richmond.com Open in urlscan Pro
192.104.183.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dmhaslam.com/disarmse.php?utm_source=f7b2&utm_content=8
Effective URL:
https://richmond.com/
Submission: On February 07 via manual (February 7th 2022, 5:14:52 pm UTC) from GB — Scanned from GB

Summary HTTP 238 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 65 IPs in 5 countries across 44 domains to perform 238 HTTP transactions. The main IP is 192.104.183.109, located in United States and belongs to LEE-ASN, US. The main domain is richmond.com. The Cisco Umbrella rank of the primary domain is 149291.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on January 8th 2022. Valid for: 3 months.

This is the only time richmond.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	50.116.93.126 50.116.93.126	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
10	192.104.183.109 192.104.183.109	10668 (LEE-ASN) (LEE-ASN)
38	104.18.131.43 104.18.131.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.9 18.66.97.9	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
8	18.66.139.100 18.66.139.100	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
18	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
7	18.66.109.174 18.66.109.174	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2011	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2 10	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:808::2010	() ()
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	() ()
1	2600:9000:223... 2600:9000:223e:7400:2:36a1:2f40:21	() ()
1 2	107.178.250.234 107.178.250.234	() ()
1 3	13.32.121.21 13.32.121.21	() ()
2	2600:9000:225... 2600:9000:225e:c00:8:8845:1500:93a1	() ()
1	2a04:4e42::645 2a04:4e42::645	() ()
3 5	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	18.66.123.144 18.66.123.144	() ()
1	2606:4700:303... 2606:4700:3032::ac43:bb58	() ()
1 2	2a02:2638::1c 2a02:2638::1c	() ()
2	178.250.0.157 178.250.0.157	() ()
1 5	185.33.221.13 185.33.221.13	() ()
2	185.64.189.112 185.64.189.112	() ()
2	2602:803:c004... 2602:803:c004:200::141	() ()
2	34.149.20.76 34.149.20.76	() ()
1	2606:4700::68... 2606:4700::6810:125e	() ()
3	2a00:1450:400... 2a00:1450:4001:802::2003	() ()
2	34.102.205.239 34.102.205.239	() ()
2	104.18.29.199 104.18.29.199	() ()
1	2600:9000:223... 2600:9000:223c:9000:7:5031:dc0:21	() ()
2	2a00:1450:400... 2a00:1450:4001:810::2004	() ()
1 1	2600:1f18:730... 2600:1f18:730:b130:4896:6298:98c:bff0	() ()
1	52.2.140.242 52.2.140.242	() ()
1	54.235.123.142 54.235.123.142	() ()
1	67.202.105.23 67.202.105.23	() ()
3	2.18.232.130 2.18.232.130	() ()
2	104.109.78.125 104.109.78.125	() ()
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	() ()
4	67.202.105.33 67.202.105.33	() ()
2	2600:9000:225... 2600:9000:225e:1000:e:98bf:5f00:21	() ()
1	185.64.190.78 185.64.190.78	() ()
2	104.18.14.222 104.18.14.222	() ()
3 4	37.157.3.30 37.157.3.30	() ()
2 2	213.155.156.165 213.155.156.165	() ()
8	185.64.190.80 185.64.190.80	() ()
3 3	185.29.132.241 185.29.132.241	() ()
1	178.250.0.163 178.250.0.163	() ()
1 1	85.114.159.118 85.114.159.118	() ()
3 4	172.217.18.98 172.217.18.98	() ()
1	198.47.127.20 198.47.127.20	() ()
1	169.50.137.182 169.50.137.182	() ()
1	63.35.102.46 63.35.102.46	() ()
5	2600:9000:223... 2600:9000:223c:9e00:16:f02f:46c0:93a1	() ()
1	67.202.105.31 67.202.105.31	() ()
1	69.173.144.139 69.173.144.139	() ()
1	35.244.174.68 35.244.174.68	() ()
1 1	69.173.144.165 69.173.144.165	() ()
238	65

1 50.116.93.126 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: vps.radiofobia.com.br

dmhaslam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.104.183.109 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.newyork1.vip.townnews.com

richmond.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 104.18.131.43 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.newyork1.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-9.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.139.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-100.fra60.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-109-174.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

survey.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

c8a7c89b7eb4316383b2dbee3f32b34c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2010 (None, )

ASN- ()

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:7400:2:36a1:2f40:21 (None, )

ASN- ()

d81mfvml8p5ml.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (None, ) 1 redirects

ASN- ()

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.21 (None, ) 1 redirects

ASN- ()

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:c00:8:8845:1500:93a1 (None, )

ASN- ()

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::645 (None, )

ASN- ()

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.197.193.217 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.123.144 (None, )

ASN- ()

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:bb58 (None, )

ASN- ()

qnhtg9kbqjgw2izax.ay.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (None, ) 1 redirects

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (None, )

ASN- ()

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.13 (None, ) 1 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (None, )

ASN- ()

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2602:803:c004:200::141 (None, )

ASN- ()

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.20.76 (None, )

ASN- ()

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (None, )

ASN- ()

www.google.com.hk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.205.239 (None, )

ASN- ()

a.leetemplates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.29.199 (None, )

ASN- ()

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sc.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:9000:7:5031:dc0:21 (None, )

ASN- ()

dn1i8v75r669j.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:4896:6298:98c:bff0 (None, ) 1 redirects

ASN- ()

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.2.140.242 (None, )

ASN- ()

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.123.142 (None, )

ASN- ()

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (None, )

ASN- ()

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.130 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.202.105.33 (None, )

ASN- ()

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:1000:e:98bf:5f00:21 (None, )

ASN- ()

dkpklk99llpj0.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.14.222 (None, )

ASN- ()

cdn-sic.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.30 (None, ) 3 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.80 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.241 (None, ) 3 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (None, ) 3 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.102.46 (None, )

ASN- ()

am.freshrelevance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:223c:9e00:16:f02f:46c0:93a1 (None, )

ASN- ()

c8.dycdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (None, )

ASN- ()

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (None, )

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (None, )

ASN- ()

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (None, ) 1 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	townnews.com bloximages.newyork1.vip.townnews.com — Cisco Umbrella Rank: 12073 bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 16308	762 KB
29	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 survey.g.doubleclick.net — Cisco Umbrella Rank: 13043 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net	620 KB
16	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 473 hbopenbid.pubmatic.com image6.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com	147 KB
10	googlesyndication.com 2 redirects c8a7c89b7eb4316383b2dbee3f32b34c.safeframe.googlesyndication.com tpc.googlesyndication.com	691 KB
10	richmond.com richmond.com — Cisco Umbrella Rank: 149291	117 KB
8	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com	70 KB
8	google.com contributor.google.com — Cisco Umbrella Rank: 8637 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438 ampcid.google.com — Cisco Umbrella Rank: 1722 adservice.google.com — Cisco Umbrella Rank: 80 analytics.google.com www.google.com	10 KB
8	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1362	231 KB
7	tynt.com cdn.tynt.com sc.tynt.com ic.tynt.com de.tynt.com	8 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	56 KB
7	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 281	80 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 496	109 KB
6	rubiconproject.com 1 redirects fastlane.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com Failed token.rubiconproject.com	13 KB
5	dycdn.net c8.dycdn.net	2 KB
5	33across.com ssc.33across.com ssc-cms.33across.com cdn-sic.33across.com sic.33across.com Failed	115 KB
5	criteo.com 1 redirects gum.criteo.com mug.criteo.com dis.criteo.com	2 KB
5	googletagservices.com www.googletagservices.com	187 KB
5	adsrvr.org 3 redirects insight.adsrvr.org — Cisco Umbrella Rank: 624 match.adsrvr.org	2 KB
5	cloudfront.net d81mfvml8p5ml.cloudfront.net d1eoo1tco6rr5e.cloudfront.net dn1i8v75r669j.cloudfront.net dkpklk99llpj0.cloudfront.net	23 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	319 KB
4	adform.net 3 redirects c1.adform.net	2 KB
4	liadm.com 1 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com i.liadm.com Failed	15 KB
4	google.com.hk adservice.google.com.hk — Cisco Umbrella Rank: 21818 www.google.com.hk	1 KB
3	mathtag.com 3 redirects sync.mathtag.com	2 KB
3	facebook.com www.facebook.com	395 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	43 KB
3	facebook.net connect.facebook.net	135 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	leetemplates.com a.leetemplates.com	336 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5034	914 B
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 743	838 B
2	gstatic.com www.gstatic.com	13 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 2221 ad.crwdcntrl.net — Cisco Umbrella Rank: 6750 sync.crwdcntrl.net Failed	12 KB
1	rlcdn.com id.rlcdn.com
1	freshrelevance.com am.freshrelevance.com	5 KB
1	simpli.fi um.simpli.fi	612 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	cloudflare.com cdnjs.cloudflare.com	4 KB
1	ay.delivery qnhtg9kbqjgw2izax.ay.delivery	13 KB
1	mparticle.com jssdkcdns.mparticle.com identity.mparticle.com Failed	48 KB
1	googleapis.com storage.googleapis.com	27 KB
1	dmhaslam.com dmhaslam.com	2 KB
0	yahoo.com Failed ads.yahoo.com Failed pr-bh.ybp.yahoo.com Failed
238	44

