-Encoding content-type application/json; charset=UTF-8 x-tncms 1.60.5; app20; 0.22s; 2.7M cache-control public, max-age=600 accept-ranges bytes x-robots-tag noarchive
POST H2	200	publisher:getClientId Show response ampcid.google.com/v1/	74 B 535 B	55ms 19ms	XHR application/json	2a00:1450:4001:82a::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.bakersfield.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Wed, 19 Jan 2022 12:16:07 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://www.bakersfield.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 94 x-xss-protection 0
GET H2	200	bid Show response c.amazon-adsystem.com/e/dtb/	64 B 536 B	47ms 47ms	XHR text/javascript	65.9.71.173 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&pid=Nkr0QtELasKMG&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1044733%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%221170x90%22%5D%2C%22sn%22%3A%22%2F132916964%2Fbakersfield.com%2Fnews%2Fap%2Fnational%22%7D%2C%7B%22sd%22%3A%22ad-865489%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F132916964%2Fbakersfield.com%2Fnews%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-501660%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F132916964%2Fbakersfield.com%2Fnews%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22ad-933998%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%221170x90%22%5D%2C%22sn%22%3A%22%2F132916964%2Fbakersfield.com%2Fnews%2Fap%2Fnational%22%7D%5D&pubid=e42ec5cd-11f7-4d8a-a91c-74054da9c4cb&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.173 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-71-173.fra56.r.cloudfront.net Software Server / Resource Hash d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:07 GMT via 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront) server Server x-amz-cf-pop FRA56-C1 x-amz-rid AWY45G50D2JNK0P0JKQG vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://www.bakersfield.com access-control-allow-credentials true permissions-policy interest-cohort=() strict-transport-security max-age=47474747; includeSubDomains; preload timing-allow-origin * content-length 64 x-amz-cf-id rFIRlWq7gSSFwrcx0uhryvUrxgTuSv9KDpb8k-H8Rhp5kuO6k3XRqA==
POST H2	200	publisher:getClientId Show response ampcid.google.de/v1/	3 B 464 B	52ms 16ms	XHR application/json	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.bakersfield.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers date Wed, 19 Jan 2022 12:16:07 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF x-frame-options SAMEORIGIN content-type application/json; charset=UTF-8 access-control-allow-origin https://www.bakersfield.com access-control-expose-headers vary,vary,vary,content-encoding,date,server,content-length cache-control private access-control-allow-credentials true vary Origin, X-Origin, Referer content-length 23 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	46ms 17ms	Script application/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.bakersfield.com Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 19 Jan 2022 12:16:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	44ms 22ms	Script application/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.bakersfield.com Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 19 Jan 2022 12:16:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	178 KB 45 KB	772ms 772ms	XHR text/plain	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=448160892968570&correlator=759897046015761&output=ldjh&impl=fifs&eid=44757101%2C44742767&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220119&iu_parts=132916964%2Cbakersfield.com%2Cnews%2Cap%2Cnational%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F5%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250%7C1170x90%2C300x250%2C300x250%2C728x90%7C970x90%7C1170x90&prev_scp=pos%3Dleaderboard-one%2Ctakeover%2Catf%26amznbid%3D2%26amznp%3D2%7Cpos%3Datf%26amznbid%3D2%26amznp%3D2%7Cpos%3Datf%26amznbid%3D2%26amznp%3D2%7Cpos%3Dsticky-anchor%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=browser%3DChrome%26k%3Dinternational%2520incidents%252Csecurity%2520services%252Cdiplomacy%252Csecurity%2520products%2520and%2520services%252Cnational%2520governments%252Cmilitary%2520legal%2520affairs%252Cconsumer%2520products%2520and%2520services%252Cconsumer%2520services%252Chospitality%2520and%2520leisure%2520industry%252Chotel%2520operators%26page%3Dasset%252Carticle%252Capp-editorial&cookie_enabled=1&bc=31&abxe=1&lmt=1641288676&dt=1642594567149&dlt=1642594566424&idt=643&frm=20&biw=1600&bih=1200&oid=2&adxs=230%2C1010%2C1010%2C436&adys=233%2C690%2C1832%2C1110&adks=2559629021%2C2773700724%2C3564270725%2C1067700821&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&vis=1&scr_x=0&scr_y=0&psz=1140x90%7C360x250%7C360x250%7C1600x-1&msz=1140x90%7C360x250%7C360x250%7C1600x-1&ga_vid=1158198447.1642594567&ga_sid=1642594567&ga_hid=791885041&ga_fc=false&fws=4%2C4%2C4%2C516&ohw=1600%2C1600%2C1600%2C1600&btvi=0%7C0%7C1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash 7f47da6fc593f50fd107ff058b1c0a5903aaf81a1228cdb4db361c72d8007350 Security Headers Name Value Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJqTws3lvfUCFQ_ddwodezYKWw&gqi=&layout=/sadbundle/%24csp%253Der3%24/12540294092154453593/index.html X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJqTws3lvfUCFQ_ddwodezYKWw&gqi=&layout=/sadbundle/%24csp%253Der3%24/12540294092154453593/index.html content-encoding br x-content-type-options nosniff google-mediationgroup-id -2,-2 google-creative-id -1,138359214447,-1,138326367924 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45566 x-xss-protection 0 google-lineitem-id -1,5760643597,-1,5504820215 pragma no-cache server cafe google-mediationtag-id -2 date Wed, 19 Jan 2022 12:16:07 GMT content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.bakersfield.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E5B9	6 KB 4 KB	98ms 16ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 date Wed, 19 Jan 2022 12:16:07 GMT expires Thu, 19 Jan 2023 12:16:07 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT x-content-type-options nosniff server sffe x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 442 B	59ms 19ms	XHR text/plain	2a00:1450:400c:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54716522-7&cid=1158198447.1642594567&jid=780142712&gjid=761799531&_gid=939758918.1642594567&_u=YChAgUABAAQCAE~&z=564832836 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.bakersfield.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 19 Jan 2022 12:16:07 GMT content-type text/plain access-control-allow-origin https://www.bakersfield.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	32ms 17ms	XHR text/plain	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=791885041&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&dp=%2Fap%2Fnational%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&ul=en-us&de=UTF-8&dt=US%20catches%20Kremlin%20insider%20who%20may%20have%20secrets%20of%202016%20hack%20%7C%20National%20%7C%20bakersfield.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCjAAUABAAQCAG~&jid=2139394800&gjid=172283257&cid=1158198447.1642594567&tid=UA-273259-9&_gid=939758918.1642594567&_r=1&gtm=2wg1c0PDQV3N&z=1590599244 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.bakersfield.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:07 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.bakersfield.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	21ms 7ms	Image image/gif	2a00:1450:4001:82b::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=791885041&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&dp=%2Fap%2Fnational%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&ul=en-us&de=UTF-8&dt=US%20catches%20Kremlin%20insider%20who%20may%20have%20secrets%20of%202016%20hack%20%7C%20National%20%7C%20bakersfield.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChAgUABAAQC~&jid=780142712&gjid=761799531&cid=1158198447.1642594567&tid=UA-54716522-7&_gid=939758918.1642594567&gtm=2wg1c0PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=http%3A%2F%2Ftribunecontentagency.com&cd15=3.155.0&cd16=false&cd17=Page%20View&cd20=a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2&cm1=403&z=742880247 Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 01:18:59 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 39428 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 67 B	20ms 19ms	XHR text/plain	2a00:1450:400c:c06::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-273259-9&cid=1158198447.1642594567&jid=2139394800&gjid=172283257&_gid=939758918.1642594567&_u=YCjAAUABAAQCAG~&z=2090197010 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.bakersfield.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 19 Jan 2022 12:16:07 GMT content-type text/plain access-control-allow-origin https://www.bakersfield.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	moatcontent.js Show response z.moatads.com/nativonielsen548znrb18/	167 KB 55 KB	78ms 23ms	Script application/x-javascript	104.108.145.172 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=15262 Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-145-172.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:07 GMT content-encoding gzip last-modified Mon, 24 Aug 2020 17:04:05 GMT server AmazonS3 x-amz-request-id BY4M2YBSDS5X7T3W etag "774acff2cee5852cdfc3fd8471cb2667" vary Accept-Encoding content-type application/x-javascript cache-control max-age=22013 accept-ranges bytes content-length 55696 x-amz-id-2 uhu3Q/9rVotIX9kSOgiT4CjFxsI593sftCVvbksutv+D9hdZe1kSQBM8GAPntCptb01sAz33QLM=
GET H2	200	trk.gif jadserve.postrelease.com/	43 B 427 B	101ms 100ms	Image image/gif	54.226.129.154 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=8218909&ntv_pl=1117612 Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.226.129.154 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-226-129-154.compute-1.amazonaws.com Software nginx/1.12.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:07 GMT server nginx/1.12.1 p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-type image/gif content-length 43 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H2	200	trk.gif jadserve.postrelease.com/	43 B 427 B	100ms 100ms	Image image/gif	54.226.129.154 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://jadserve.postrelease.com/trk.gif?ntv_ui=3a85d289-13bb-44f6-94cf-13c678b1ed50&ntv_fl=CF4se3gYGjAPzQcMJoAeWT_-yKADDDFA6Db_Rh1seXqL9ewL-LJrNGSg7u8x5_P4mw_dj2HXJdGTAeP5I1WMPXRq1YMajDhSGInqr-asGu9uN9M3Gjwg60BJIe-eA_4X_wBtzQef2bhH9C-T7A34GXcLJJNp7EZC94Cw_xeAHVXgdykRQgP9-GQdSLYPnsGxqi4vvZd-335Mwu0j5r7368hLq5gLKRDCGxAmqLtKulrah_aUbf_gXLxPiDE-hSqphbMFTHCxf9tkQMm181NTrrI1h6E_sIQxJWQjIRo2mbzaphhnT2R_XRfaMl8S9q4m&ntv_ht=BwHoYQA&ntv_at=303,302&ntv_a=AAAAAAAAAArA0RA&ord=1642594567344&ntv_dpl=1007&ntv_it Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.226.129.154 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-226-129-154.compute-1.amazonaws.com Software nginx/1.12.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:07 GMT server nginx/1.12.1 p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-type image/gif content-length 43 expires Mon, 1 Jan 1990 12:00:00 GMT
GET H2	200	gdprConsent jadserve.postrelease.com/	43 B 427 B	101ms 101ms	Image image/gif	54.226.129.154 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://jadserve.postrelease.com/gdprConsent?ntv_pl=1117612&ntv_gdpr_consent=&ntv_it Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.226.129.154 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-226-129-154.compute-1.amazonaws.com Software nginx/1.12.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:07 GMT server nginx/1.12.1 p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-type image/gif content-length 43 expires Mon, 1 Jan 1990 12:00:00 GMT