	Domain	Requested by
34	bloximages.newyork1.vip.townnews.com	richmond.com bloximages.newyork1.vip.townnews.com
18	securepubads.g.doubleclick.net	richmond.com securepubads.g.doubleclick.net www.googletagservices.com
10	richmond.com	dmhaslam.com richmond.com
9	tpc.googlesyndication.com	2 redirects richmond.com tagan.adlightning.com
8	tagan.adlightning.com	richmond.com tagan.adlightning.com
7	www.google-analytics.com	www.googletagmanager.com richmond.com www.google-analytics.com
7	c.amazon-adsystem.com	richmond.com c.amazon-adsystem.com cdn-sic.33across.com
7	cdn.cookielaw.org	richmond.com cdn.cookielaw.org
5	c8.dycdn.net	dkpklk99llpj0.cloudfront.net
5	ib.adnxs.com	1 redirects ads.pubmatic.com acdn.adnxs.com
5	www.googletagservices.com	tagan.adlightning.com
5	www.googletagmanager.com	richmond.com www.googletagmanager.com
4	cm.g.doubleclick.net	3 redirects richmond.com
4	simage2.pubmatic.com	ads.pubmatic.com richmond.com
4	image2.pubmatic.com	ads.pubmatic.com richmond.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	ic.tynt.com	richmond.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	ads.pubmatic.com	richmond.com ads.pubmatic.com
4	bloximages.chicago2.vip.townnews.com	richmond.com
3	match.adsrvr.org	2 redirects richmond.com
3	sync.mathtag.com	3 redirects
3	www.facebook.com	richmond.com
3	acdn.adnxs.com	ads.pubmatic.com cdn-sic.33across.com
3	www.google.com.hk	richmond.com
3	sb.scorecardresearch.com	1 redirects dmhaslam.com richmond.com
3	connect.facebook.net	dmhaslam.com connect.facebook.net
3	survey.g.doubleclick.net	richmond.com survey.g.doubleclick.net
2	d5p.de17a.com	2 redirects
2	cdn-sic.33across.com	tagan.adlightning.com
2	dkpklk99llpj0.cloudfront.net	d81mfvml8p5ml.cloudfront.net
2	eus.rubiconproject.com	ads.pubmatic.com eus.rubiconproject.com
2	www.google.com	richmond.com
2	a.leetemplates.com	storage.googleapis.com
2	ssc.33across.com	ads.pubmatic.com
2	fastlane.rubiconproject.com	ads.pubmatic.com
2	hbopenbid.pubmatic.com	ads.pubmatic.com
2	mug.criteo.com	richmond.com
2	gum.criteo.com	1 redirects
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	b-code.liadm.com	www.googletagmanager.com tagan.adlightning.com
2	js.matheranalytics.com	1 redirects richmond.com
2	adservice.google.com	tagan.adlightning.com
2	adservice.google.co.uk	tagan.adlightning.com
2	geolocation.onetrust.com	cdn.cookielaw.org
2	www.gstatic.com	richmond.com
1	token.rubiconproject.com	1 redirects
1	id.rlcdn.com	richmond.com
1	pixel.rubiconproject.com	richmond.com
1	de.tynt.com	cdn.tynt.com
1	am.freshrelevance.com	tagan.adlightning.com dkpklk99llpj0.cloudfront.net
1	um.simpli.fi	richmond.com
1	image4.pubmatic.com	richmond.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	sc.tynt.com	tagan.adlightning.com
1	ssc-cms.33across.com	ads.pubmatic.com
1	www.i.matheranalytics.com	richmond.com
1	rp4.liadm.com	richmond.com
1	rp.liadm.com	1 redirects
1	dn1i8v75r669j.cloudfront.net	d81mfvml8p5ml.cloudfront.net
1	cdn.tynt.com	tagan.adlightning.com
1	analytics.google.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	bloximages.newyork1.vip.townnews.com
1	qnhtg9kbqjgw2izax.ay.delivery	www.googletagmanager.com
1	d1eoo1tco6rr5e.cloudfront.net	www.googletagmanager.com
1	jssdkcdns.mparticle.com	dmhaslam.com
1	d81mfvml8p5ml.cloudfront.net	www.googletagmanager.com
1	storage.googleapis.com	www.googletagmanager.com
1	ad.crwdcntrl.net	tagan.adlightning.com
1	c8a7c89b7eb4316383b2dbee3f32b34c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ampcid.google.com	www.google-analytics.com
1	adservice.google.com.hk	survey.g.doubleclick.net
1	fundingchoicesmessages.google.com	richmond.com
1	contributor.google.com	richmond.com
1	tags.crwdcntrl.net	richmond.com
1	dmhaslam.com
0	i.liadm.com Failed	tagan.adlightning.com
0	sic.33across.com Failed	tagan.adlightning.com
0	identity.mparticle.com Failed	jssdkcdns.mparticle.com
0	pr-bh.ybp.yahoo.com Failed	richmond.com
0	ads.yahoo.com Failed	richmond.com
0	sync.crwdcntrl.net Failed	richmond.com
238	84

This site contains links to these domains. Also see Links.

Domain
www.stringr.com
reviews.richmond.com
www.timesdispatchstore.com
www.google.com
us59.dayforcehcm.com
bloxcms.com
townnews.com
cookiepedia.co.uk
onetrust.com

Subject Issuer	Validity	Valid
richmond.com ZeroSSL ECC Domain Secure Site CA	`2022-01-08` - `2022-04-08`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-09` - `2022-04-09`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.adlightning.com Amazon	`2021-06-24` - `2022-07-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.google.com.hk GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-17` - `2022-02-15`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
jssdkcdns.mparticle.com R3	`2021-12-27` - `2022-03-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-06` - `2022-05-05`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2022-01-23` - `2022-04-23`	3 months	crt.sh
a.leetemplates.com GTS CA 1D4	`2021-12-15` - `2022-03-15`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.i.matheranalytics.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.freshrelevance.com Amazon	`2021-06-16` - `2022-07-15`	a year	crt.sh
*.dycdn.net Amazon	`2021-04-11` - `2022-05-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://richmond.com/
Frame ID: FA853906714598759CF4AA4229B1769C
Requests: 162 HTTP requests in this frame

Frame: https://c8a7c89b7eb4316383b2dbee3f32b34c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 204C65563F228322C5318BC2BD8939CA
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 9DA4A87955214C68CC3047B74B796F1E
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Frame ID: 837C3754D3689C894553A8078DA00E89
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Frame ID: FF5914C5F29E166B8115551C8C39CC4C
Requests: 4 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Frame ID: D5EBEA6C88AFF1079E2D1F783E2946D6
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160516
Frame ID: 7AFE799A7A333D9D7D486F38A3E895A2
Requests: 11 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bYLXQOKxGr65fKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 96D945EF39AB89B5A263C06770738F5A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5E41FBDCA0F67FDD25A05C85C0D79D90
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1B29BF6C60E3A3C570E508BF9E88F9A3
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CA1085C0FB440E2F0EE513D09D407A17
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160516
Frame ID: 0FACF96207C6FC8CA77FC4C933E89AF3
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1396CCDD56C6108CDA9A90566643AFFB
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Frame ID: 206B2665EB7A5BCA76F2F76A7B228438
Requests: 7 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E1F1F024-61F0-4B39-ADA4-B5F41BC98123
Frame ID: 43B7FF97FCEFEBAD96FAC4499DA0C34C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1701617817024180129
Frame ID: AA4301F86F6C29A8FB916FE0057315FB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4dec6201-5389-4700-bec5-ebd3546aa977&gdpr=0&gdpr_consent=
Frame ID: 571F88FFFF00E850898584E0C8A45E2F
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A260B60FBF59539BF46EEB60FEABF8DA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7062017538590636183
Frame ID: DA4BA17A8AAB311BA159D8CB9FFC4618
Requests: 1 HTTP requests in this frame

Frame: https://am.freshrelevance.com/tpc/
Frame ID: 1528DD0D7B579AD67C3531B028F56450
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Frame ID: A1104211A4A168B6A984BF25ECE3B1C1
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 08511E0AE3E5505E5339B499F5E0A09D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: B2D70C8F87B6638D06B2B10C310B227F
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 5C017834A7877E09C749224CE0C23E39
Requests: 2 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-0584?s=&cim=&ps=true&ls=true&duid=e481f3521b07--01fvajwn9ae2h233j7tky90akz&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YYN&
Frame ID: 9DC9CE6721CD28216C692F8B0E84AF77
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Richmond News | Richmond Times-Dispatch | Richmond, Virginia news, business, sports, entertainment, restaurants, events, arts and shoppingBack ButtonSearch IconFilter IconArrow

Page URL History Show full URLs

http://dmhaslam.com/disarmse.php?utm_source=f7b2&utm_content=8 Page URL
https://richmond.com/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

238
Requests

86 %
HTTPS

41 %
IPv6

44
Domains

84
Subdomains

65
IPs

5
Countries

3881 kB
Transfer

9134 kB
Size

12
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.stringr.com/xlTFfUGCrP3
Title: Share video

Search URL Search Domain Scan URL

URL: https://reviews.richmond.com/
Title: Buyer's Guide

Search URL Search Domain Scan URL

URL: https://www.timesdispatchstore.com/
Title: RTD Merchandise

Search URL Search Domain Scan URL

URL: https://www.timesdispatchstore.com/product/clares-kitchen/

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//5419%20PATTERSON%20AVENUE%2BRICHMOND%2BVA%2B23226
Title: 5419 PATTERSON AVENUE, RICHMOND, VA 23226

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//PULL%20ACCT%20END%20OF%20MONTH%2BRICHMOND%2BVA%2B23219
Title: PULL ACCT END OF MONTH, RICHMOND, VA 23219

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/dir//401%20N.%20THIRD%20ST.%2BRICHMOND%2BVA%2B23219
Title: 401 N. THIRD ST., RICHMOND, VA 23219

Search URL Search Domain Scan URL

URL: https://us59.dayforcehcm.com/CandidatePortal/en-US/leeenterprises/SITE/CANDIDATEPORTAL
Title: Join our Team

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://townnews.com/
Title: TownNews.com

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dmhaslam.com/disarmse.php?utm_source=f7b2&utm_content=8 Page URL
https://richmond.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://js.matheranalytics.com/s/ma1527/725149342/lee/ml.js?cb=1586 HTTP 301
https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js

Request Chain 98

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

Request Chain 105

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frichmond.com%2F&domain=richmond.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=FSzM_Hw1ckhVSC9CYURURHkvYjB3bmRSbWtkQm5MTWJzK3Z1TkxlbEQ2bTk2V1drZEtWaU0zeFhJR1NGbjIrNDlzVnFRaXNNVTBPbURyT0kxd0Z3SzZ4WGdneUtVT1lFQnZrRzFNbzgySEhKdU1OSnJrSmtJWEZnMjNtZ1lPVnZIa1J6ZERhUWIxaHhhU285V2h0WW9zbEhTS2FRaHNCRXJONCtUOFE4STBxZzIrSUY1NVdvZUhENnEyYytVVGRIdmNwbEJxU2N2eFQwOFJtQW4yTVdxZm5Hbk5CQ0ZpcTQ1SlBtYW5iZDhBY0Vob2U4PXw&cppv=2

Request Chain 119

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODg5f3zJhABGAEyCBjdPcJyKPHM HTTP 301
https://tpc.googlesyndication.com/simgad/6995408777118312465

Request Chain 120

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODg5f2FfBABGAEyCBm2NHVD_6jX HTTP 301
https://tpc.googlesyndication.com/simgad/918769758783737280

Request Chain 129

https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1644254090512&ns_c=UTF-8&cv=3.5&c8=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&c7=https%3A%2F%2Frichmond.com%2F&c9=http%3A%2F%2Fdmhaslam.com%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1644254090512&ns_c=UTF-8&cv=3.5&c8=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&c7=https%3A%2F%2Frichmond.com%2F&c9=http%3A%2F%2Fdmhaslam.com%2F

Request Chain 150

https://rp.liadm.com/j?dtstmp=1644254090727&aid=a-0584&se=e30&duid=e481f3521b07--01fvajwn9ae2h233j7tky90akz&tna=v2.3.0&pu=https%3A%2F%2Frichmond.com%2F&ext__pubcid=401fdea2-76a4-4ed8-8f03-4551b3bebd58&us_privacy=1YYN&wpn=lc-bundle&refr=http%3A%2F%2Fdmhaslam.com%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlJlYWQgYnJlYWtpbmcgUmljaG1vbmQgbmV3cywgSGVucmljbyBDb3VudHksIGFuZCB0aGUgTWV0cm9wb2xpdGFuIEFyZWEgb2YgVmlyZ2luaWEuIFRoZSBsYXRlc3Qgd2VhdGhlciwgY3JpbWUsIHBvbGl0aWNzLCBhbmQgbW9yZSBmcm9tIHRoZSBSaWNobW9uZCBUaW1lcy4iPjx0aXRsZT5SaWNobW9uZCBOZXdzIHwgUmljaG1vbmQgVGltZXMtRGlzcGF0Y2ggfCBSaWNobW9uZCwgVmlyZ2luaWEgbmV3cywgYnVzaW5lc3MsIHNwb3J0cywgZW50ZXJ0YWlubWVudCwgcmVzdGF1cmFudHMsIGV2ZW50cywgYXJ0cyBhbmQgc2hvcHBpbmc8L3RpdGxlPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPjx0aXRsZT5BcnJvdzwvdGl0bGU- HTTP 302
https://rp4.liadm.com/j?dtstmp=1644254090727&aid=a-0584&se=e30&duid=e481f3521b07--01fvajwn9ae2h233j7tky90akz&tna=v2.3.0&pu=https%3A%2F%2Frichmond.com%2F&ext__pubcid=401fdea2-76a4-4ed8-8f03-4551b3bebd58&us_privacy=1YYN&wpn=lc-bundle&refr=http%3A%2F%2Fdmhaslam.com%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlJlYWQgYnJlYWtpbmcgUmljaG1vbmQgbmV3cywgSGVucmljbyBDb3VudHksIGFuZCB0aGUgTWV0cm9wb2xpdGFuIEFyZWEgb2YgVmlyZ2luaWEuIFRoZSBsYXRlc3Qgd2VhdGhlciwgY3JpbWUsIHBvbGl0aWNzLCBhbmQgbW9yZSBmcm9tIHRoZSBSaWNobW9uZCBUaW1lcy4iPjx0aXRsZT5SaWNobW9uZCBOZXdzIHwgUmljaG1vbmQgVGltZXMtRGlzcGF0Y2ggfCBSaWNobW9uZCwgVmlyZ2luaWEgbmV3cywgYnVzaW5lc3MsIHNwb3J0cywgZW50ZXJ0YWlubWVudCwgcmVzdGF1cmFudHMsIGV2ZW50cywgYXJ0cyBhbmQgc2hvcHBpbmc8L3RpdGxlPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPjx0aXRsZT5BcnJvdzwvdGl0bGU-&i6=MmEwMTo0YTA6MmM6Ojk%3D&n3pc=true

Request Chain 183

https://c1.adform.net/serving/cookie/match?party=14&cid=E1F1F024-61F0-4B39-ADA4-B5F41BC98123 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E1F1F024-61F0-4B39-ADA4-B5F41BC98123

Request Chain 184

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1701617817024180129

Request Chain 185

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4dec6201-5389-4700-bec5-ebd3546aa977&gdpr=0&gdpr_consent=

Request Chain 187

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7062017538590636183

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4fHwJGHwSzmtpLX0G8mBIw%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 189

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e7266201-5389-4e00-a8e3-01507dd90c4c

Request Chain 190

https://pixel.onaudience.com/?partner=214&mapped=E1F1F024-61F0-4B39-ADA4-B5F41BC98123 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=566e419ccae4e19d8746d38b4d18470c HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D

Request Chain 191

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTFGMUYwMjQtNjFGMC00QjM5LUFEQTQtQjVGNDFCQzk4MTIz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 192

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEE4U1_09iy3oOgqejEqzgM&google_cver=1

Request Chain 194

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1118248356666793168

Request Chain 195

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2e6c390c-3ec6-4220-bae3-c39c7ed5b0ee

Request Chain 196

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8046412152946258786&gdpr=0&gdpr_consent=

Request Chain 211

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1YYN HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1YYN&_test=YgFTigAEd_Cd2wBB HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgFTigAEd_Cd2wBB&us_privacy=1YYN&_test=YgFTigAEd_Cd2wBB

Request Chain 212

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YYN HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGaKI1Dv5GQnWE71GrD9GOw&google_cver=1

Request Chain 213

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1YYN HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4dec6201-5389-4700-bec5-ebd3546aa977&expires=28

Request Chain 215

https://token.rubiconproject.com/token?pid=26594&us_privacy=1YYN HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZCYFIQ8-1O-IYU9&sigv=1&esig=2~96e939ebec454e2af30b440d24fe7a956156ec0c&us_privacy=1YYN

Request Chain 216

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YYN HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/oTYNrvhw7aiUmFo_Crr5VMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1YYN

Request Chain 217

https://token.rubiconproject.com/token?pid=25470&us_privacy=1YYN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pDWUZJUTgtMU8tSVlVOQ==&us_privacy=1YYN

238 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK disarmse.php Show response
dmhaslam.com/ 5 KB
2 KB 1079ms
923ms Document
text/html 50.116.93.126
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://dmhaslam.com/disarmse.php?utm_source=f7b2&utm_content=8
Protocol: HTTP/1.1
Server: 50.116.93.126 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: vps.radiofobia.com.br
Software: nginx/1.19.10 /
Resource Hash: 52e60d9d73f638113d96ea4e17081c27c11c407c37789fa18f870036c8375f69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Date: Mon, 07 Feb 2022 17:14:44 GMT
Server: nginx/1.19.10
Content-Type: text/html; charset=utf-8
Content-Length: 2097
Expires: Mon, 07 Feb 2022 16:44:44 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Pragma: no-cache
Last-Modified: Mon, 07 Feb 2022 16:14:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false
X-Accel-Expires: 10800

GET
H2 200 Primary Request / Show response
richmond.com/ 528 KB
72 KB 560ms
223ms Document
text/html 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://richmond.com/

Requested by

Host: dmhaslam.com
URL: http://dmhaslam.com/disarmse.php?utm_source=f7b2&utm_content=8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

192.104.183.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.newyork1.vip.townnews.com

Software

Resource Hash

eb88c63564f3f922d34da97ea59e6f5dbf7f03aa436998d122a83beab3982189

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://dmhaslam.com/

Response headers

date: Mon, 07 Feb 2022 16:52:17 GMT
content-type: text/html; charset=UTF-8
x-loop: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 07 Feb 2022 16:52:15 GMT
x-robots-tag: noarchive
x-xrds-location: https://richmond.com/tncms/xrds/
x-ua-compatible: IE=edge
link: <https://bloximages.newyork1.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.394adeeb6831ca20cb80bc3489a2f345.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js>; rel=preload; as=script <https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script <https://cdn.cookielaw.org/scripttemplates/otSDKStub.js>; rel=preload; as=script
x-tncms: 1.61.1; app9; 1.73s; 12.4M
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
etag: W/bdf9279ed79c5276de733ab99b088898
content-encoding: gzip
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
age: 1349
cache-control: public, max-age=10
x-vcache: HIT
accept-ranges: bytes
content-length: 71380

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 221ms
103ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4350466
cf-ray: 6d9e41ab1f9e75d8-LHR
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: HIT
server: cloudflare
etag: W/"60e609f2-1882c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 Aug 2022 19:01:20 GMT

GET
H2 200 user.js Show response
richmond.com/shared-content/art/tncms/user/ 11 KB
4 KB 114ms
111ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://richmond.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: f5ec567cf8be00ed763cfe83ec5d8729a3287e4139897df9644fd261c6ca1bed

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:13:54 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 20:16:24 GMT
age: 51
etag: W/"61f2fd98-2c76"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 4103
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 172ms
56ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4350466
cf-ray: 6d9e41ab1fa175d8-LHR
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 05:33:44 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
12 KB 216ms
100ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4350466
cf-ray: 6d9e41ab1f9f75d8-LHR
last-modified: Wed, 05 May 2021 20:06:42 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fad2-8154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 06:07:49 GMT

GET
H2 200 tnt.394adeeb6831ca20cb80bc3489a2f345.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 9 KB
3 KB 219ms
104ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.394adeeb6831ca20cb80bc3489a2f345.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a769d4bf461200d7c95adb57e300810ce0c5e61951f031755e91aad1329c4691

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2840193
cf-ray: 6d9e41ab582875d8-LHR
last-modified: Tue, 04 Jan 2022 21:06:17 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61d4b6c9-25b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 05 Jan 2023 20:01:13 GMT

GET
H2 200 application.cb897187c4718280fd69d2e6d6c3909d.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 218ms
104ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4350466
cf-ray: 6d9e41ab582975d8-LHR
last-modified: Wed, 05 May 2021 20:06:24 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fac0-104a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 16:04:38 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
963 B 256ms
142ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4242491
cf-ray: 6d9e41ab582a75d8-LHR
last-modified: Tue, 06 Jul 2021 13:05:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45508-9ae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:12 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 147ms
53ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zadN1tnUFXNBOXe6vsJdDg==
age: 6121
vary: Accept-Encoding
content-length: 6456
x-ms-lease-status: unlocked
last-modified: Mon, 07 Feb 2022 03:35:31 GMT
server: cloudflare
etag: 0x8D9E9EAE465636F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0429005d-b01e-014b-73f4-1baf29000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d9e41aafddd886d-LHR

GET
H2 200 bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 136ms
57ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.c58a1beaa3640fa94c3db09673c4d95c.css