GET DATA	200 OK	truncated /	75 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	rt=ifr Show response bcp.crwdcntrl.net/5/ct=y/c=13855/rand=268408619/pv=y/med=flag%3A%20ap/med=geo%3A%20switzerland/med=geo%3A%20geneva/med=geo%3A%20scotland/med=geo%3A%20edinburgh/med=geo%3A%20moscow/med=geo%3A%20nort... Frame E467 Redirect Chain https://bcp.crwdcntrl.net/5/c=13855/rand=268408619/pv=y/med=flag%3A%20ap/med=geo%3A%20switzerland/med=geo%3A%20geneva/med=geo%3A%20scotland/med=geo%3A%20edinburgh/med=geo%3A%20moscow/med=geo%3A%20n... https://bcp.crwdcntrl.net/5/ct=y/c=13855/rand=268408619/pv=y/med=flag%3A%20ap/med=geo%3A%20switzerland/med=geo%3A%20geneva/med=geo%3A%20scotland/med=geo%3A%20edinburgh/med=geo%3A%20moscow/med=geo%3...	163 B 861 B	52ms 52ms	Document text/html	52.215.102.174 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/5/ct=y/c=13855/rand=268408619/pv=y/med=flag%3A%20ap/med=geo%3A%20switzerland/med=geo%3A%20geneva/med=geo%3A%20scotland/med=geo%3A%20edinburgh/med=geo%3A%20moscow/med=geo%3A%20north%20america/med=geo%3A%20united%20states/med=geo%3A%20united%20kingdom/med=geo%3A%20eastern%20europe/med=geo%3A%20russia/med=geo%3A%20europe/med=geo%3A%20western%20europe/med=geo%3A%20france/med=%23OpR%2372333%23Keyword%20%3A%20international%20incidents%2C%20security%20services%2C%20diplomacy%2C%20security%20products%20and%20services%2C%20national%20governments%2C%20military%20legal%20affairs%2C%20consumer%20products%20and%20services%2C%20consumer%20services%2C%20hospitality%20and%20leisure%20industry%2C%20hotel%20operators%2C%20resort%20hotel%20operators%2C%20extradition%2C%20defense%20electronics%20and%20systems%20manufacturing%2C%20information%20technology%2C%20corporate%20legal%20affairs%2C%20indictments%2C%20military%20and%20defense%2C%20military%20intelligence%2C%20corporate%20news%2C%20corporate%20crime%2C%20illegal%20insider%20trading%2C%20legal%20proceedings%2C%20technology%2C%20technology%20issues%2C%20hacking%2C%20government%20regulations%2C%20business%2C%20industrial%20products%20and%20services%2C%20aerospace%20and%20defense%20industry%2C%20fraud%20and%20false%20statements%2C%20international%20relations%2C%20law%20and%20order%2C%20general%20news%2C%20crime%2C%20government%20and%20politics/int=%23OpR%2372332%23Site%20Section%20%3A%20ap/rb=%7B%22meta_tag%22%3A%22international%20incidents%2C%20security%20services%2C%20diplomacy%2C%20security%20products%20and%20services%2C%20national%20governments%2C%20military%20legal%20affairs%2C%20consumer%20products%20and%20services%2C%20consumer%20services%2C%20hospitality%20and%20leisure%20industry%2C%20hotel%20operators%2C%20resort%20hotel%20operators%2C%20extradition%2C%20defense%20electronics%20and%20systems%20manufacturing%2C%20information%20technology%2C%20corporate%20legal%20affairs%2C%20indictments%2C%20military%20and%20defense%2C%20military%20intelligence%2C%20corporate%20news%2C%20corporate%20crime%2C%20illegal%20insider%20trading%2C%20legal%20proceedings%2C%20technology%2C%20technology%20issues%2C%20hacking%2C%20government%20regulations%2C%20business%2C%20industrial%20products%20and%20services%2C%20aerospace%20and%20defense%20industry%2C%20fraud%20and%20false%20statements%2C%20international%20relations%2C%20law%20and%20order%2C%20general%20news%2C%20crime%2C%20government%20and%20politics%22%7D/rt=ifr Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-102-174.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ Response headers date Wed, 19 Jan 2022 12:16:07 GMT content-type text/html;charset=utf-8 content-length 163 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV cache-control no-cache pragma no-cache expires 0 x-server 10.45.25.38 access-control-allow-origin * server Jetty(9.4.38.v20210224) Redirect headers date Wed, 19 Jan 2022 12:16:07 GMT content-length 0 location https://bcp.crwdcntrl.net/5/ct=y/c=13855/rand=268408619/pv=y/med=flag%3A%20ap/med=geo%3A%20switzerland/med=geo%3A%20geneva/med=geo%3A%20scotland/med=geo%3A%20edinburgh/med=geo%3A%20moscow/med=geo%3A%20north%20america/med=geo%3A%20united%20states/med=geo%3A%20united%20kingdom/med=geo%3A%20eastern%20europe/med=geo%3A%20russia/med=geo%3A%20europe/med=geo%3A%20western%20europe/med=geo%3A%20france/med=%23OpR%2372333%23Keyword%20%3A%20international%20incidents%2C%20security%20services%2C%20diplomacy%2C%20security%20products%20and%20services%2C%20national%20governments%2C%20military%20legal%20affairs%2C%20consumer%20products%20and%20services%2C%20consumer%20services%2C%20hospitality%20and%20leisure%20industry%2C%20hotel%20operators%2C%20resort%20hotel%20operators%2C%20extradition%2C%20defense%20electronics%20and%20systems%20manufacturing%2C%20information%20technology%2C%20corporate%20legal%20affairs%2C%20indictments%2C%20military%20and%20defense%2C%20military%20intelligence%2C%20corporate%20news%2C%20corporate%20crime%2C%20illegal%20insider%20trading%2C%20legal%20proceedings%2C%20technology%2C%20technology%20issues%2C%20hacking%2C%20government%20regulations%2C%20business%2C%20industrial%20products%20and%20services%2C%20aerospace%20and%20defense%20industry%2C%20fraud%20and%20false%20statements%2C%20international%20relations%2C%20law%20and%20order%2C%20general%20news%2C%20crime%2C%20government%20and%20politics/int=%23OpR%2372332%23Site%20Section%20%3A%20ap/rb=%7B%22meta_tag%22%3A%22international%20incidents%2C%20security%20services%2C%20diplomacy%2C%20security%20products%20and%20services%2C%20national%20governments%2C%20military%20legal%20affairs%2C%20consumer%20products%20and%20services%2C%20consumer%20services%2C%20hospitality%20and%20leisure%20industry%2C%20hotel%20operators%2C%20resort%20hotel%20operators%2C%20extradition%2C%20defense%20electronics%20and%20systems%20manufacturing%2C%20information%20technology%2C%20corporate%20legal%20affairs%2C%20indictments%2C%20military%20and%20defense%2C%20military%20intelligence%2C%20corporate%20news%2C%20corporate%20crime%2C%20illegal%20insider%20trading%2C%20legal%20proceedings%2C%20technology%2C%20technology%20issues%2C%20hacking%2C%20government%20regulations%2C%20business%2C%20industrial%20products%20and%20services%2C%20aerospace%20and%20defense%20industry%2C%20fraud%20and%20false%20statements%2C%20international%20relations%2C%20law%20and%20order%2C%20general%20news%2C%20crime%2C%20government%20and%20politics%22%7D/rt=ifr p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV cache-control no-cache pragma no-cache expires 0 x-server 10.45.25.66 server Jetty(9.4.38.v20210224)
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	12 KB 9 KB	44ms 21ms	XHR application/json	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5a09bfacd4b7420de44c47363a8b512d8b1c7c8e80f050ec972732f6291895ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 19 Jan 2022 12:16:07 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9179 x-xss-protection 0
GET H2	200	15262 Show response s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/	319 B 610 B	442ms 442ms	Script application/octet-stream	104.108.145.172 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/15262?t=2022019123 Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.108.145.172 Berlin, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-108-145-172.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 07786b759a80a4ee3a638534633126dfc49e07866016f19cc86f7be8683726de Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-amz-version-id Tv1VyrlE1A_6V3OfxnKcbB9VRLvTemno last-modified Wed, 19 Jan 2022 12:01:46 GMT server AmazonS3 x-amz-request-id FX5939C124RFMP9A etag "dc0751fd0d6b6abee48723ea6b2b308d" content-type application/octet-stream date Wed, 19 Jan 2022 12:16:07 GMT accept-ranges bytes content-length 319 x-amz-id-2 LjHRfcYY/ys7hIPFTllj9suR3tD3KE09ZwyMxvGZxr2cw/mphdWMuklmVIb3oQPoLfl3duCpdQU=
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	68ms 47ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 19 Jan 2022 12:16:07 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5FFF	13 KB 5 KB	23ms 6ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5046 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 19 Jan 2022 12:11:34 GMT expires Thu, 19 Jan 2023 12:11:34 GMT cache-control public, max-age=31536000 last-modified Mon, 21 Jun 2021 20:47:05 GMT content-type text/html age 273 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 8A8B	783 B 1 KB	58ms 35ms	Document text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a51df5a47a45a38bf7713309518e5a3c8c83718f1ddf92d2fd0bb135dda9e947 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-LxctWkSqmJDzys7gZa1Lgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Wed, 19 Jan 2022 12:16:07 GMT date Wed, 19 Jan 2022 12:16:07 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-LxctWkSqmJDzys7gZa1Lgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	R1B9DkRZwcDIRZ3R9sqVqoa_rY5Qa04vEjSiPeGSXMQ.js Show response pagead2.googlesyndication.com/bg/ Frame 5FFF	35 KB 13 KB	22ms 7ms	Script text/javascript	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/R1B9DkRZwcDIRZ3R9sqVqoa_rY5Qa04vEjSiPeGSXMQ.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 47507d0e4459c1c0c8459dd1f6ca95aa86bfad8e506b4e2f1234a23de1925cc4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 13 Jan 2022 20:26:05 GMT content-encoding br x-content-type-options nosniff age 489002 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13406 x-xss-protection 0 last-modified Wed, 12 Jan 2022 16:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 13 Jan 2023 20:26:05 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 8A8B	0 0	55ms 55ms	Image text/html	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=448160892968570&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 5FFF	0 9 B	7ms 7ms	Image text/plain	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?62jwzA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:07 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	41ms 41ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=448160892968570&bg=!FxSlFFDNAAZ_DxPPfw87ACkAdvg8Wk4j2jho1P_lfOGav0Y0fjOPkY3A0tCMVjWmOV8D84OhLSvcLAIAAABJUgAAAAJoAQcKACVOLr1A1YtAn5rCFWI3HVMsYje50Fkrw1UyiC5UXbe3lRHCJW_SmQLI0c4r0QT2nGdr9L3noU8F1Uwb-Bcws0LVcQxk5lCDCZsSPswbg38oKJuAlCCkqoLFKv8ktw5Y2QsdUbY3dtg_RFw9uXNygDS0daWvw8_-FCu0TqXz1rhBpp-82t3VE9kiUo6gCcX9Ry9hzJLzy0W3WJoSDTVpXqrd_WCaODIwNQuXc9J_aAK1zW_Xu0xXMacyvkCvsIUg_giw_i4jc1TNuJYQelkoLEDoIOrG97MfURoTzXklbkxoQK1vnkEXcthVdXXldq8k7vyLkbxjoYNhSlJ8PiEvHdDRWdmAcyOktSDOzeiIMRHjmL8gqSy9xwxNT8etLafrr5SnoQTaISnVPvu6SLjuTUsU8ilcWjJGO4a7Noek9gr_qRMU-oP4ZZ4poCQSD4hhNRXOW6p2n-016nKMvLCM4-kce9tZusTqCFpO72YxifN6l1-PJPhukxDjdmEiimL-boq7zagN0o0GsgSBFIdPTmZi5lp1dILgnvNOY1gz30na1lVEBSgRiaTJ2dOh2yB0f6E4PGk128ZZpG3OWDdh5d2HtBvPwIh9SOkLv_VPq4V5vxlDs45kQQgTL-AbUDM7CAc96GOSvdhQt6WymZ60OnORdJgVYqu7DK5aOmj_x8nkgFJmAPyBZ7rDKQFS4uvdhblJouYdgDVvblWBwySHpPIXxQO-G5Ls_TlEt6UcGCICIH4orWjnynkKv8NPqw_1q8V3tEgDjh613a9B-hxmk43WSvB5EigZqbkoPT7lbSj4wqHUGX6LnmN9kE7i5j7nEHVPD4n5Rwzru_nitYZk2Vhslp107GpF5AZ5EVeOhwSJIqrtGIoMgumqJmiX_e_aGDfQp2iw6y8CkJ3RI1ZfQM4O2UhD3H5oqOGmnTzi_efpspTpiEuq1cqbsiOC3xjHJPEUl3vzfOi5ARujpNWy14TZMLKHmkT0Q_lRwbl60NLUHA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:07 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	400	challenge www.bakersfield.com/_services/v1/client_captcha/ Redirect Chain https://www.bakersfield.com/tncms/tracking/tncms-dmp/audience-extraction/?d=%7B%22name%22%3A%22client%22%2C%22value%22%3A9613%7D&i=1642594566921, https://www.bakersfield.com/_services/v1/client_captcha/challenge?request=X2xiX3JhdGVfZm9yZWlnbjpMM1J1WTIxekwzUnlZV05yYVc1bkwzUnVZMjF6TFdSdGNDOWhkV1JwWlc1alpTMWxlSFJ5WVdOMGFXOXVMejlrUFNVM1FpVXlNbTV...	12 B 138 B	87ms 87ms	Ping text/plain	192.104.183.109 LEE-ASN
General Check archive.org Show headers Download Go to Full URL https://www.bakersfield.com/_services/v1/client_captcha/challenge?request=X2xiX3JhdGVfZm9yZWlnbjpMM1J1WTIxekwzUnlZV05yYVc1bkwzUnVZMjF6TFdSdGNDOWhkV1JwWlc1alpTMWxlSFJ5WVdOMGFXOXVMejlrUFNVM1FpVXlNbTVoYldVbE1qSWxNMEVsTWpKamJHbGxiblFsTWpJbE1rTWxNakoyWVd4MVpTVXlNaVV6UVRrMk1UTWxOMFFtYVQweE5qUXlOVGswTlRZMk9USXhMQToxNjQyNTk0NTY4OjB4NmMyNDQxODc4NWViMTAzNGFjOGNmNmFjMTliNjYyNTg2MWMwMTUyOQ Protocol H2 Server 192.104.183.109 , United States, ASN10668 (LEE-ASN, US), Reverse DNS cms.newyork1.vip.townnews.com Software / Resource Hash 0cd6aed5d21ae37310b3c4e0facf48009005018bf4402fbcda1cb66d69b03346 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:08 GMT cache-control no-cache x-content-type-options nosniff age 0 content-length 12 content-type text/plain; charset=utf-8 Redirect headers location /_services/v1/client_captcha/challenge?request=X2xiX3JhdGVfZm9yZWlnbjpMM1J1WTIxekwzUnlZV05yYVc1bkwzUnVZMjF6TFdSdGNDOWhkV1JwWlc1alpTMWxlSFJ5WVdOMGFXOXVMejlrUFNVM1FpVXlNbTVoYldVbE1qSWxNMEVsTWpKamJHbGxiblFsTWpJbE1rTWxNakoyWVd4MVpTVXlNaVV6UVRrMk1UTWxOMFFtYVQweE5qUXlOVGswTlRZMk9USXhMQToxNjQyNTk0NTY4OjB4NmMyNDQxODc4NWViMTAzNGFjOGNmNmFjMTliNjYyNTg2MWMwMTUyOQ date Wed, 19 Jan 2022 12:16:08 GMT cache-control no-cache, no-store content-length 17
GET H2	200	bl-0af0356-cb23639b.js Show response tagan.adlightning.com/townnews/ Frame 2288	51 KB 22 KB	11ms 10ms	Script application/javascript	18.66.139.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/townnews/bl-0af0356-cb23639b.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-110.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 915205860aab296908c039c7e046d556bed52faf0398badefba5999f3bfbdb32 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 07:33:17 GMT content-encoding gzip age 16972 x-cache Hit from cloudfront content-length 21985 x-amz-meta-git_commit 0af0356 last-modified Wed, 19 Jan 2022 07:32:05 GMT server AmazonS3 etag "ada8709e985460354103d6a31d991056" x-amz-version-id xsKCQkEi45s2.HLaOGHIny8r9Fqndf_H via 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 accept-ranges bytes content-type application/javascript x-amz-cf-id XpiZ0YafuIjZRz86YkylQFb_fE7wi-lvT97aOuIKzadOmfxM2a_aCQ==
GET H2	200	b-7b120a5-e6d21384.js Show response tagan.adlightning.com/townnews/ Frame 2288	73 KB 28 KB	12ms 12ms	Script application/javascript	18.66.139.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-110.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 02 Sep 2021 05:53:24 GMT content-encoding gzip age 12032565 x-cache Hit from cloudfront content-length 28181 x-amz-meta-git_commit 7b120a5 last-modified Tue, 03 Aug 2021 18:05:42 GMT server AmazonS3 etag "1bd25d5a0b3f617a7b96bfd3148d7cb9" x-amz-version-id TCazak92uXLsB7S2fwnGUUKnJeDNkgd8 via 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 accept-ranges bytes content-type application/javascript x-amz-cf-id k70z8ZrzsmY40BUjCWSEIcQdZCI65DlP4_1WVpicgXaV2hUZCkCoRw==
GET H2	200	bl-0af0356-cb23639b.js Show response tagan.adlightning.com/townnews/ Frame 6B9B	51 KB 22 KB	13ms 12ms	Script application/javascript	18.66.139.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/townnews/bl-0af0356-cb23639b.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-110.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 915205860aab296908c039c7e046d556bed52faf0398badefba5999f3bfbdb32 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 07:33:17 GMT content-encoding gzip age 16972 x-cache Hit from cloudfront content-length 21985 x-amz-meta-git_commit 0af0356 last-modified Wed, 19 Jan 2022 07:32:05 GMT server AmazonS3 etag "ada8709e985460354103d6a31d991056" x-amz-version-id xsKCQkEi45s2.HLaOGHIny8r9Fqndf_H via 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 accept-ranges bytes content-type application/javascript x-amz-cf-id 0COduYjol5QjImzq6b7lLs33MWb81CC1aTEDIAFeAdx9t5tA21UP2g==
GET H2	200	b-7b120a5-e6d21384.js Show response tagan.adlightning.com/townnews/ Frame 6B9B	73 KB 28 KB	15ms 14ms	Script application/javascript	18.66.139.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-110.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 02 Sep 2021 05:53:24 GMT content-encoding gzip age 12032565 x-cache Hit from cloudfront content-length 28181 x-amz-meta-git_commit 7b120a5 last-modified Tue, 03 Aug 2021 18:05:42 GMT server AmazonS3 etag "1bd25d5a0b3f617a7b96bfd3148d7cb9" x-amz-version-id TCazak92uXLsB7S2fwnGUUKnJeDNkgd8 via 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 accept-ranges bytes content-type application/javascript x-amz-cf-id FclOKgl8rRzwfF0DT-tirJZzEYJPvume4AJE0HoYerqru54piL2L1w==
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6B9B	121 KB 38 KB	47ms 19ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:08 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37895 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1641990413359145" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 19 Jan 2022 12:16:08 GMT
GET H3	200	container.html Show response 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2D85	6 KB 3 KB	22ms 8ms	Document text/html	2a00:1450:4001:82b::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} timing-allow-origin * content-length 3108 x-content-type-options nosniff server sffe x-xss-protection 0 date Wed, 19 Jan 2022 12:16:07 GMT expires Thu, 19 Jan 2023 12:16:07 GMT cache-control public, immutable, max-age=31536000 last-modified Tue, 02 Mar 2021 20:17:03 GMT content-type text/html age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	bl-0af0356-cb23639b.js Show response tagan.adlightning.com/townnews/ Frame 7BFE	51 KB 22 KB	21ms 21ms	Script application/javascript	18.66.139.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/townnews/bl-0af0356-cb23639b.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-110.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 915205860aab296908c039c7e046d556bed52faf0398badefba5999f3bfbdb32 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 07:33:17 GMT content-encoding gzip age 16972 x-cache Hit from cloudfront content-length 21985 x-amz-meta-git_commit 0af0356 last-modified Wed, 19 Jan 2022 07:32:05 GMT server AmazonS3 etag "ada8709e985460354103d6a31d991056" x-amz-version-id xsKCQkEi45s2.HLaOGHIny8r9Fqndf_H via 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 accept-ranges bytes content-type application/javascript x-amz-cf-id zFeNiBprfZe022ieCwVxVqw-BiAnW4IBPkdeJpQRxIQp2ofuX4f6kw==
GET H2	200	b-7b120a5-e6d21384.js Show response tagan.adlightning.com/townnews/ Frame 7BFE	73 KB 28 KB	23ms 22ms	Script application/javascript	18.66.139.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-110.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 02 Sep 2021 05:53:24 GMT content-encoding gzip age 12032565 x-cache Hit from cloudfront content-length 28181 x-amz-meta-git_commit 7b120a5 last-modified Tue, 03 Aug 2021 18:05:42 GMT server AmazonS3 etag "1bd25d5a0b3f617a7b96bfd3148d7cb9" x-amz-version-id TCazak92uXLsB7S2fwnGUUKnJeDNkgd8 via 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 accept-ranges bytes content-type application/javascript x-amz-cf-id 9bwahEeg-d3PFYNQTPV5ppIsS__lLMk8udz32rqjrzLNv88au3Xndw==
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 7BFE	121 KB 37 KB	48ms 21ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:08 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37895 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1641990413359145" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 19 Jan 2022 12:16:08 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012111152338000/ Frame 2288	190 KB 55 KB	43ms 9ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 263915 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 55581 x-xss-protection 0 server sffe date Sun, 16 Jan 2022 10:57:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "8559bae154d80579" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Mon, 16 Jan 2023 10:57:33 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012111152338000/v0/ Frame 2288	13 KB 5 KB	56ms 22ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 263915 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4994 x-xss-protection 0 server sffe date Sun, 16 Jan 2022 10:57:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "b314c3eb801664ba" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Mon, 16 Jan 2023 10:57:33 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012111152338000/v0/ Frame 2288	89 KB 28 KB	57ms 23ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111152338000/v0/amp-analytics-0.1.mjs Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 263915 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28443 x-xss-protection 0 server sffe date Sun, 16 Jan 2022 10:57:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "976e6f5df80f4e35" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Mon, 16 Jan 2023 10:57:33 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012111152338000/v0/ Frame 2288	5 KB 2 KB	59ms 26ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111152338000/v0/amp-fit-text-0.1.mjs Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 263915 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1727 x-xss-protection 0 server sffe date Sun, 16 Jan 2022 10:57:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "423ab13fb6ff63c9" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Mon, 16 Jan 2023 10:57:33 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012111152338000/v0/ Frame 2288	40 KB 13 KB	60ms 27ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012111152338000/v0/amp-form-0.1.mjs Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 263915 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12843 x-xss-protection 0 server sffe date Sun, 16 Jan 2022 10:57:33 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "08cf721d9e54e414" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Mon, 16 Jan 2023 10:57:33 GMT
GET H3	200	9319838932995227680 tpc.googlesyndication.com/daca_images/simgad/ Frame 2288	84 KB 84 KB	14ms 13ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/9319838932995227680 Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f7cf893309754a241c3690053d45d21cadae0b0b590a9ed6feb6acda6a3398f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 11:07:24 GMT x-content-type-options nosniff age 4124 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 86227 x-xss-protection 0 last-modified Fri, 19 Feb 2021 22:38:42 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 19 Jan 2023 11:07:24 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2288	2 KB 2 KB	13ms 13ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 18 Jan 2022 20:15:16 GMT x-content-type-options nosniff server cafe age 57652 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 14819457070020093239 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Wed, 19 Jan 2022 20:15:16 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2288	295 B 319 B	12ms 12ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 05:43:34 GMT x-content-type-options nosniff server cafe age 23554 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 426692510519060060 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Thu, 20 Jan 2022 05:43:34 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 2288	0 0	53ms 53ms	Image text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CWbVYBwHoYb7wDY-63wP77KjYBdOYn99nze-vg5QNztG8zYEcEAEgp_SRC2CVmpKCoAegAZKZq_wCyAEC4AIAqAMByAMIqgSSA0_QMuDkxxohjKW6dtC3D04sbnJFepxOgSH2AErA1UtVywHR3qSBgUs7VFk6H1Sx9XxuCchv6vVOuHPuuBrZaxMR2SMLsRmqesvBDzGnhf4jIShlR2O6mcOQyIT4VkXaJ-U-xjyhXTf8c1LN6kFNAHncniAocE51mLXZhyp5Jh2cKEqwcyfCiv7s57k4wrdneE5aK4fwGOmDNLpjCxJfI7h_Aw_XrEYulrP9Xw21WZWbrIokbf-QpN-8n4-JnOoSRtVbJ4C3874x-DaE_APhH5zK1vLv-DyIYnY-7T81N2MA7kJn3CI2psA-HvM47Rab5OwLQ8qHZxdcdMF35sSHBvtZieZK3cDOzfR2AfesUpIaoicdiPdAUPUDEfpSpm2fGs52tRaWF-NJs3caY7_cHsReyfIRVP8hlKGeKeeJsVMiL-Fh4101eA4EMt_E5Wq7rpBJs7LVjpl53CMAAnYsVkZpGn9MpHs_d03O4V7wbjkgXCnBf4OqxAp7zDAQGgKXit3ROocR7SzyDaXgAmDQePWiEMAEptCD8rED4AQBkgUECAQYAZIFBAgFGASgBgKAB9bm1IMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ7aM50ggJCIjhgBAQARgdgAoByAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTMyNDc5MTk0MDgxMzIzMjIYvM4Z&sigh=VtC-n6qE_Ig&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness) Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET DATA	200 OK	truncated / Frame 2288	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3cf0edc9b6db2f631c342edfc8d44643afbfa4616ed47fafc2e03280d1299b6b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 7BFE	0 0	44ms 44ms	Fetch image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst67mQoN32X0wzWvp6CohTdbN2_hQZHPytQcSWf7Puyhfj9yCKbD_wQ-qpJ6_i2aQlcXBcWj6iK9Brh9EC1QX6XshTTVkBPVAUwBEdBybP_P2N42mZia-DFcEoPZE8IdG7j4XpSxJpMGQjSOus1pZB3AyJunbsLz3xNBzfsrtTRERNmJwzuw9XclkgilfHgX5oYCxyNWwYGbA9zzWLGtLs8v3U9I_NLUx4NkWVDn40XAJMRUF3RG-nwo2nEDAKcK5dUMTo17EEsgWar1ZHCK16AVADM0jcCW8Q5IHB1VJg4rXL-8-0Z9t4dKPpHBOMXhelz2A7O6daII6a__wkDBcZFFKtndCeXWF0rVEedFBiuh4hA&sai=AMfl-YTtYyLSa4Q8FESrIWRZC4snosXlEca9FnnPospFx-FyIZYYoOVlzX-vIWVHHPXHHVnwrT5DZ_UXSvYnhPX8PpKbrFqtV0okORrJrwfZiAlE67XozJvDBNW-46wWsZM&sig=Cg0ArKJSzM5gbL8k-qZOEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 19 Jan 2022 12:16:08 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H2	200	infolinks_main.js Show response resources.infolinks.com/js/	3 KB 2 KB	431ms 43ms	Script application/javascript	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://resources.infolinks.com/js/infolinks_main.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e3e8b6a4608aad2b3ac26700a794ccd57fa7779ae42f12dd9c9221417744e14 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers cf-ray 6cfffe178ef1e597-MAN date Wed, 19 Jan 2022 12:16:08 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 19 Jan 2022 07:51:15 GMT server cloudflare age 1481 etag W/"d63-5d5eaa673e471" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=3600 content-encoding gzip expires Wed, 19 Jan 2022 12:51:27 GMT