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2840193
cf-ray: 6d9e41ab1f9275d8-LHR
last-modified: Tue, 04 Jan 2022 21:06:09 GMT
x-vcache: HIT
server: cloudflare
etag: W/"61d4b6c1-1ab8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 05 Jan 2023 20:01:13 GMT

GET
H2 200 layout.2ce6292643f5129895871a2478a4614d.css
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 150 KB
27 KB 141ms
61ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.2ce6292643f5129895871a2478a4614d.css

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5893bd080d50d15706acc7a4a216160ed89641c7f7ef286418a57ca2d684d744

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2841051
cf-ray: 6d9e41ab1f9575d8-LHR
last-modified: Tue, 04 Jan 2022 21:07:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61d4b70a-25797"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Thu, 05 Jan 2023 20:01:13 GMT

GET
H2 200 lee.ds.css
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/ 63 KB
12 KB 139ms
60ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1643958019

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e5d9f3b6226d8da686e31f39402f803d1bf63da4885179c059cde073188847c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 290785
cf-ray: 6d9e41ab1f9775d8-LHR
last-modified: Fri, 04 Feb 2022 07:00:19 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61fccf03-fb26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 04 Feb 2023 07:05:24 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 137ms
59ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4242491
cf-ray: 6d9e41ab1f9d75d8-LHR
last-modified: Fri, 16 Apr 2021 14:04:22 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60799966-189c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 05:33:44 GMT

GET
H2 200 owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
1 KB 140ms
61ms Stylesheet
text/css 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4242491
cf-ray: 6d9e41ab1f9975d8-LHR
last-modified: Fri, 16 Apr 2021 14:04:27 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6079996b-12b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Sat, 23 Apr 2022 07:07:48 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/6894/ 38 KB
11 KB 189ms
64ms Script
application/json 18.66.97.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 07 Feb 2022 06:10:12 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 16:50:47 GMT
server: AmazonS3
age: 39875
etag: W/"8cd042d9f203fe2e01747c7444f95498"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: fRpMzI2P-xZ03OHZbSvsikjmVrzr5SbVhIVM_fKmfSY6ciykbcyJIg==

GET
H2 200 access.js Show response
richmond.com/shared-content/art/tncms/api/ 86 KB
34 KB 111ms
111ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://richmond.com/shared-content/art/tncms/api/access.js
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de

Request headers

Referer: https://richmond.com/
Origin: https://richmond.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:13:37 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 21:16:30 GMT
age: 69
etag: W/"61b2722e-15686"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 34923
service-worker-allowed: /

GET
H2 200 user-controls.578df3df79d812af55ab13bae47f9857.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 532 B
419 B 64ms
60ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 331215
cf-ray: 6d9e41ac2a4c75d8-LHR
last-modified: Wed, 05 May 2021 20:06:25 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fac1-214"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 06:07:49 GMT

GET
H2 200 owl.carousel.66c591eb93f177b0f59892f361c3b1b4.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 40 KB
11 KB 60ms
56ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.66c591eb93f177b0f59892f361c3b1b4.js

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2bedb8d9b818971c16b394180d1decd7e9993d6d6bcc0656637fa4a2e0ef191

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4242492
cf-ray: 6d9e41ac2a4e75d8-LHR
last-modified: Wed, 05 May 2021 20:06:46 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fad6-9fe8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 05:41:26 GMT

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 68ms
65ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4242492
cf-ray: 6d9e41ac2a5375d8-LHR
last-modified: Tue, 06 Jul 2021 13:05:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45507-db8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:14 GMT

GET
H2 200 tnt.notify.panel.d7dc4795339f38cc067ead9f2f5ef1fb.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 6 KB
2 KB 59ms
55ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.d7dc4795339f38cc067ead9f2f5ef1fb.js

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff30298cb08600b21e18d99439aab14c6616c4436c5183aeeb1b47f68994448

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4242492
cf-ray: 6d9e41ac2a5575d8-LHR
last-modified: Tue, 06 Jul 2021 13:05:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45508-19d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 06 Jul 2022 19:01:15 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 181ms
54ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 04:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="firebase-js"
expires: Sat, 04 Feb 2023 04:41:41 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 184ms
57ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 05 Feb 2022 09:09:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Feb 2023 09:09:57 GMT

GET
H2 200 messaging.js Show response
richmond.com/shared-content/art/tncms/api/ 4 KB
1 KB 114ms
111ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://richmond.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:12:31 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 20:16:24 GMT
age: 135
etag: W/"61f2fd98-11aa"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1259
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
247 B 181ms
104ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4242491
cf-ray: 6d9e41ab582b75d8-LHR
last-modified: Wed, 05 May 2021 20:07:21 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092faf9-c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 06:07:49 GMT

GET
H2 200 tracking.js Show response
richmond.com/shared-content/art/tncms/ 3 KB
1 KB 111ms
111ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://richmond.com/shared-content/art/tncms/tracking.js
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:13:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Jan 2022 20:16:24 GMT
age: 88
etag: W/"61f2fd98-a4b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 1149
service-worker-allowed: /

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 78ms
75ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c020f54c248a55614e1dbe7002ac03e4a6ed263a6e9d460621b4894add76efcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kdqkvU4KECv4erbHaj7Yfg==
age: 9456
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 21 Dec 2021 17:26:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e2ed5765-501e-00cd-7699-f6bdae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6d9e41ac29e0886d-LHR

GET
H2 200 fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 253 KB
91 KB 69ms
66ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4242492
cf-ray: 6d9e41ac3a5775d8-LHR
last-modified: Wed, 25 Aug 2021 16:36:45 GMT
x-vcache: HIT
server: cloudflare
etag: W/"6126719d-3f553"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 31 Aug 2022 19:01:20 GMT

GET
H2 200 tracker.js Show response
richmond.com/shared-content/art/stats/common/ 9 KB
3 KB 159ms
159ms Script
application/x-javascript 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://richmond.com/shared-content/art/stats/common/tracker.js
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:12:38 GMT
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 16:46:36 GMT
age: 128
etag: W/"60e72bec-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
x-vcache: HIT
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 richmond.com.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/ 2 KB
2 KB 78ms
58ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/richmond.com.png?_dc=Feb.Mon.2022

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ae19499f2cd0d07598e4afa827bd105cce3317a34c2896232b9b7d30a8cb22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
vary: Accept
cf-cache-status: HIT
age: 38108
cf-polished: origFmt=png, origSize=3399
last-modified: Mon, 03 Aug 2020 22:06:08 GMT
content-disposition: inline; filename="richmond.webp"
content-length: 2228
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5f288a50-d47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 07 Feb 2023 05:00:01 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41ac4a9f75d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 122a3ff8-d673-11ea-b84c-43abccb4eea2.png
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/custom/image/ 2 KB
2 KB 57ms
55ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/custom/image/122a3ff8-d673-11ea-b84c-43abccb4eea2.png

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83cd704cd6cc7d0c9195db1d31dd3498e8ba08ade15abad26a2dfacb187c5559

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
vary: Accept
cf-cache-status: HIT
age: 413683
cf-polished: origFmt=png, origSize=1730
last-modified: Tue, 04 Aug 2020 16:53:50 GMT
content-disposition: inline; filename="122a3ff8-d673-11ea-b84c-43abccb4eea2.webp"
content-length: 1618
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5f29929e-6c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 02 Feb 2023 20:33:40 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41ac3a5875d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 0b678fcc-d673-11ea-b84c-cb65ebc881e6.png
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/custom/image/ 9 KB
9 KB 60ms
58ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/custom/image/0b678fcc-d673-11ea-b84c-cb65ebc881e6.png?resize=640%2C62

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b40d1ba6824e021fa643232f388290e7cd4f5839ec849e2011281c4afda892f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
vary: Accept
cf-cache-status: HIT
age: 23569
cf-polished: origFmt=png, origSize=10266
last-modified: Tue, 04 Aug 2020 16:53:38 GMT
content-disposition: inline; filename="0b678fcc-d673-11ea-b84c-cb65ebc881e6.webp"
content-length: 8752
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "0f493013fc48721c4f7dae86deabe46d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 03 Feb 2023 19:36:53 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41ac3a5975d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 syd-logo.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/deal-widget/ 3 KB
3 KB 87ms
68ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/deal-widget/syd-logo.png?_dc=22.02.07.11

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45782508a28c1f03ebbfd53a3f172c85e77877a18b612b6dd23819cdc35dc54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
vary: Accept
cf-cache-status: HIT
age: 2277
cf-polished: origFmt=png, origSize=5232
last-modified: Tue, 29 Sep 2020 18:46:10 GMT
content-disposition: inline; filename="syd-logo.webp"
content-length: 2988
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5f7380f2-1470"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 07 Feb 2023 16:00:22 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41ac4aa275d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 18f6db48-d673-11ea-b84c-871ff01033ec.png
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/custom/image/ 5 KB
5 KB 66ms
63ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/custom/image/18f6db48-d673-11ea-b84c-871ff01033ec.png?resize=400%2C39

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca03dbe1c023b4686015bc45773bc4e7442bfece719b59ce9120aaffbde37bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
vary: Accept
cf-cache-status: HIT
age: 4239844
cf-polished: origFmt=png, origSize=5780
last-modified: Tue, 04 Aug 2020 16:54:01 GMT
content-disposition: inline; filename="18f6db48-d673-11ea-b84c-871ff01033ec.webp"
content-length: 4898
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "030289a2037ccd59e7c03dde80b45613"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 02 Dec 2022 19:04:30 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41ac3a5c75d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 48 KB
19 KB 183ms
62ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a16f3da7062338d2534bf13f292376ac6af6b80600d59d5bc28b6c40000eef7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: 2y5zrTXaGPXvJIK.Ms3w5omzJMZU.KiE
content-encoding: gzip
etag: "e6f63971f8ac2360e69d7256fe77b27e"
age: 1082
x-cache: Hit from cloudfront
content-length: 19493
x-amz-meta-git_commit: db72251
last-modified: Sun, 06 Feb 2022 18:32:40 GMT
server: AmazonS3
date: Mon, 07 Feb 2022 16:57:17 GMT
content-type: application/javascript
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
x-amz-cf-id: pUf8BEWFdCYJ-ua8QX6wEP7wdULEKrskGKyXRlms2pcE9yQnTQYSAQ==

GET
H2 200 dmp.reactive.0e53d3f9d235eed93a6018d451147284.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 510 B
411 B 69ms
66ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/dmp.reactive.0e53d3f9d235eed93a6018d451147284.js