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 6B9B	0 0	42ms 42ms	Fetch image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9U_m4sRTw485Vljf-X2g2-YUDpUVdnUqsfrCEQHONr_FQZ6-U7R8EWyUYP-q43NzSWBNI7fUsr4_Gz6PfGFMsZXkZyt3lg9G5sH5zDreNfZKeCd3RD9hNVZTUnnosFoG45cGLeDK4HEs_BmdMLM0zML76kGSSCR576pYuoCZ5u_RAu87y_pMlZ8-QK_PBlH447uylFvfQB_oCAA9Ny_hKP3sXJVxZOJjD6-nw-ALwKtL0pGPRTm0KmLI943YeU_ohE9hqjRbgnH6FBGKwQYFCzVVTQyPuP3gMRl8eFugXrArjJUhfRho9bgI9QjUt5ju95fNEWn_Z-ckeOZrZ13cZkg&sai=AMfl-YQJjSNB9ydNaH76XitSEXII7_WHCqQ1DBoYbdXupu4ed1SIogrwrLAsIVPGYfdTzwaiIpwxaxF0DphIMVd0QwRY-ZwfQysuJXqHTWyYedlUtTEboieF4-HZgi7ilSw&sig=Cg0ArKJSzMmz2ByBZKNiEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.bakersfield.com URL: https://www.bakersfield.com/ap/national/us-catches-kremlin-insider-who-may-have-secrets-of-2016-hack/article_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 19 Jan 2022 12:16:08 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H/1.1	401 Unauthorized	zone serving.roimediaconsultants.com/servlet/view/banner/javascript/ Frame 6B9B	0 0	1074ms 173ms	Script text/html	172.255.51.148 GOSSAMERTHREADS
General Check archive.org Show headers Download Go to Full URL https://serving.roimediaconsultants.com/servlet/view/banner/javascript/zone?zid=2504&friendly=friendly_1474662255&pid=9&fr=60&frlm=1&rmpid=true&random=1474662255&origin=https%3A%2F%2Fwww.bakersfield.com&referrer=https://bakersfield.com Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.255.51.148 Vancouver, Canada, ASN36483 (GOSSAMERTHREADS, CA), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H2	200	bl-0af0356-cb23639b.js Show response tagan.adlightning.com/townnews/ Frame 2D85	51 KB 22 KB	8ms 8ms	Script application/javascript	18.66.139.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/townnews/bl-0af0356-cb23639b.js Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-110.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 915205860aab296908c039c7e046d556bed52faf0398badefba5999f3bfbdb32 Request headers Accept-Language de-DE,de;q=0.9 Referer https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 07:33:17 GMT content-encoding gzip age 16972 x-cache Hit from cloudfront content-length 21985 x-amz-meta-git_commit 0af0356 last-modified Wed, 19 Jan 2022 07:32:05 GMT server AmazonS3 etag "ada8709e985460354103d6a31d991056" x-amz-version-id xsKCQkEi45s2.HLaOGHIny8r9Fqndf_H via 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 accept-ranges bytes content-type application/javascript x-amz-cf-id isxlcvd_isYb3WePqKNMJcZxJU70unFSFsqkpYOmNdW2ROjHVIn6Dw==
GET H2	200	b-7b120a5-e6d21384.js Show response tagan.adlightning.com/townnews/ Frame 2D85	73 KB 28 KB	10ms 10ms	Script application/javascript	18.66.139.110 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.110 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-110.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 9b986278025cffced160d888eb3dd9bb5902dae3fbed8cf8e6808801f8ac726a Request headers Accept-Language de-DE,de;q=0.9 Referer https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Thu, 02 Sep 2021 05:53:24 GMT content-encoding gzip age 12032565 x-cache Hit from cloudfront content-length 28181 x-amz-meta-git_commit 7b120a5 last-modified Tue, 03 Aug 2021 18:05:42 GMT server AmazonS3 etag "1bd25d5a0b3f617a7b96bfd3148d7cb9" x-amz-version-id TCazak92uXLsB7S2fwnGUUKnJeDNkgd8 via 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA60-P4 accept-ranges bytes content-type application/javascript x-amz-cf-id ddBT2pOJJMZETJYK3EXXK15Tb1FT35_JnB3ZWGm38YD9fu16MWhNoQ==
GET DATA	200 OK	truncated / Frame 7BFE	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 51f492c558bd5d0e092f5bdd8d391ecea63f17053b9e37af1a9688c556ecc205 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 7BFE	0 0	46ms 45ms	Fetch image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufx3FrCjH-q0PmX3QlvfN3tvZVOqlZ8bL2NLtgRdZ0Tpzs3utF8SRetc6VrJL3Cnfv_r2jRXpD5k436Tbpehe2u9rfTq1Ya3TSHzvRx6PWZ9goj0yno00x7QN986WXaKQqd6e7AJR2NkHijK3SxKBrnArEtKfBgu3hAg3KF88UB8Vf9VR9rdve7npD77w7Rw7jFdws7UBs-yQuENJfTYOGiYa0KsMgHzngxpjpQZhRMTaCKhVb0u9wOycnfbm_oOKVKhA57NAbpuBCxBnyRXdC7gy8xiifTvRaYP8-VBw36E5VYQI5G4fRxPl7GTHLPEjOI-A1hKkpChIpF2C0a93u9wtnS43s&sai=AMfl-YTxT8j297YqV71SI-J6DlWLCO9OBiI8DDNGmyM2tQdgfq_gI0R8z8kOmbG220wXZ8fwPOp2L7ETxvYlFO82vm2_lVALZqkqdu60lcEjqHeNUFehEiSrWRXib-6H93s&sig=Cg0ArKJSzNd3gQpF5uD_EAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 19 Jan 2022 12:16:08 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Wed, 19 Jan 2022 12:16:08 GMT
GET H2	200	61e7c8c96ebb0.image.jpg bloximages.newyork1.vip.townnews.com/bakersfield.com/content/tncms/assets/v3/editorial/3/43/34396e46-8fd8-519a-9b5f-7e05b837deb0/	2 KB 3 KB	133ms 133ms	Image image/webp	104.18.130.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://bloximages.newyork1.vip.townnews.com/bakersfield.com/content/tncms/assets/v3/editorial/3/43/34396e46-8fd8-519a-9b5f-7e05b837deb0/61e7c8c96ebb0.image.jpg?crop=1286%2C1286%2C161%2C0&resize=100%2C100&order=crop%2Cresize Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b01c88bcaba7febe04b1038df04d1b24e4cadb8658ef0c0a68e3b7e47c79871 Security Headers Name Value Strict-Transport-Security max-age=604800 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:08 GMT vary Accept cf-cache-status HIT cf-polished qual=85, origFmt=jpeg, origSize=3109 last-modified Wed, 19 Jan 2022 08:16:12 GMT content-disposition inline; filename="61e7c8c96ebb0.webp" x-robots-tag noarchive x-vcache MISS server cloudflare etag "0c223ad8793a24ef8a8a8b4e2833d651" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=604800 content-type image/webp access-control-allow-origin * expires Thu, 19 Jan 2023 08:24:07 GMT cache-control public, max-age=31536000 cf-ray 6cfffe15dc2754db-MAN cf-bgj imgq:85,h2pri
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 2288 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	79ms 52ms	Image text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Protocol H2 Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Redirect headers date Wed, 19 Jan 2022 12:16:08 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	abg_lite_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220113/r20110914/ Frame 2D85	19 KB 8 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/abg_lite_fy2019.js Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:13:54 GMT content-encoding gzip x-content-type-options nosniff age 134 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7881 x-xss-protection 0 server cafe etag 7605774008668088057 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 02 Feb 2022 12:13:54 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 2D85	2 KB 1 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/window_focus_fy2019.js Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:15:14 GMT content-encoding gzip x-content-type-options nosniff age 54 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1205 x-xss-protection 0 server cafe etag 18074202747124231361 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 02 Feb 2022 12:15:14 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 2D85	121 KB 37 KB	30ms 29ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:08 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37895 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1641990413359145" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Wed, 19 Jan 2022 12:16:08 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/ Frame 2D85	15 KB 6 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220113/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 043cafc63f50b2ba976044bc7dfba6ccb1a1878d527f883cb81984c5585cd9da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 11:43:18 GMT content-encoding gzip x-content-type-options nosniff age 1970 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6473 x-xss-protection 0 server cafe etag 5124071950003790117 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 02 Feb 2022 11:43:18 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 2D85	0 0	15ms 14ms	Image text/html	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQtXX694w2hVy2P4-eVOOLt0E5jK6tBOb26dmuUMKDM8cOOG5tqx-1SNPW_CpI_mYpv8R1iJTJgI9f2wQVdeHwdHppg2w Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	index.html Show response tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/ Frame 9A16	3 KB 1 KB	8ms 6ms	Document text/html	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/index.html Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/b-7b120a5-e6d21384.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78bd525dc317d47424279fbc7165201537c4bfe4c94c7f7c209a0685b6af281f Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/ Response headers accept-ranges bytes vary Accept-Encoding access-control-allow-origin * content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} timing-allow-origin * content-length 1306 x-content-type-options nosniff x-dns-prefetch-control off content-encoding gzip server sffe x-xss-protection 0 date Tue, 18 Jan 2022 23:02:39 GMT expires Wed, 18 Jan 2023 23:02:39 GMT cache-control public, max-age=31536000 age 47609 last-modified Thu, 19 Aug 2021 14:10:37 GMT content-type text/html alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 2D85	0 0	52ms 51ms	Fetch text/html	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CTRz9BwHoYdrzDY-63wP77KjYBbnYyOZnrPCJqI8Nqb_ChIobEAEg1YmTFmCVmpKCoAegAfTazJkDyAEJqQI34WjL_QGzPuACAKgDAcgDCKoEpQNP0KBCV3Rjy_K-_AOQD8Hi2nmru96vNzGLIV1MVgVb7Epw-XokiWaaYkwUBueCOHaWq8cSMvV_HaEYku1_niyHu51mh6YwqbhCccEbjnhs_dpm4aN4mhjHkxk0eZvSfRGw5rV_NJsjgNxAXeERwSt7kyxAVUEHi_K1h_lT_ejFZL6VTUYgU68uFHOmZabbD-mxLeLJ7IGN6XEQi5XaeCRJ2NCup-wS0oqjl187zdXsv1LPs0Lt38trsYALBHuBcENO3KHUWS4uML2OZxV1Ud61dMVR-VkW1LJX3R93dnwKAKwmy5P0IzuGl-2Hq76bO48SIo5oX0-KKDS0-07Ujqz5TxVSGd3dPqj5a2qcm2yz3Sv-RSsIXHpCvpZCLScwewqexvAaMdG2Q_zDNS_MwXR-RvCsdDqYAR1oF_Xlac4RsSQh5gR1R2DoqUjClOPk9kApbBZuVKyJ-K9Tq1NM0uH6zCemFM68H64FfGCsnCgolZTIZUdcLR9Msmhul2gAGTL8KSmvb_ct_9LTeR4CkTpJB20qYbhXHCRYav3NSPLZK-LkD_MVwAT9_r-IiQPgBAGSBQQIBBgBkgUECAUYBKAGLoAH9KSzZqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEO2pC9IICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMjM3NTUxNzg5MTY2NjgxNYAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi00ODA3NTYxNDU3NjY5OTk2GLzOGQ&sigh=dNUfmAdaQ2c&uach_m=[UACH]&template_id=419 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers
GET H3	200	9319838932995227680 tpc.googlesyndication.com/daca_images/simgad/ Frame 2288	84 KB 84 KB	7ms 7ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/9319838932995227680 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f7cf893309754a241c3690053d45d21cadae0b0b590a9ed6feb6acda6a3398f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 11:07:24 GMT x-content-type-options nosniff age 4124 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 86227 x-xss-protection 0 last-modified Fri, 19 Feb 2021 22:38:42 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 19 Jan 2023 11:07:24 GMT
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2288	2 KB 2 KB	11ms 11ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/en.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 18 Jan 2022 20:15:16 GMT x-content-type-options nosniff server cafe age 57652 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 14819457070020093239 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2502 x-xss-protection 0 expires Wed, 19 Jan 2022 20:15:16 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2288	295 B 319 B	12ms 11ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 05:43:34 GMT x-content-type-options nosniff server cafe age 23554 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 426692510519060060 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 295 x-xss-protection 0 expires Thu, 20 Jan 2022 05:43:34 GMT
GET H2	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame D307	143 B 426 B	24ms 7ms	Document text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/ Response headers x-content-type-options nosniff content-encoding gzip server cafe content-length 145 x-xss-protection 0 date Wed, 19 Jan 2022 12:02:43 GMT cache-control public, max-age=3600 content-type text/html; charset=UTF-8 age 805 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	exitapi-impl.js Show response tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9A16	9 KB 3 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 18 Jan 2022 16:08:34 GMT content-encoding gzip x-content-type-options nosniff age 72454 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3271 x-xss-protection 0 server cafe etag 7483759447172721109 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Wed, 19 Jan 2022 16:08:34 GMT
GET H3	200	addata.js Show response tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9A16	26 KB 10 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Tue, 18 Jan 2022 16:13:39 GMT content-encoding gzip x-content-type-options nosniff age 72149 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10382 x-xss-protection 0 server cafe etag 12806417668659483808 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=86400 timing-allow-origin * expires Wed, 19 Jan 2022 16:13:39 GMT
GET H2	200	createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response s0.2mdn.net/ads/studio/cached_libs/ Frame 9A16	186 KB 49 KB	90ms 69ms	Script text/javascript	2a00:1450:4001:801::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:08 GMT content-encoding gzip x-content-type-options nosniff age 1 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49100 x-xss-protection 0 last-modified Wed, 16 Mar 2016 13:51:35 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=0 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 19 Jan 2022 12:16:08 GMT
GET H3	200	300x250.js Show response tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/ Frame 9A16	64 KB 10 KB	8ms 7ms	Script application/x-javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/300x250.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a22c79a87c6c6b7aea7abef028487a161f1a9fae0a624bc946019100c3d151cc Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' content-encoding gzip x-content-type-options nosniff age 385836 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9739 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:32 GMT vary Accept-Encoding report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:32 GMT
GET DATA	200 OK	truncated / Frame 2D85	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 15e8a1dcf54182f3a3aca2346ccf0343c827ca673f88f1a586d6504f532081da Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H2	200	ice.js Show response resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/	177 KB 55 KB	45ms 45ms	Script application/javascript	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1f7e767057a468113b4c95065391f5a6ae48144c9e72d3bd6285ecb843936175 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers cf-ray 6cfffe180fd0e597-MAN date Wed, 19 Jan 2022 12:16:08 GMT via 1.1 google cf-cache-status HIT last-modified Mon, 17 Jan 2022 12:23:36 GMT server cloudflare age 11943 etag W/"2c41c-5d5c638c3ad4d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 content-encoding gzip expires Fri, 18 Feb 2022 08:57:05 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame D307 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 16 B	93ms 78ms	Document text/html	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 x-content-type-options nosniff date Wed, 19 Jan 2022 12:16:09 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Wed, 19 Jan 2022 12:16:09 GMT cache-control private Redirect headers location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private content-type text/html; charset=UTF-8 x-content-type-options nosniff date Wed, 19 Jan 2022 12:16:09 GMT server cafe content-length 0 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	manage Show response router.infolinks.com/usync/ Frame D560	9 KB 2 KB	151ms 141ms	Document text/html	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Requested by Host: resources.infolinks.com URL: https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 29b30e61a4ad95744edf1bc688edb4fc07d67cbe5531703a5f51a725d4a95ee5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ Response headers date Wed, 19 Jan 2022 12:16:09 GMT content-type text/html;charset=UTF-8 cache-control no-store p3p CP="NON DSP NID OUR COR" via 1.1 google cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6cfffe18a8bfe597-MAN content-encoding gzip
GET H2	200	lcmanage Show response router.infolinks.com/usync/	0 37 B	149ms 142ms	Script text/plain	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://router.infolinks.com/usync/lcmanage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cache-control no-store cf-ray 6cfffe18a8c5e597-MAN content-length 0
GET H2	200	gsd Show response router.infolinks.com/	319 B 489 B	223ms 217ms	Script text/javascript	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://router.infolinks.com/gsd?evt=afterGSD&pid=3119781&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&jsv=1776.020-3.025.ab.1782.007-3.025&_cb=16425945690430 Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c63b04376260e3051dc27e56317e7e8a0b89e6c738bb8147a763b5f4a6ad927 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON DSP NID OUR COR" content-type text/javascript;charset=UTF-8 content-encoding gzip cache-control max-age=0 cf-ray 6cfffe18a8c8e597-MAN expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	CTA.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	1 KB 1 KB	8ms 7ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/CTA.png?1607436056177 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 166546432362a275af899542d876583bb41224b2c13cdf399bb1871edff5c5ab Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 385836 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1330 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:33 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:33 GMT
GET H3	200	CTA_blanc.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	1 KB 1 KB	7ms 7ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/CTA_blanc.png?1607436056177 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 868295bb1ecfe7de3f367b2836344af8ca73478c6b5fa70591572fb29c50eda9 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 385836 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1330 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:33 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:33 GMT
GET H3	200	logo1.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	1 KB 1 KB	7ms 7ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/logo1.png?1607436056177 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c8608afd205f591ed8e56ade592dae129c7836fdb91d1259868f0645fea9ca6a Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 520292 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1070 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Thu, 13 Jan 2022 11:44:37 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 13 Jan 2023 11:44:37 GMT
GET H3	200	logo2.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	1 KB 1 KB	7ms 7ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/logo2.png?1607436056177 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7412205e80b068ac2a5bea19ef9686ece2d7b2ac3a724bd80150268a187b4ebf Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 47605 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1450 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Tue, 18 Jan 2022 23:02:44 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 18 Jan 2023 23:02:44 GMT
GET H3	200	tableau1.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	6 KB 6 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/tableau1.jpg?1607436056177 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb409f2542af7f68d9484417a5abf64e76fa0f0ac6e09961f35bdfc528e19eb4 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 47604 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6343 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Tue, 18 Jan 2022 23:02:45 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 18 Jan 2023 23:02:45 GMT
GET H3	200	tableau10.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	40 KB 40 KB	10ms 10ms	Image image/jpeg	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/tableau10.jpg?1607436056177 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c622600140a1df451547bbbfb31b4703c0ef3a27562a31e339f0150ffe606aa Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 385836 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41258 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:33 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:33 GMT
GET H3	200	tableau2.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	12 KB 12 KB	7ms 7ms	Image image/jpeg	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/tableau2.jpg?1607436056177 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 42894f3ad5731f9b4a4a3351452f09189a1e691009ceab6a19275de45e9304cc Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 385836 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11872 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:33 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:33 GMT
GET H3	200	tableau3.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	4 KB 4 KB	7ms 7ms	Image image/jpeg	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/tableau3.jpg?1607436056177 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2be708683c7b866e3afe46e6f96c57144b94f060c434cb5f5313a905503931d Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 385836 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3877 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:33 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:33 GMT
GET H3	200	tableau4.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	4 KB 4 KB	8ms 8ms	Image image/jpeg	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/tableau4.jpg?1607436056177 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1bea73194f11df459501fbb414a944fc876c62dc2a7b22ebd481d457e07f5cee Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 385836 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4382 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:33 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:33 GMT
GET H3	200	tableau5.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	4 KB 4 KB	25ms 25ms	Image image/jpeg	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/tableau5.jpg?1607436056177 Requested by Host: 96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com URL: https://96ad218f52a99527cb2ff6f77938a025.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 987f51b2adf58821c632ff5c96ffaf4c66568002dd5281bebbca05b57cba87ca Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 515474 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4165 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Thu, 13 Jan 2022 13:04:55 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 13 Jan 2023 13:04:55 GMT
GET H3	200	tableau6.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	13 KB 13 KB	8ms 7ms	Image image/jpeg	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/tableau6.jpg?1607436056177 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cec328dda453d77d1824c45585eaae7347667268a866026acee8d13400958706 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 385836 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13466 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:33 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:33 GMT