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ddd466f2537ff1e7c620b9f5d3c50229baa530655c61abbdc412cf7b6c7fd5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 304716
cf-ray: 6d9e41ac2a3e75d8-LHR
last-modified: Wed, 05 May 2021 20:06:25 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6092fac1-1fe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Wed, 25 May 2022 06:52:44 GMT

GET
H2 200 dfp.floor.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/ 177 B
398 B 85ms
64ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/dfp.floor.js?_dc=020711

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7c352e1ba053704a4c464da3ab9ab2562b5986a4ef42c6e88e8c362da5d6ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4217
cf-ray: 6d9e41ac4a9e75d8-LHR
last-modified: Fri, 04 Feb 2022 06:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61fcc0e5-b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Tue, 07 Feb 2023 11:06:05 GMT

GET
H2 200 dfp.lazy.pwt.js Show response
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 14 KB
4 KB 74ms
70ms Script
application/x-javascript 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.pwt.js?_dc=1643871620

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

587358e353a326b4dd31335a33506558f4b03d04b9524680e8f744417e8d5c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 376322
cf-ray: 6d9e41ac2a4a75d8-LHR
last-modified: Thu, 03 Feb 2022 07:00:20 GMT
x-vcache: MISS
server: cloudflare
etag: W/"61fb7d84-36e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
expires: Fri, 03 Feb 2023 07:05:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 177 KB
59 KB 189ms
71ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa30e9720dd284ac00b9938f95e1a82fa508a18e420f7704ef74cd749149ae93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60383
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 17:14:47 GMT

GET
H2 200 loader.js Show response
contributor.google.com/scripts/b765fd5c002b8ec/ 0
1 KB 226ms
67ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/b765fd5c002b8ec/loader.js

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+C9hWrClILR4vqRCwjavag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorContributorHttp"
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ContributorContributorHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorContributorHttp/external"}]}
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=31536000
content-security-policy: script-src 'report-sample' 'nonce-+C9hWrClILR4vqRCwjavag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorContributorHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorContributorHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorContributorHttp/cspreport
expires: Mon, 07 Feb 2022 17:14:47 GMT

GET
H2 200 AGSKWxWx7yQUhe008vdbx7qOwWhCKmR-osSuFC3DDyvCm_K_nNMTjE2EGmV28JFHdjHcINdbHwRu0oRU4n5mb0jEyQ== Show response
fundingchoicesmessages.google.com/f/ 15 KB
7 KB 215ms
79ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWx7yQUhe008vdbx7qOwWhCKmR-osSuFC3DDyvCm_K_nNMTjE2EGmV28JFHdjHcINdbHwRu0oRU4n5mb0jEyQ==

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb399a9bad20f3b1492350696544ea96bad5c0ba489db220928b04d165edeee4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KH1uxrDaBEUClWM/3fUYeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KH1uxrDaBEUClWM/3fUYeQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-KH1uxrDaBEUClWM/3fUYeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KH1uxrDaBEUClWM/3fUYeQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 289ms
144ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

c7426aeff151d2fdfb04dd358dbb59dce9a28886ed66e6ac3f2eb72cc95fdfd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27250
x-xss-protection: 0
server: sffe
etag: "1124 / 546 of 1000 / last-modified: 1644235654"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 07 Feb 2022 17:14:47 GMT

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160516/4167/ 372 KB
114 KB 213ms
80ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5e0289e282d90153dd5a7c7a7ee92f7419e8e297f235d57b9bfd6fff03650050

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 18:27:10 GMT
server: Apache/2.2.15 (CentOS)
etag: "1481ca7-5d148-5cf59be094a81"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=118758
accept-ranges: bytes
content-type: text/javascript
content-length: 115968
expires: Wed, 09 Feb 2022 02:14:05 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 180ms
61ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH
content-encoding: gzip
etag: 8d3665a9b316600491247ca6d78c204c
age: 671
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1SPQK1P0DJWDS4RTQB1R
date: Mon, 07 Feb 2022 17:03:37 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: pzheO8_G3qHbsVyN4qLPQca4yXuy7-OneXDEZthWJ5qDcwABVNmuEQ==

GET
H2 200 bda20e21-dd56-4b3d-a661-15b29652ef1a.json Show response
cdn.cookielaw.org/consent/bda20e21-dd56-4b3d-a661-15b29652ef1a/ 3 KB
2 KB 162ms
72ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bda20e21-dd56-4b3d-a661-15b29652ef1a/bda20e21-dd56-4b3d-a661-15b29652ef1a.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

499ad3f3d7f86fcd79f14e77641d39b3ed38951e64abce67f1401acabc20be23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 1hnPKcZD//G+P+BGk3A9cQ==
age: 6167
vary: Accept-Encoding
content-length: 1157
x-ms-lease-status: unlocked
last-modified: Thu, 24 Sep 2020 14:25:43 GMT
server: cloudflare
etag: 0x8D86095B8BB6639
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5c94db4e-601e-0124-1c45-ca07fd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d9e41acb9f4888f-LHR
expires: Mon, 07 Feb 2022 21:14:47 GMT

GET
H2 200 tracker.gif
richmond.com/shared-content/art/stats/common/ 0
145 B 111ms
111ms Image
image/gif 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://richmond.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=164425408863716001200611698331344&tnms_dt=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&tnms_upage=1&tnms_do=richmond.com&tnms_uri=/&tnms_ref=http%3A//dmhaslam.com/&rt=1644254088641
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
age: 0
etag: "48f79fed-0"
x-vcache: MISS
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
H2 200 survey Show response
survey.g.doubleclick.net/ 44 KB
12 KB 247ms
103ms Script
text/javascript 2a00:1450:4001:82a::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.g.doubleclick.net/survey?site=_3goyquncnmlbmo6yzmnbgykxvm&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088642

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

592c6269cdbcc73b062691371a686b601eb4f644602817ee681172b085910f33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, no-cache, must-revalidate, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
vary: *
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 185 B
389 B 161ms
69ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f808368b7d46fb5ca2841964ebb52519e57a058455eb1e50f90a25aecd2346f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6d9e41ad591d88bb-LHR

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 176 B
449 B 147ms
57ms XHR
application/json 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6d9e41adba30773b-LHR
access-control-allow-headers: Content-Type

GET
H2 200 prompt_embed_static.js Show response
survey.g.doubleclick.net/insights/consumersurveys/static/441284884201057529/ 406 KB
406 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:82a::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://survey.g.doubleclick.net/insights/consumersurveys/static/441284884201057529/prompt_embed_static.js
Requested by: Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_3goyquncnmlbmo6yzmnbgykxvm&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088642
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: ccabc3a051bce551711144d9616f09fba7f44362c08bde4376f28eb22a55868d

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 07 Feb 2022 08:09:04 GMT
last-modified: Thu, 03 Feb 2022 18:10:52 GMT
server: Google Frontend
age: 32743
content-type: application/javascript
x-cloud-trace-context: ee99367459fa5a0efffe2457147dfb68
cache-control: public, max-age=2592000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 415696

GET
H2 200 integrator.sync.js Show response
adservice.google.com.hk/adsid/ 111 B
796 B 193ms
62ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.hk/adsid/integrator.sync.js?domain=richmond.com

Requested by

Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_3goyquncnmlbmo6yzmnbgykxvm&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da46bc766028c67f94e34c39ecf0c36513fd5ffffe1e126ce09908ebcd671eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
54ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5993
date: Mon, 07 Feb 2022 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 07 Feb 2022 17:34:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
34 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a620bac688a40959ef695f33580021704d33ff350c7a1af32e75d8b3875a503a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35123
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 17:14:47 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.6.0/ 338 KB
72 KB 53ms
52ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Xs4BplpA7QV+zkRYpo3+wA==
age: 9017635
vary: Accept-Encoding
content-length: 73082
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:33 GMT
server: cloudflare
etag: 0x8D85529F2EBAD26
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f64e4218-f01e-0147-7f42-ca41d8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d9e41ae1eba886d-LHR

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 57 B
411 B 55ms
54ms XHR
application/json 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Frichmond.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:21:33 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
server: Server
age: 6793
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://richmond.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P5
content-length: 57
x-amz-cf-id: b9oXxldbecL_fHH8_UHYcNLdKbU3iZpUh9G1jVxLpDZae5P61J2lHg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 172ms
57ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 62211
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Sun, 06 Feb 2022 23:57:57 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: ot3B0fRJBOGUFuxLFXT7Q9VAjFCGBG61saet0ibjQgVkqCGcQzNxhg==

GET
H3 200 pubads_impl_2022020101.js Show response
securepubads.g.doubleclick.net/gpt/ 351 KB
119 KB 116ms
54ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js?31064711

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121756
x-xss-protection: 0
last-modified: Tue, 01 Feb 2022 09:38:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 07 Feb 2023 16:44:58 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 345 B
176 B 124ms
63ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=richmond.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

eb0a8d5efdae10d100a7b7cae77892bc88915033f7d55da0ac843ec39215586b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 151
x-xss-protection: 0
expires: Mon, 07 Feb 2022 17:14:47 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/bda20e21-dd56-4b3d-a661-15b29652ef1a/75787057-4552-493b-aa72-b303111d8f91/ 15 KB
5 KB 53ms
52ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/bda20e21-dd56-4b3d-a661-15b29652ef1a/75787057-4552-493b-aa72-b303111d8f91/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

137c2e35b0f2696fca4a369b73d5b894abb70b7b366074fb295548c06c100d0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: N9kXreDRneeTYAMeelPNJg==
age: 8053
vary: Accept-Encoding
content-length: 4968
x-ms-lease-status: unlocked
last-modified: Thu, 24 Sep 2020 14:25:50 GMT
server: cloudflare
etag: 0x8D86095BCEABC63
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d23e9c69-401e-0051-5b45-cac613000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d9e41aecf95888f-LHR
expires: Mon, 07 Feb 2022 21:14:47 GMT

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 9 KB
3 KB 58ms
58ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otFloatingFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3991138664f8a2717cd6fd5d4394c3cdeff54b01e001b9c128d67511e8a1900b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: qiq5l7qzEHE2l1Y9A93NLw==
age: 9016265
vary: Accept-Encoding
content-length: 2654
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:25 GMT
server: cloudflare
etag: 0x8D85529EE52897D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 82fa244f-601e-0081-5245-ca7ab1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d9e41af287a888f-LHR