GET H3	200	tableau7.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	4 KB 4 KB	10ms 10ms	Image image/jpeg	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/tableau7.jpg?1607436056177 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c54340af80e1caef7e5fa1f8b7a31d771262abc6dfa67ae79e9ebe0985c6f09b Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 385836 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3849 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:33 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:33 GMT
GET H2	200	/ Show response de.tynt.com/deb/ Frame C743	75 B 289 B	398ms 121ms	Document text/html	67.202.105.34 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.34 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip34.67-202-105.static.steadfastdns.net Software / Resource Hash e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ Response headers cache-control max-age=86400 expires Thu, 20 Jan 2022 12:16:09 GMT referrer-policy unsafe-url content-type text/html content-length 75 date Wed, 19 Jan 2022 12:16:09 GMT p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H/1.1	200 OK	usermatch Show response ssum-sec.casalemedia.com/ Frame 9E46 Redirect Chain https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1	2 KB 3 KB	30ms 29ms	Document text/html	104.89.29.100 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-89-29-100.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e1879085331afdc436edf63fb20bc4a827aa86828cf91cdee49e6efb7eb7bc1f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ Response headers Server Apache Content-Type text/html Dropped-Udsids 39|230|241|45|188|10|195|8 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Vary Is-Traffic-Usersync Expires Wed, 19 Jan 2022 12:16:09 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT Content-Length 1600 Connection keep-alive Redirect headers Server Apache Content-Length 311 Content-Type text/html; charset=iso-8859-1 Location https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Expires Wed, 19 Jan 2022 12:16:09 GMT Cache-Control max-age=0, no-cache, no-store Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT Connection keep-alive
GET H2	200	/ Show response onetag-sys.com/usync/ Frame E740	2 KB 814 B	100ms 29ms	Document text/html	51.89.9.251 OVH
General Check archive.org Show headers Download Go to Full URL https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90 Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip251.ip-51-89-9.eu Software / Resource Hash 37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0 Security Headers Name Value Strict-Transport-Security max-age=15552000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ Response headers content-type text/html cache-control no-transform, no-cache content-encoding gzip content-length 731 strict-transport-security max-age=15552000
GET H2	200	pbm-usync router.infolinks.com/dyn/ Frame D560 Redirect Chain https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli... https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli... https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEFGQTk4MjQtQTAxNi00NzZDLTk2REItQTQ4OTRBRDUzRUIz&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D4AFA9824-A016-476C-96DB-A4894AD53EB3 https://router.infolinks.com/dyn/pbm-usync?uid=4AFA9824-A016-476C-96DB-A4894AD53EB3	0 255 B	149ms 148ms	Image text/html	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://router.infolinks.com/dyn/pbm-usync?uid=4AFA9824-A016-476C-96DB-A4894AD53EB3 Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON DSP NID OUR COR" content-type text/html;charset=UTF-8 cache-control no-store, no-cache, private cf-ray 6cfffe1cbf05e597-MAN content-length 0 expires Tue, 19 Jan 2021 12:16:09 GMT Redirect headers location https://router.infolinks.com/dyn/pbm-usync?uid=4AFA9824-A016-476C-96DB-A4894AD53EB3 date Wed, 19 Jan 2022 12:16:09 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	apn-usync router.infolinks.com/dyn/ Frame D560 Redirect Chain https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID https://router.infolinks.com/dyn/apn-usync?user_id=8446383489359143324	35 B 188 B	160ms 156ms	Image image/gif	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://router.infolinks.com/dyn/apn-usync?user_id=8446383489359143324 Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON DSP NID OUR COR" content-type image/gif cache-control no-store, no-cache, private cf-ray 6cfffe1a8ba1e597-MAN content-length 35 expires Tue, 19 Jan 2021 12:16:09 GMT Redirect headers Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT X-Proxy-Origin 217.64.151.6; 217.64.151.6; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid 1339809e-bd0d-4e75-971c-249912a107e6 Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://router.infolinks.com/dyn/apn-usync?user_id=8446383489359143324 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	cm u.openx.net/w/1.0/ Frame D560	43 B 305 B	102ms 39ms	Image image/gif	35.244.159.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software OXGW/17.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT content-encoding gzip server OXGW/17.0.0 vary Accept, Accept-Encoding p3p CP="CUR ADM OUR NOR STA NID" via 1.1 google cache-control private, max-age=0, no-cache content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56 expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	VR-usync router.infolinks.com/dyn/ Frame D560 Redirect Chain https://ups.analytics.yahoo.com/ups/58422/occ https://ups.analytics.yahoo.com/ups/58422/occ?verify=true https://router.infolinks.com/dyn/VR-usync?uid=y-G7GNS11E2uHfdfFESh9rARXxO9dWb0slpg5lqKk-~A	35 B 264 B	158ms 157ms	Image image/gif	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://router.infolinks.com/dyn/VR-usync?uid=y-G7GNS11E2uHfdfFESh9rARXxO9dWb0slpg5lqKk-~A Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON DSP NID OUR COR" content-type image/gif cache-control no-store, no-cache, private cf-ray 6cfffe1a5b68e597-MAN content-length 35 expires Tue, 19 Jan 2021 12:16:09 GMT Redirect headers location https://router.infolinks.com/dyn/VR-usync?uid=y-G7GNS11E2uHfdfFESh9rARXxO9dWb0slpg5lqKk-~A date Wed, 19 Jan 2022 12:16:09 GMT server ATS/9.1.0.33 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	r1-usync router.infolinks.com/dyn/ Frame D560 Redirect Chain https://sync.1rx.io/usersync2/infolinks https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3942526635 https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3942526635 https://sync.1rx.io/usersync/tradedesk/46205c47-64ce-4424-8aad-5cdfbafb009a https://sync.targeting.unrulymedia.com/csync/RX-db85f070-edf0-4178-8e40-b4f34c427f16-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-db85f070-edf0-4178-8e40-b4f34c427f16-003 https://router.infolinks.com/dyn/r1-usync?uid=RX-db85f070-edf0-4178-8e40-b4f34c427f16-003	35 B 205 B	137ms 137ms	Image image/gif	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://router.infolinks.com/dyn/r1-usync?uid=RX-db85f070-edf0-4178-8e40-b4f34c427f16-003 Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON DSP NID OUR COR" content-type image/gif cache-control no-store, no-cache, private cf-ray 6cfffe1cbf04e597-MAN content-length 35 expires Tue, 19 Jan 2021 12:16:09 GMT Redirect headers location https://router.infolinks.com/dyn/r1-usync?uid=RX-db85f070-edf0-4178-8e40-b4f34c427f16-003 date Wed, 19 Jan 2022 12:16:09 GMT server Tengine p3p CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why" etag RXdb85f070edf041788e40b4f34c427f16003 content-type text/html
GET H2	200	zmn-usync router.infolinks.com/dyn/ Frame D560 Redirect Chain https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__ https://router.infolinks.com/dyn/zmn-usync?uid=	35 B 155 B	200ms 200ms	Image image/gif	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://router.infolinks.com/dyn/zmn-usync?uid= Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON DSP NID OUR COR" content-type image/gif cache-control no-store cf-ray 6cfffe1ccf21e597-MAN content-length 35 Redirect headers Location https://router.infolinks.com/dyn/zmn-usync?uid= Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT Cache-Control no-cache, no-store, must-revalidate Expires Thu, 01 Dec 1994 16:00:00 GMT Content-Length 70 Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	us sync.go.sonobi.com/ Frame D560	0 474 B	132ms 16ms	Image text/plain	178.162.133.149 LEASEWEB-NL-AMS-0...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL), Reverse DNS ams-1-sync.go.sonobi.com Software sonobi-go / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT Server sonobi-go Vary negotiate,Accept-Encoding X-Go-Server xcp-ams-1-7-9 P3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, private Tcn Choice Content-Type text/plain; charset=utf8 Content-Length 0 X-Xss-Protection 0 Expires Sat, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	ca.png s.cpx.to/ Frame D560 Redirect Chain https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.bakersfield.com%252Fap%252Fnational%252Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%252Farticle_a5ff... https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.bakersfield.com%25252Fap%25252Fnational%25252Fus-catches-kremlin-insider-who-may-have-s... https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&pid=...	95 B 944 B	263ms 57ms	Image image/png	52.49.40.119 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&pid=12306&adnxs_uid=4993086899817109661 Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol HTTP/1.1 Server 52.49.40.119 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-40-119.eu-west-1.compute.amazonaws.com Software / Resource Hash bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab Security Headers Name Value Content-Security-Policy default-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options sameorigin Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache, no-cache Content-Security-Policy default-src 'self' X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies none Date Wed, 19 Jan 2022 12:16:09 GMT X-Frame-Options sameorigin Connection keep-alive P3P CP="NOI DEV ADM" Cache-Control no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0 Strict-Transport-Security max-age=31536000; includeSubDomains Content-Type image/png Content-Length 95 Expires Wed, 19 Jan 2022 12:16:09 UTC Redirect headers Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT X-Proxy-Origin 217.64.151.6; 217.64.151.6; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com AN-X-Request-Uuid e0c408a6-11b5-458a-8a6b-36b175440a2a Server nginx/1.17.9 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&pid=12306&adnxs_uid=4993086899817109661 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	sync dsp.adkernel.com/ Frame D560	42 B 233 B	386ms 114ms	Image image/gif	174.137.133.49 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Show image Full URL https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT Server nginx Age 0 Content-Type image/gif Cache-Control no-store Connection keep-alive Content-Length 42
GET H2	200	imd-usync router.infolinks.com/dyn/ Frame D560 Redirect Chain https://ad.360yield.com/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 https://ad.360yield.com/ul_cb/server_match?r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fimd-usync%3Fuser_id%3D%7BPUB_USER_ID%7D%26partner_id%3D1531 https://router.infolinks.com/dyn/imd-usync?user_id=7247d3d2-ac51-45e6-8609-ac691b713a10&partner_id=1531	35 B 200 B	168ms 168ms	Image image/gif	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://router.infolinks.com/dyn/imd-usync?user_id=7247d3d2-ac51-45e6-8609-ac691b713a10&partner_id=1531 Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON DSP NID OUR COR" content-type image/gif cache-control no-store, no-cache, private cf-ray 6cfffe1aec16e597-MAN content-length 35 expires Tue, 19 Jan 2021 12:16:09 GMT Redirect headers location https://router.infolinks.com/dyn/imd-usync?user_id=7247d3d2-ac51-45e6-8609-ac691b713a10&partner_id=1531 date Wed, 19 Jan 2022 12:16:09 GMT access-control-allow-origin * content-type text/plain content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