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.6.0/assets/ 61 KB
15 KB 55ms
55ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.6.0/assets/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.6.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: C9ZZX5WmmuvxVnmOg+8oDA==
age: 9016265
vary: Accept-Encoding
content-length: 14901
x-ms-lease-status: unlocked
last-modified: Thu, 10 Sep 2020 01:36:25 GMT
server: cloudflare
etag: 0x8D85529EE46C785
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: f103e1f6-901e-00db-2c45-ca7c30000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6d9e41af287d888f-LHR

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 3 B
459 B 206ms
62ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://richmond.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 prompt Show response
survey.g.doubleclick.net/gk/ 0
41 B 104ms
103ms Script
text/javascript 2a00:1450:4001:82a::2011
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://survey.g.doubleclick.net/gk/prompt?site=_3goyquncnmlbmo6yzmnbgykxvm&t=1&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088916&ref=http%3A%2F%2Fdmhaslam.com%2F&token=

Requested by

Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_3goyquncnmlbmo6yzmnbgykxvm&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088642

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-why: UserPrivacyInfo does not meet requirements to be served (LAT and/or OPT_OUT modifier).
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Feb 2022 17:14:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 159 KB
59 KB 67ms
67ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e31a93a1a74cfe390ad49058c112eb5649d9f4eb31e8f583ede95f51b76f768

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60228
x-xss-protection: 0
expires: Mon, 07 Feb 2022 17:14:47 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 460 KB
105 KB 119ms
119ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f26d9c6080c218b83e75705e3781a8bc4ebc6ebf002be219c9fa2cd6f248301

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107751
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 07 Feb 2022 17:14:47 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 168ms
55ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54716522-7&cid=1626853911.1644254089&jid=1616094475&gjid=429337085&_gid=1787454534.1644254089&_u=YGBAgUABAAQCAE~&z=1324400750

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Feb 2022 17:14:47 GMT
content-type: text/plain
access-control-allow-origin: https://richmond.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 115ms
54ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=118054683&t=pageview&_s=1&dl=https%3A%2F%2Frichmond.com%2F&dr=http%3A%2F%2Fdmhaslam.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAQC~&jid=1616094475&gjid=429337085&cid=1626853911.1644254089&tid=UA-54716522-7&_gid=1787454534.1644254089&gtm=2wg220PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Frichmond.com%2F&cd16=No&cd17=Page%20View&cm1=1729&z=839118127

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 04:13:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46904
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 serif-ds.woff2
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/ 26 KB
26 KB 163ms
68ms Font
application/font-woff2 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/serif-ds.woff2

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1643958019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1643958019
Origin: https://richmond.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:47 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 4239843
last-modified: Fri, 21 May 2021 06:00:21 GMT
content-length: 26164
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "60a74c75-6634"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41b1b8b57720-LHR
expires: Wed, 25 May 2022 05:41:26 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 61ms
61ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NFTGWT90ER&gtm=2oe220&_p=118054683&sr=1600x1200&ul=en-us&cid=1626853911.1644254089&_s=1&dl=https%3A%2F%2Frichmond.com%2F&dr=http%3A%2F%2Fdmhaslam.com%2F&dt=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&sid=1644254089&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.application=editorial&ep.theme=flex&ep.skin_name=flex-editorial&ep.subscription_required=No&epn.blox_render_time=1729&up.logged_in=No
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://richmond.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 62009381e9edd.preview-620.jpg
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/eedition/3/d9/3d91ce7b-cc65-53b6-af88-c4f643d3bf60/ 161 KB
161 KB 65ms
64ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/eedition/3/d9/3d91ce7b-cc65-53b6-af88-c4f643d3bf60/62009381e9edd.preview-620.jpg?resize=620%2C1282

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f7ec4799d60efabc6801a4e439ce3c0b942bbc1e8c0dc1e4624697a1059c207

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
cf-cache-status: HIT
age: 28834
cf-polished: origSize=165752, status=webp_bigger
last-modified: Mon, 07 Feb 2022 03:35:32 GMT
strict-transport-security: max-age=604800
content-length: 164511
x-robots-tag: noarchive
x-vcache: HIT
server: cloudflare
etag: "cc752722507f655394093dd244af9450"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 07 Feb 2023 05:02:52 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41b27ef975d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 61fc42a72c4aa.preview.jpg
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/8/98/89858679-1a39-579d-8c2b-65f16d910f23/ 2 KB
3 KB 155ms
154ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/8/98/89858679-1a39-579d-8c2b-65f16d910f23/61fc42a72c4aa.preview.jpg?crop=496%2C279%2C0%2C8&resize=150%2C84&order=crop%2Cresize

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

503e7e9a5cc0973e6e47ec2e87702631a1e972f0d0a932da8ae26b9280f7049d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=2838
last-modified: Thu, 03 Feb 2022 21:01:27 GMT
content-disposition: inline; filename="61fc42a72c4aa.webp"
content-length: 2498
x-robots-tag: noarchive
x-vcache: HIT
server: cloudflare
etag: "acb05f5e9870903813757022a5b9d803"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Mon, 06 Feb 2023 02:38:29 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41b27f0075d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 61f8e18bea541.image.jpg
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/c/70/c70a0551-624d-53e2-9c18-e14ed15baefa/ 3 KB
3 KB 136ms
134ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/c/70/c70a0551-624d-53e2-9c18-e14ed15baefa/61f8e18bea541.image.jpg?crop=600%2C338%2C0%2C31&resize=150%2C84&order=crop%2Cresize

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7fe7dc5b6979e94fd97ed5593d31c69f3b0b29b1354fd00100bfe9d38f515d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=3143
last-modified: Tue, 01 Feb 2022 07:30:20 GMT
content-disposition: inline; filename="61f8e18bea541.webp"
content-length: 2814
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "7f092e7b2ad661fb6bf0a845f534069e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 03 Feb 2023 19:17:50 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41b27f0775d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 61d53b0aaef97.image.jpg
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/4/87/487a3e6b-b997-5e08-beaa-3401f006bbce/ 4 KB
4 KB 59ms
57ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/4/87/487a3e6b-b997-5e08-beaa-3401f006bbce/61d53b0aaef97.image.jpg?crop=600%2C338%2C0%2C31&resize=150%2C84&order=crop%2Cresize

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

977c5b3e25e233cc516fc25b80ce3b17280de37be1fcdc52158e6e8bca057146

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
cf-cache-status: HIT
age: 72885
cf-polished: origSize=3870, status=webp_bigger
last-modified: Wed, 05 Jan 2022 06:30:34 GMT
strict-transport-security: max-age=604800
content-length: 3711
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "78f9fe47d380b0c5a1f575c551288b4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 05 Jan 2023 06:35:49 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41b27f0c75d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 61e726d47e7c2.image.jpg
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/1/ef/1efbfad2-f4ad-54b7-a5db-e9e21e0cf908/ 3 KB
3 KB 143ms
141ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/1/ef/1efbfad2-f4ad-54b7-a5db-e9e21e0cf908/61e726d47e7c2.image.jpg?crop=512%2C288%2C0%2C27&resize=150%2C84&order=crop%2Cresize

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f404338a16a4d0697ab276ffcf2a3ff0e363d720f04ebc4a3f9a621c4c1671b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=3050
last-modified: Tue, 18 Jan 2022 20:45:08 GMT
content-disposition: inline; filename="61e726d47e7c2.webp"
content-length: 2736
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "6dc2630b86f2d34dd467a552336c147d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Fri, 20 Jan 2023 18:47:30 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41b27f0f75d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 62012d7620393.preview.png
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/e/51/e5171081-7d21-5d60-a2da-722cb3d88a53/ 286 KB
287 KB 154ms
153ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/e/51/e5171081-7d21-5d60-a2da-722cb3d88a53/62012d7620393.preview.png?resize=640%2C360

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c6bb7266d40c841cb0a88d47ecd032b961e5376220de35116657f71a8ce5371

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
vary: Accept
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=481714
last-modified: Mon, 07 Feb 2022 14:32:22 GMT
content-disposition: inline; filename="62012d7620393.webp"
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "eb18e9975aafdeb9ffadf3fc19607f1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 07 Feb 2023 14:36:00 GMT
cache-control: public, max-age=31536000
cf-ray: 6d9e41b27f1275d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 61fd4a2795a0c.preview.jpg
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/6/36/63630e48-ebef-53fd-8076-1f368e04c08b/ 4 KB
4 KB 147ms
145ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/6/36/63630e48-ebef-53fd-8076-1f368e04c08b/61fd4a2795a0c.preview.jpg?crop=1872%2C1053%2C0%2C27&resize=150%2C84&order=crop%2Cresize

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2466456c79fbed650d0e4d2da97ed06714702090c112c645fddc4cfa8d478f5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
vary: Accept-Encoding
cf-cache-status: HIT
cf-polished: degrade=85, origSize=4411, status=webp_bigger
last-modified: Fri, 04 Feb 2022 15:45:44 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "6656ead4c54d53d70e0652160ea1b7a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Sun, 05 Feb 2023 18:53:17 GMT
cache-control: public, max-age=31536000
cf-ray: 6d9e41b27f1675d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 61feb5fadc5bc.preview.jpg
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/7/3c/73c95e12-993a-5428-a7ab-a33d9913e05b/ 2 KB
2 KB 100ms
100ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/7/3c/73c95e12-993a-5428-a7ab-a33d9913e05b/61feb5fadc5bc.preview.jpg?crop=898%2C505%2C11%2C0&resize=150%2C84&order=crop%2Cresize

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b03dcb0dc1251b1aa5c7e7fce51c3dcb20932cfe970d8ee777233a289a40af08

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
vary: Accept
cf-cache-status: HIT
age: 11569
cf-polished: qual=85, origFmt=jpeg, origSize=2284
last-modified: Sat, 05 Feb 2022 17:38:03 GMT
content-disposition: inline; filename="61feb5fadc5bc.webp"
content-length: 1750
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "0ac0bd17d7a9ec74975724d0bd6044ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Sun, 05 Feb 2023 17:39:15 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41b27f2175d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 b-db72251-ca52e072.js Show response
tagan.adlightning.com/leeenterprises/ 83 KB
31 KB 63ms
62ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0e058c0d2e245c12a169dcbcfb3a4616dca2fb303c8770442e7b307335d08de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:24:05 GMT
content-encoding: gzip
age: 424244
x-cache: Hit from cloudfront
content-length: 31545
x-amz-meta-git_commit: db72251
last-modified: Wed, 02 Feb 2022 19:23:33 GMT
server: AmazonS3
etag: "532a04015b3fc466fbcee44a6ed756c7"
x-amz-version-id: mWZ_I6FMIgYInitSkYh9ozDq8dvcdxaw
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: TDkV28VM6zTudwroMqC6Uk_KWDhperW7PztV1_Magp1FdqBplopG1Q==

GET
H2 200 bl-db72251-974b7187.js Show response
tagan.adlightning.com/leeenterprises/ 59 KB
24 KB 83ms
83ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-db72251-974b7187.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d629212eace0da98c37230c3940e8240b3189b35542ed19b6a586fb58f5a29c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 18:53:13 GMT
content-encoding: gzip
age: 80496
x-cache: Hit from cloudfront
content-length: 24077
x-amz-meta-git_commit: db72251
last-modified: Sun, 06 Feb 2022 18:31:46 GMT
server: AmazonS3
etag: "c784520a5801080985ea3257aed85c63"
x-amz-version-id: 1VEOxReomle0VKRUpWp.y5vN8Y2tSTBO
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: tGiPuoQlZYvlDzsibg2PoSBFkabrfABfIQS4xfbbpVfHSNIhG1LTfQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
531 B 92ms
92ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3266&u=https%3A%2F%2Frichmond.com%2F&pr=http%3A%2F%2Fdmhaslam.com%2F&pid=okfILiX1IPRqZ&cb=0&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22fixed-leaderboard-top%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F8438%2Frichmond.com%2Fhomepage%22%7D%5D&pj=%7B%22sections%22%3A%22%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-109-174.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: NH8HEAC3A8QPB13KS4NC
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://richmond.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 5cluaw6HVbIDOle5C2ciPHgy8IBz3aFkz1mJeMrVDKpb-P-ZkGP3tg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
531 B 96ms
96ms XHR
text/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3266&u=https%3A%2F%2Frichmond.com%2F&pr=http%3A%2F%2Fdmhaslam.com%2F&pid=okfILiX1IPRqZ&cb=1&ws=1600x1200&v=7.72.0&t=2000&slots=%5B%7B%22sd%22%3A%22fixed-big-ad-top%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F8438%2Frichmond.com%2Fhomepage%22%7D%5D&pj=%7B%22sections%22%3A%22%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.109.174 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-109-174.fra56.r.cloudfront.net

Software

Server /

Resource Hash

8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P5
x-amz-rid: 9F38AN87FXBEQRVDT5SC
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://richmond.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 3yA5X1eb-sCNKiF1KsTXm5KOoCn6WrBwITbTI1hACD0Q-s7_lQwbvA==

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 194ms
63ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=richmond.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 182ms
62ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=richmond.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
12 KB 116ms
116ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=368414246462868&correlator=1253844463889097&output=ldjh&impl=fif&eid=31061814%2C31063821%2C31064151%2C31064711%2C31063246&vrg=2022020101&ptt=17&us_privacy=1YYN&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=8438%2Crichmond.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1&prev_scp=pos%3Dfixed-impact-top%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D3%26lee_hours%3D17%26lee_day%3D1%26fp%3D125&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dnews%252Cbreaking%252Cnational%252Cunited%2520states%252Ctopic%252Csports%252Cpolitics%252Centertainment%252Cbusiness%252Cculture%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie_enabled=1&bc=31&abxe=1&dt=1644254089859&lmt=1644252735&dlt=1644254088339&idt=897&frm=20&biw=1600&bih=1200&oid=2&adxs=799&adys=0&adks=3857999914&ucis=1&ifi=1&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Frichmond.com%2F&ref=http%3A%2F%2Fdmhaslam.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=1626853911.1644254089&ga_sid=1644254090&ga_hid=118054683&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js?31064711

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

579a8a3bde7b9e027be8efdd1cf190b619765d363150064cf33e647c14d9b972

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12391
x-xss-protection: 0
google-lineitem-id: 5909473342
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138380452381
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://richmond.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 221ms
220ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=368414246462868&correlator=375397144972583&output=ldjh&impl=fif&eid=31061814%2C31063821%2C31064151%2C31064711%2C31063246&vrg=2022020101&ptt=17&us_privacy=1YYN&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=8438%2Crichmond.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&prev_scp=pos%3Dfixed-impact-bottom%2Cbtf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D9%26lee_hours%3D17%26lee_day%3D1%26fp%3D125&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26k%3Dnews%252Cbreaking%252Cnational%252Cunited%2520states%252Ctopic%252Csports%252Cpolitics%252Centertainment%252Cbusiness%252Cculture%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie_enabled=1&bc=31&abxe=1&dt=1644254089866&lmt=1644252735&dlt=1644254088339&idt=897&frm=20&biw=1600&bih=1200&oid=2&adxs=800&adys=1&adks=4082395962&ucis=2&ifi=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Frichmond.com%2F&ref=http%3A%2F%2Fdmhaslam.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=1626853911.1644254089&ga_sid=1644254090&ga_hid=118054683&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js?31064711

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0a2e3bdef9b21ae30a64ad7a0fef8212092cbb190364e80add18c7b1dee51a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8729
x-xss-protection: 0
google-lineitem-id: 5494246484
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138325367288
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://richmond.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
10 KB 209ms
208ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=368414246462868&correlator=3028972531598119&output=ldjh&impl=fif&eid=31061814%2C31063821%2C31064151%2C31064711%2C31063246&vrg=2022020101&ptt=17&us_privacy=1YYN&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=8438%2Crichmond.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=5x1&prev_scp=pos%3Dmembers-impact%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D10%26lee_hours%3D17%26lee_day%3D1%26fp%3D125&eri=1&cust_params=k%3Dnews%252Cbreaking%252Cnational%252Cunited%2520states%252Ctopic%252Csports%252Cpolitics%252Centertainment%252Cbusiness%252Cculture%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie_enabled=1&bc=31&abxe=1&dt=1644254089868&lmt=1644252735&dlt=1644254088339&idt=897&frm=20&biw=1600&bih=1200&oid=2&adxs=798&adys=7688&adks=962273323&ucis=3&ifi=3&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Frichmond.com%2F&ref=http%3A%2F%2Fdmhaslam.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x1&msz=1600x1&ga_vid=1626853911.1644254089&ga_sid=1644254090&ga_hid=118054683&ga_fc=true&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js?31064711

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

40ae042209b780c8ad81b963e999db977294b255b03bb26de7d113d366d9b52e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10584
x-xss-protection: 0
google-lineitem-id: 5874208231
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138380337983
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://richmond.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c8a7c89b7eb4316383b2dbee3f32b34c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 204C 6 KB
4 KB 246ms
89ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c8a7c89b7eb4316383b2dbee3f32b34c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js?31064711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 07 Feb 2022 17:14:48 GMT
expires: Tue, 07 Feb 2023 17:14:48 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 var=tncms_siteaud Show response
ad.crwdcntrl.net/5/c=6881/pe=y/ 77 B
313 B 181ms
55ms Script
application/javascript 52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=6881/pe=y/var=tncms_siteaud
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 059bc42513157b8af9033f063157dffd7a9a1c6bbc9e4f2b3bc75d52be38863d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:48 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.25.131
content-type: application/javascript;charset=utf-8
content-length: 77
expires: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
61 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0155b0aeedb84b8410bf7adc50bd0a5a0fc8e622b577051a51018aaa0d64fcd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62780
x-xss-protection: 0
expires: Mon, 07 Feb 2022 17:14:48 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 59ms
58ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 07 Feb 2022 17:32:53 GMT

GET
H2 200 sp-gzip-2-17-3.js Show response
storage.googleapis.com/lee-snowplow/static/ 77 KB
27 KB 187ms
54ms Script
text/javascript 2a00:1450:4001:808::2010

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2010 -, , ASN (),
Reverse DNS
Software: UploadServer /
Resource Hash: 7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 16:46:18 GMT
content-encoding: gzip
age: 1710
x-guploader-uploadid: ADPycdsmi74pd4tYBMR5TAN58R67RQomQzggto_JDXmTJe1L0WKQG6cA2hzOpfqk1v6hl_ajjRcwY7XtdvUM93i74bs
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26950
x-goog-meta-
last-modified: Thu, 18 Feb 2021 15:16:40 GMT
server: UploadServer
etag: "d3142accd3f370a95f561f0fbfb3114b"
vary: Accept-Encoding
x-goog-hash: crc32c=C/nZJQ==, md5=0xQqzNPzcKlfVh8Pv7MRSw==
x-goog-generation: 1613661400000346
cache-control: max-age=31536000
x-goog-stored-content-length: 26950
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 07 Feb 2023 16:46:18 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 188ms
57ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dmhaslam.com
URL: http://dmhaslam.com/disarmse.php?utm_source=f7b2&utm_content=8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: M8AKmv/YQOQInPTK5IdD1LzjjcRzEJRL7D0CufFvNTJhAd1SQOtAiejgjIA21vR2QfzwycFFTguv8Gc7v6NoGg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 07 Feb 2022 17:14:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i99g3gee.js Show response
d81mfvml8p5ml.cloudfront.net/ 13 KB
5 KB 199ms
61ms Script
application/javascript 2600:9000:223e:7400:2:36a1:2f40:21

General

Check archive.org

Show headers Download Go to

Full URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:7400:2:36a1:2f40:21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c9a2d086d47148ae23b40fb16fa13a5bd578e40aa7ee5acabd1ad9d3c958ecf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:08:09 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 19:07:57 GMT
server: AmazonS3
age: 455
etag: W/"d5439e10177501ec79fe34fba97cb263"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 3431ec594cac61983aae2d9ffaf23980.cloudfront.net (CloudFront)
cache-control: max-age=600
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: t5ryEAaQYlSooMGktK9ilC5BYOhoqdyVWFI4d6Ltuaml7toqtlOIfw==

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma1527/lee/5/
Redirect Chain

https://js.matheranalytics.com/s/ma1527/725149342/lee/ml.js?cb=1586
https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js

145 KB
42 KB

55ms
55ms

Script
application/x-javascript

107.178.250.234

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Server: 107.178.250.234 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 8e69c64655718315422d63e22bc7dddaacd2fe1e1ceb20a6758287a76b9c6f66

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 23:33:13 GMT
via: 1.1 google
last-modified: Wed, 04 Aug 2021 03:52:13 GMT
server: nginx
age: 63695
etag: "96d23de5d1ede166c2abc188adf1ebd7"
vary: Accept-Encoding
x-cache: HIT Wed, 04 Aug 2021 04:04:18 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
content-encoding: br
alt-svc: clear
content-length: 43093

Redirect headers

date: Mon, 07 Feb 2022 17:14:48 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 7-gc-euw1-10926

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 181ms
60ms Script
application/javascript 13.32.121.21

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: dmhaslam.com
URL: http://dmhaslam.com/disarmse.php?utm_source=f7b2&utm_content=8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 04:14:44 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 46805
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: jAruVyYgIc6PtfJos70oOxMM3HKNpwB6bNM_ppNTJ2u1akGKiu_hkg==

GET
H2 200 a-0584.min.js Show response
b-code.liadm.com/ 26 KB
10 KB 205ms
63ms Script
application/javascript 2600:9000:225e:c00:8:8845:1500:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-0584.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:8:8845:1500:93a1 -, , ASN (),
Reverse DNS
Software: ZIO-Http /
Resource Hash: ba3830a5f35beb0359305242c7b5805c591ec629484014f0eb68be11c1dcc21b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:42:45 GMT
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server: ZIO-Http
age: 5522
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P4
content-encoding: gzip
x-amz-cf-id: vQd2HvwK-fzB9jg7BKCux-rxjO3rXSEjWiNU8hLchkbbNAoKiOp2Fw==

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-8effeeabf3a9674f85c6c39bc2a9292e/ 184 KB
48 KB 1045ms
297ms Script
application/javascript 2a04:4e42::645

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-8effeeabf3a9674f85c6c39bc2a9292e/mparticle.js?env=0&plan_id=elko_test_plan&plan_version=4
Requested by: Host: dmhaslam.com
URL: http://dmhaslam.com/disarmse.php?utm_source=f7b2&utm_content=8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8bf8e1f69f84e16d7c0b046cc032f092ed72c54438dea02e49b01e3f4a536ef7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
via: 1.1 varnish, 1.1 varnish
age: 776
x-origin-name: fastlyshield--shield_ssl_cache_iad_kiad7000170_IAD
x-cache: HIT, HIT
x-cache-hits: 1, 2
content-encoding: gzip
content-length: 48487
x-served-by: cache-iad-kiad7000170-IAD, cache-icn1450055-ICN
server: Kestrel
x-timer: S1644254089.311234,VS0,VE0
vary: Accept, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 07 Feb 2022 18:01:53 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 9DA4
Redirect Chain

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

138 B
668 B

173ms
54ms

Document
text/html

18.66.123.144

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.123.144 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/

Response headers

Content-Type: text/html
Content-Length: 138
Connection: keep-alive
Last-Modified: Fri, 01 Oct 2021 23:50:10 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 07 Feb 2022 03:21:29 GMT
Cache-Control: max-age=86400
ETag: "50351b1f6590b5c4886c111874e016a0"
X-Cache: Hit from cloudfront
Via: 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
X-Amz-Cf-Id: 5u6Er05ER8wNwhISa47QiSWF1B8PKBp0zjMLyx7bhYUKYtcz3FNz-w==
Age: 50022

Redirect headers

date: Mon, 07 Feb 2022 17:14:48 GMT
content-type: text/html; charset=UTF-8
content-length: 183
location: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 client-v2.9.0-openWrap.js Show response
qnhtg9kbqjgw2izax.ay.delivery/ 37 KB
13 KB 170ms
56ms Script
application/javascript 2606:4700:3032::ac43:bb58

General

Check archive.org

Show headers Download Go to

Full URL: https://qnhtg9kbqjgw2izax.ay.delivery/client-v2.9.0-openWrap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:bb58 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d2dd4469f84eee0b4a7fc1791a51c9fe3544bf4b26df414af78a2fddbe5938d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 24 Jan 2022 14:36:43 GMT
server: cloudflare
age: 449
etag: W/"61eeb97b-95af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGcvl%2FZ06rkwM26QkbMCVuJ0URO4AuXPlifuyofGRoBbmd7vQppxWbzU5hhjG7%2BVL11%2Be5U0t9C08gr9ViE%2FsO3wZzvmbZ%2F0gvZY0sVe8GVmpHHzsNPuP8lOn09Nxm68K7qFMAhi7wP1ocBdIbddsTcxSx3McJkN%2BkIL4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d9e41b58e47773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 b-db72251-ca52e072.js Show response
tagan.adlightning.com/leeenterprises/ Frame 837C 83 KB
31 KB 59ms
58ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0e058c0d2e245c12a169dcbcfb3a4616dca2fb303c8770442e7b307335d08de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:24:05 GMT
content-encoding: gzip
age: 424244
x-cache: Hit from cloudfront
content-length: 31545
x-amz-meta-git_commit: db72251
last-modified: Wed, 02 Feb 2022 19:23:33 GMT
server: AmazonS3
etag: "532a04015b3fc466fbcee44a6ed756c7"
x-amz-version-id: mWZ_I6FMIgYInitSkYh9ozDq8dvcdxaw
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: pZJhI3uCzJoS2DkZv9aeBrIR6viLMQyQ4XStWqEoqyYC_NHXASVtnw==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 837C 123 KB
38 KB 349ms
217ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 17:14:48 GMT

GET
H2 200 b-db72251-ca52e072.js Show response
tagan.adlightning.com/leeenterprises/ Frame FF59 83 KB
31 KB 58ms
58ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0e058c0d2e245c12a169dcbcfb3a4616dca2fb303c8770442e7b307335d08de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:24:05 GMT
content-encoding: gzip
age: 424244
x-cache: Hit from cloudfront
content-length: 31545
x-amz-meta-git_commit: db72251
last-modified: Wed, 02 Feb 2022 19:23:33 GMT
server: AmazonS3
etag: "532a04015b3fc466fbcee44a6ed756c7"
x-amz-version-id: mWZ_I6FMIgYInitSkYh9ozDq8dvcdxaw
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: WAhe1Fjjhowr2f815_ugP46VzZ02HjNoXKdxMw2qVqb4nsihkiz4fQ==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF59 123 KB
37 KB 430ms
320ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 17:14:48 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 192ms
63ms Preflight
application/json 2a02:2638::1c

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frichmond.com%2F&domain=richmond.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://richmond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://richmond.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1546
date: Mon, 07 Feb 2022 17:14:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Frichmond.com%2F&domain=richmond.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=FSzM_Hw1ckhVSC9CYURURHkvYjB3bmRSbWtkQm5MTWJzK3Z1TkxlbEQ2bTk2V1drZEtWaU0zeFhJR1NGbjIrNDlzVnFRaXNNVTBPbURyT0kxd0Z3SzZ4WGdneUtVT1lFQnZrRzFNbzgySEhKdU1OSnJrSmtJWEZnMjNtZ1...

350 B
618 B

190ms
64ms

XHR
application/json

178.250.0.157

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=FSzM_Hw1ckhVSC9CYURURHkvYjB3bmRSbWtkQm5MTWJzK3Z1TkxlbEQ2bTk2V1drZEtWaU0zeFhJR1NGbjIrNDlzVnFRaXNNVTBPbURyT0kxd0Z3SzZ4WGdneUtVT1lFQnZrRzFNbzgySEhKdU1OSnJrSmtJWEZnMjNtZ1lPVnZIa1J6ZERhUWIxaHhhU285V2h0WW9zbEhTS2FRaHNCRXJONCtUOFE4STBxZzIrSUY1NVdvZUhENnEyYytVVGRIdmNwbEJxU2N2eFQwOFJtQW4yTVdxZm5Hbk5CQ0ZpcTQ1SlBtYW5iZDhBY0Vob2U4PXw&cppv=2

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Server

178.250.0.157 -, , ASN (),

Reverse DNS

Software

Resource Hash

9471f5693561c824313f9961666fcc0ceff062ee2c3c1518fd0316d82a845a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2858
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:48 GMT
location: https://mug.criteo.com/sid?cpp=FSzM_Hw1ckhVSC9CYURURHkvYjB3bmRSbWtkQm5MTWJzK3Z1TkxlbEQ2bTk2V1drZEtWaU0zeFhJR1NGbjIrNDlzVnFRaXNNVTBPbURyT0kxd0Z3SzZ4WGdneUtVT1lFQnZrRzFNbzgySEhKdU1OSnJrSmtJWEZnMjNtZ1lPVnZIa1J6ZERhUWIxaHhhU285V2h0WW9zbEhTS2FRaHNCRXJONCtUOFE4STBxZzIrSUY1NVdvZUhENnEyYytVVGRIdmNwbEJxU2N2eFQwOFJtQW4yTVdxZm5Hbk5CQ0ZpcTQ1SlBtYW5iZDhBY0Vob2U4PXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://richmond.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1905
content-length: 482
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 315ms
189ms XHR
application/json 185.33.221.13

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ae46c76588381b83efbff222c63eeb3f83a26af9e5afdbec0137875be47a6b43

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 17:14:48 GMT
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3b2a974d-c6e7-4e21-afa6-9086f056825a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://richmond.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 251ms
113ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://richmond.com
date: Mon, 07 Feb 2022 17:14:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 358 B
1 KB 328ms
134ms XHR
application/json 2602:803:c004:200::141

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11004&site_id=369546&zone_id=2016232&size_id=2&alt_size_ids=55%2C57&eid_pubcid.org=401fdea2-76a4-4ed8-8f03-4551b3bebd58%5E1&rf=https%3A%2F%2Frichmond.com%2F&tg_i.dfp_ad_unit_code=8438%2Frichmond.com%2Fhomepage&tg_i.pbadslot=8438%2Frichmond.com%2Fhomepage&tk_flint=pbjs_lite_v4.43.0&x_source.tid=64545de0-f77a-446f-92f1-b6cfea922545&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9919192695499026
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 -, , ASN (),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c7f09763510e015db838fca43073af1ccae9916f8caaafb25420a97b4d6c7a14

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 17:14:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://richmond.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 358
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
327 B 267ms
145ms XHR
application/json 34.149.20.76

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=aaIy6cKxGr64kpaKlKyvbs
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 -, , ASN (),
Reverse DNS
Software: / 33Across
Resource Hash: 698a43653cc49979ec65cfc87395e4d71494605e707232a5922aa52b5b9a8c95

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://richmond.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
149 B 279ms
161ms XHR
application/json 34.149.20.76

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bYLXQOKxGr65fKaKjGFx_2
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 -, , ASN (),
Reverse DNS
Software: / 33Across
Resource Hash: 35c36630f1e586dc25af700184ee7ad4d2f0a1b3cb199f80f52367fa487a6515

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://richmond.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 381ms
250ms XHR
text/plain 185.64.189.112