GET H2	200	outh-usync router.infolinks.com/dyn/ Frame D560 Redirect Chain https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP95aae841-7921-11ec-9b45-02d2c8aaa600 https://router.infolinks.com/dyn/outh-usync?uid=y-FV8hWiZE2uGVnWgL7qMyOC7Vz2yaL20U~A~UP95aae841-7921-11ec-9b45-02d2c8aaa600	35 B 234 B	161ms 161ms	Image image/gif	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://router.infolinks.com/dyn/outh-usync?uid=y-FV8hWiZE2uGVnWgL7qMyOC7Vz2yaL20U~A~UP95aae841-7921-11ec-9b45-02d2c8aaa600 Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON DSP NID OUR COR" content-type image/gif cache-control no-store, no-cache, private cf-ray 6cfffe1acbfbe597-MAN content-length 35 expires Tue, 19 Jan 2021 12:16:09 GMT Redirect headers location https://router.infolinks.com/dyn/outh-usync?uid=y-FV8hWiZE2uGVnWgL7qMyOC7Vz2yaL20U~A~UP95aae841-7921-11ec-9b45-02d2c8aaa600 date Wed, 19 Jan 2022 12:16:09 GMT server ATS/9.1.0.33 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	204	services sync.technoratimedia.com/ Frame D560 Redirect Chain https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D https://bh.contextweb.com/bh/rtset?pid=558752&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D1%26uuid%3D%25%25VGUID%25%25 https://match.bnmla.com/usersync?dspid=1&uuid=bC4cgOUKQkqz&ev=1&us_privacy=${us_privacy}&pid=558752 https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID https://match.bnmla.com/usersync?dspid=6&uuid=0CEDE81DDB8441E4ADE47A6A6A10938C https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D	0 298 B	661ms 363ms	Image text/plain	150.136.156.92 ORACLE-BMC-31898
General Check archive.org Show headers Download Go to Show image Full URL https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Server 150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:11 GMT via 1.1 varnish server nginx age 0 access-control-allow-methods POST,GET,HEAD,OPTIONS x-varnish 969273349 access-control-allow-origin https://router.infolinks.com/ access-control-allow-credentials true Redirect headers Location https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D Date Wed, 19 Jan 2022 12:16:10 GMT Server nginx Connection keep-alive Content-Length 0
GET H2	200	sovrn-usync router.infolinks.com/dyn/ Frame D560 Redirect Chain https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID&sovrn_retry=true https://router.infolinks.com/dyn/sovrn-usync?uid=5458769ddccc5cb59cd1abe1	35 B 261 B	169ms 169ms	Image image/gif	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://router.infolinks.com/dyn/sovrn-usync?uid=5458769ddccc5cb59cd1abe1 Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON DSP NID OUR COR" content-type image/gif cache-control no-store, no-cache, private cf-ray 6cfffe1da85be597-MAN content-length 35 expires Tue, 19 Jan 2021 12:16:09 GMT Redirect headers Date Wed, 19 Jan 2022 12:16:09 GMT Access-Control-Allow-Origin * Access-Control-Allow-Methods GET, POST, DELETE, PUT Location https://router.infolinks.com/dyn/sovrn-usync?uid=5458769ddccc5cb59cd1abe1 Access-Control-Allow-Credentials true Connection close X-Sovrn-Pod ad_ap7ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type
GET H2	200	usersync router.infolinks.com/dyn/ Frame D560 Redirect Chain https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink... https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D4AFA9824-A016-476C-96DB-A4894AD53EB3 https://router.infolinks.com/dyn/usersync?pmuservalue=4AFA9824-A016-476C-96DB-A4894AD53EB3	0 157 B	140ms 140ms	Image text/plain	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://router.infolinks.com/dyn/usersync?pmuservalue=4AFA9824-A016-476C-96DB-A4894AD53EB3 Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON DSP NID OUR COR" cache-control no-store cf-ray 6cfffe1c7e87e597-MAN content-length 0 Redirect headers location https://router.infolinks.com/dyn/usersync?pmuservalue=4AFA9824-A016-476C-96DB-A4894AD53EB3 date Wed, 19 Jan 2022 12:16:08 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
GET H2	200	zeta-usync router.infolinks.com/dyn/ Frame D560 Redirect Chain https://p.rfihub.com/cm?pub=43153&in=1 https://router.infolinks.com/dyn/zeta-usync?uid=5131077720414870356	35 B 187 B	207ms 206ms	Image image/gif	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://router.infolinks.com/dyn/zeta-usync?uid=5131077720414870356 Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON DSP NID OUR COR" content-type image/gif cache-control no-store, no-cache, private cf-ray 6cfffe1c6e6ce597-MAN content-length 35 expires Tue, 19 Jan 2021 12:16:09 GMT Redirect headers Location https://router.infolinks.com/dyn/zeta-usync?uid=5131077720414870356 Date Wed, 19 Jan 2022 12:16:09 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	204	/ ssc-cms.33across.com/ps/ Frame D560	0 72 B	385ms 111ms	Image text/plain	67.202.105.24 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.24 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip24.67-202-105.static.steadfastdns.net Software 33XP002 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-33x-status 2000208 date Wed, 19 Jan 2022 12:16:09 GMT server 33XP002
GET H2	200	iq-usync router.infolinks.com/dyn/ Frame D560	0 35 B	144ms 143ms	Image text/plain	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://router.infolinks.com/dyn/iq-usync Requested by Host: router.infolinks.com URL: https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://router.infolinks.com/usync/manage?pid=3119781&wsid=0&pdom=www.bakersfield.com&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" cache-control no-store cf-ray 6cfffe1bedc0e597-MAN content-length 0
GET H3	200	tableau8.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	7 KB 7 KB	18ms 18ms	Image image/jpeg	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/tableau8.jpg?1607436056177 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6af63c5cdfecc2a05ec551afa4c95627062cc404712e91ac85c28c2aeaff2fc2 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 47601 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7156 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Tue, 18 Jan 2022 23:02:48 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 18 Jan 2023 23:02:48 GMT
GET H3	200	tableau9.jpg tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	5 KB 5 KB	38ms 38ms	Image image/jpeg	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/tableau9.jpg?1607436056177 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7a54149354f8872db43e65d8bc5c53087da5717af16e2f217e4fdff30d2f396d Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 385836 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4871 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:33 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:33 GMT
POST H2	200	doq.htm Show response rt3056.infolinks.com/action/	1 KB 1 KB	504ms 318ms	XHR text/html	172.66.42.247 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rt3056.infolinks.com/action/doq.htm?pcode=utf-8&r=16425945692881 Requested by Host: resources.infolinks.com URL: https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6e3615565143aa0e6a0f3c0132489c44a4d36649c79cc7e758ecb1e0ec6fdf1 Request headers Referer https://www.bakersfield.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Wed, 19 Jan 2022 12:16:09 GMT content-encoding gzip cf-cache-status DYNAMIC p3p CP="NON DSP NID OUR COR" content-type text/html;charset=UTF-8 x-application-context application:prod pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Origin content-language de-DE access-control-allow-origin https://www.bakersfield.com cache-control no-cache,no-store access-control-allow-credentials true cf-ray 6cfffe1b4ecce58f-MAN expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	txt1_1.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	3 KB 3 KB	22ms 22ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/txt1_1.png?1607436056177 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 74d986f56c5ee88c038417c10d626e8e6ba182100c06a603c7c296cd69da328f Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 385836 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3038 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:33 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:33 GMT
GET H3	200	txt1_2.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	4 KB 4 KB	12ms 12ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/txt1_2.png?1607436056177 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8ed69fe012de9255a0662c46691693c154011e9042e1adf56759921a1f4a38e9 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 385836 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4437 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:33 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:33 GMT
GET H3	200	txt2.png tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/ Frame 9A16	2 KB 2 KB	10ms 9ms	Image image/png	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12540294092154453593/images/txt2.png?1607436056177 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a3de69e6337341b2a3b5dd38bf67b518ae04536f4094700c77f1d0718fd34578 Security Headers Name Value Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers content-security-policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none' x-content-type-options nosniff age 385835 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1841 x-xss-protection 0 last-modified Thu, 19 Aug 2021 14:10:37 GMT server sffe date Sat, 15 Jan 2022 01:05:34 GMT report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 15 Jan 2023 01:05:34 GMT
GET H2	200	casale match.adsrvr.org/track/cmf/ Frame 9E46	70 B 265 B	59ms 56ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/casale?gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	pixel cm.g.doubleclick.net/ Frame 9E46	170 B 502 B	40ms 38ms	Image image/png	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YegBCSTHds4Ux3CnO9mufgAABF0AAAAB&gdpr_consent=&us_privacy=&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dcm s.amazon-adsystem.com/ Frame 9E46 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YegBCSTHds4Ux3CnO9mufgAABF0AAAAB https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YegBCSTHds4Ux3CnO9mufgAABF0AAAAB&dcc=t	43 B 645 B	104ms 103ms	Image image/gif	209.54.180.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YegBCSTHds4Ux3CnO9mufgAABF0AAAAB&dcc=t Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 Protocol HTTP/1.1 Server 209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid TA8YA5YV936GKSJKVBCR Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Type image/gif Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT Vary Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent Server Server x-amz-rid 2DZQFM0ATSG49GY4DNAP Strict-Transport-Security max-age=47474747; includeSubDomains; preload p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Location https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YegBCSTHds4Ux3CnO9mufgAABF0AAAAB&dcc=t Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Permissions-Policy interest-cohort=() Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 9E46 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YegBCSTHds4Ux3CnO9mufgAA https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMKvkLQmr5LZRHzyOxLCkOA&google_cver=1&gdpr=1	43 B 1014 B	28ms 28ms	Image image/gif	104.89.29.100 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMKvkLQmr5LZRHzyOxLCkOA&google_cver=1&gdpr=1 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 Protocol HTTP/1.1 Server 104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-89-29-100.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 19 Jan 2022 12:16:09 GMT Redirect headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMKvkLQmr5LZRHzyOxLCkOA&google_cver=1&gdpr=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 325 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	CookieIndex rtb.adentifi.com/ Frame 9E46	0 88 B	443ms 101ms	Image text/plain	3.212.68.67 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.adentifi.com/CookieIndex Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.212.68.67 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-212-68-67.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Connection keep-alive Content-Length 0 Content-Type text/plain
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 9E46 Redirect Chain https://ums.acuityplatform.com/tum?umid=8 https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=641189475758	43 B 987 B	23ms 22ms	Image image/gif	104.89.29.100 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=641189475758 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 Protocol HTTP/1.1 Server 104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-89-29-100.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 19 Jan 2022 12:16:09 GMT Redirect headers access-control-allow-origin * content-length 0 location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=641189475758
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 9E46 Redirect Chain https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2b03d1d3-6f7c-4d30-a4ed-d4078147f6f7	43 B 1 KB	31ms 30ms	Image image/gif	104.89.29.100 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2b03d1d3-6f7c-4d30-a4ed-d4078147f6f7 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 Protocol HTTP/1.1 Server 104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-89-29-100.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 19 Jan 2022 12:16:09 GMT Redirect headers location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2b03d1d3-6f7c-4d30-a4ed-d4078147f6f7 date Wed, 19 Jan 2022 12:16:09 GMT server Apache-Coyote/1.1 content-length 0
GET H/1.1	200 OK	crum dsum-sec.casalemedia.com/ Frame 9E46 Redirect Chain https://beacon.lynx.cognitivlabs.com/ix.gif https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=72b36667-a558-4888-a443-79381ce96f54&expiration=1674130569	43 B 1 KB	23ms 22ms	Image image/gif	104.89.29.100 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=72b36667-a558-4888-a443-79381ce96f54&expiration=1674130569 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 Protocol HTTP/1.1 Server 104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-89-29-100.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Pragma no-cache Date Wed, 19 Jan 2022 12:16:09 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Wed, 19 Jan 2022 12:16:09 GMT Redirect headers location https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=72b36667-a558-4888-a443-79381ce96f54&expiration=1674130569 date Wed, 19 Jan 2022 12:16:09 GMT server Kestrel content-length 0
GET H2	200	ix-usync router.infolinks.com/dyn/ Frame 9E46	35 B 197 B	133ms 132ms	Image image/gif	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://router.infolinks.com/dyn/ix-usync?uid=YegBCSTHds4Ux3CnO9mufgAA%261117 Requested by Host: ssum-sec.casalemedia.com URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d Request headers Accept-Language de-DE,de;q=0.9 Referer https://ssum-sec.casalemedia.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON DSP NID OUR COR" content-type image/gif cache-control no-store, no-cache, private cf-ray 6cfffe1b5ce7e597-MAN content-length 35 expires Tue, 19 Jan 2021 12:16:09 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 7BFE	42 B 64 B	56ms 41ms	Fetch image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulO6U1-RMpqDSoFIkkJToO9a3Sxu_9VXWxeu-dI9bd9KjLmSrp7HXhTvp3Ia2rByT_gdQPZ6RFlspKtSlfFnD7HrIIFdrDzm9YG6BwmXgMIZHnsyf8&sig=Cg0ArKJSzECWuCYsrJS-EAE&id=lidar2&mcvt=1001&p=1110,436,1200,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220112&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1067700821&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642594568217&rpt=374&isd=0&lsd=0&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 6B9B	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f3d597ebdd208693f31f85100a6edad190ffd6ca211f2e9a4be5d9642ede4360 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Type image/png
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame 6B9B	0 0	43ms 43ms	Fetch image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssz9txaAnO1U-Vb9XqkF-upkpJ0Fst0bnnE1ALUukE0otpSkfq_tQuje6yjUZMc5b0zauY2k56R14lJ20ZtWL3aL7uWhkatuicFp4jza-iePDbvOriwOOVjejZc2Waq5JmlhmQ_UR5MbAzaW7JE9kF1X7WdhkWZC5xm5rRFod8ipIz-cVjEq8keAOYK4KZPkHOOyh-BeUdvcsAoxAVW7YMSxTPt4PexvgDxIRXTRIe0PUeNK7unYh49e4Ztrkhu75vN5onG9TM_H6JyIwKe9tFA9e8MTE5Aj7peOHHN3oookai9CgQzynO0GpphokyDPWE71WWuEmILQosCdDZ-OJaq8QTV&sai=AMfl-YR1ygPl36raVkO39-uD64ahlRgrWnGIlUgVIbKYcF_-tZUa0JitP_G_tFWNpVkYaHBp0I8cep7NVyJPWSnxdCHkbBBZoAw8LSgoxM77XPUt2eVG-IF0VqoktJ7Vl_Y&sig=Cg0ArKJSzO6vC6QejgbxEAE&uach_m=[UACH]&urlfix=1&adurl= Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers timing-allow-origin * date Wed, 19 Jan 2022 12:16:09 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe expires Wed, 19 Jan 2022 12:16:09 GMT
GET H2	200	in_search.js Show response resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/	123 KB 46 KB	52ms 52ms	Script application/javascript	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/in_search.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e0ed4b80efbb81a92a82a727735aa23cd0e64ba7f8fe99507b31154f3042b9ba Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers cf-ray 6cfffe1d5fc0e597-MAN date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status HIT last-modified Mon, 17 Jan 2022 12:23:36 GMT server cloudflare age 10711 etag W/"1eb61-5d5c638c3ad4d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 content-encoding gzip expires Fri, 18 Feb 2022 09:17:38 GMT
GET H2	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/	377 KB 125 KB	61ms 27ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e58bc10b3948106bc0f0d27a5d4951bc2c96aeab02674bbdb7a1c7a8637842d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:09 GMT content-encoding gzip x-content-type-options nosniff server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 127290 x-xss-protection 0 expires Wed, 19 Jan 2022 12:16:09 GMT
GET H2	200	container-1.0.html Show response resources.infolinks.com/static/ Frame 245E	430 B 468 B	70ms 68ms	Document text/html	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://resources.infolinks.com/static/container-1.0.html Requested by Host: resources.infolinks.com URL: https://resources.infolinks.com/js/1776.020-3.025.ab.1782.007-3.025/ice.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42307b6e2231b2de1535854ab77c8fd201f88822e3f87ca3c4e8d3624ce65678 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ Response headers date Wed, 19 Jan 2022 12:16:09 GMT content-type text/html; charset=UTF-8 last-modified Wed, 17 Nov 2021 13:25:02 GMT cache-control max-age=2592000 expires Fri, 18 Feb 2022 09:18:00 GMT via 1.1 google cf-cache-status HIT age 10689 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding server cloudflare cf-ray 6cfffe1d6fece597-MAN content-encoding gzip
GET H2	200	getads.htm Show response rt3056.infolinks.com/action/	125 B 305 B	614ms 613ms	Script text/html	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rt3056.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22d_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22d%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22articles%22%2C%22scs%22%3A%22BK0f90NKL6%22%7D%5D&rid=f4659c3f-4d56-46bb-a1d0-77fba86fb787&jsv=1776.020-3.025.ab.1782.007-3.025&sr=1600X1200&rts=1642594569860&cfv=-1&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=97.0.4692.71&dv=p&ce=t&purl=https%3A%2F%2Fwww.bakersfield.com%2Fap%2Fnational%2Fus-catches-kremlin-insider-who-may-have-secrets-of-2016-hack%2Farticle_a5ffaeba-f372-5f3b-a7db-2d5760b7e2c2.html&tzo=-0000&c=c&strg=true&rsd=9-HDSHqFufbtojaY1vdiAUHlIS3UDUB5FPW4kRiV17xvgz4Ck15QLwZ9-B5E9-WBJKrkOqThAt6kt7WPG8P-A2msllW8eo_vHrQ_tIeKRPHdDCxnlpKyPAUGhb7tKEfEmXazJWC5LDBXvbQpszHf1me0VXPEfaDI&rsk=47&rcs=1Ex3IPtCDr6xoOQyU5I0WA&hbnr=false Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5e153bbbee25ea7782cded1453876f24f5b83b5eca8a1f55888470fb69c2f1b Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:10 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare p3p CP="NON DSP NID OUR COR" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-language de-DE content-type text/html;charset=UTF-8 cache-control no-cache,no-store cf-ray 6cfffe1db893e597-MAN x-application-context application:prod expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Frame 245E Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_device_id=9dc9fcce-03de-4ee3-8b76-5040fedebb33=&partner_id=3337 https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=9dc9fcce-03de-4ee3-8b76-5040fedebb33=&partner_id=3337	95 B 425 B	18ms 18ms	Image image/png	35.227.248.159 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=9dc9fcce-03de-4ee3-8b76-5040fedebb33=&partner_id=3337 Requested by Host: resources.infolinks.com URL: https://resources.infolinks.com/static/container-1.0.html Protocol H2 Server 35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 159.248.227.35.bc.googleusercontent.com Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://resources.infolinks.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google content-type image/png alt-svc clear content-length 95 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Redirect headers location https://pixel.tapad.com/idsync/ex/receive/check?partner_device_id=9dc9fcce-03de-4ee3-8b76-5040fedebb33=&partner_id=3337 date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google alt-svc clear content-length 0 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	200	vidice.js Show response resources.infolinks.com/js/vidice/1.0/	620 KB 168 KB	67ms 66ms	Script application/javascript	172.66.41.9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://resources.infolinks.com/js/vidice/1.0/vidice.js Requested by Host: tagan.adlightning.com URL: https://tagan.adlightning.com/townnews/op.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 610a427b4b6da16af92fa70bc4ebc4bc85ab2fbfc59bfea7d01a58e78412c88a Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers cf-ray 6cfffe1e294fe597-MAN date Wed, 19 Jan 2022 12:16:09 GMT via 1.1 google cf-cache-status HIT last-modified Wed, 10 Jul 2019 15:15:02 GMT server cloudflare age 11016 etag W/"9b0d4-58d552435a78c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 content-encoding gzip expires Fri, 18 Feb 2022 09:12:33 GMT
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 2288	42 B 64 B	44ms 44ms	Image image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3J73QdB20tvDH8FSwiMbPVr9gt3GGaAai8v58xA2H-N_b7S3O4Ggh43MHkwWwgVZrr7PXdvXCh2V2xAs3D1Tlkq0ChRebi7zG6S7Miap008_xs8rwtQ&sai=AMfl-YTaYWFTBAo_MGnCNBvA7ca95eqAC8NMZZQdJxWYamrcH8rdW2X9RpihtH16QjM14vtD-n_bluwEKWIsb5iG-lcKmtE3zsnK9KSzCdrhfLEm3jOwiRKgXf8pyBb2HwM&sig=Cg0ArKJSzDpx3H3kDUXUEAE&id=ampim&o=315,233&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,0,1011,1011&tos=0,0,0,1011,0&tfs=976&tls=1987&g=100&h=100&tt=1987&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2559629021 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:09 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET BLOB	200 OK	8b2e0392-d4c5-4383-9000-9519cf6997a6 https://www.bakersfield.com/	31 B 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://www.bakersfield.com/8b2e0392-d4c5-4383-9000-9519cf6997a6 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers Content-Length 31 Content-Type application/javascript
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 6B9B	42 B 64 B	91ms 91ms	Fetch image/gif	2a00:1450:4001:812::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEU8GTl-Wl4s_IrzXkpqA79aQtR1Q9jo6u5NzcAUeRfoQQVXkjOb1Oz54Dw_MYDjMRb8uZ1hM6QXNRtTXmKNkQJhV88yGFAfcuGqFhjLVwglvVcba9&sig=Cg0ArKJSzO_te6lSH9_bEAE&id=lidar2&mcvt=1006&p=850,1040,1100,1340&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220112&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2773700724&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642594568073&rpt=1558&isd=0&lsd=0&met=ce&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.bakersfield.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Wed, 19 Jan 2022 12:16:10 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT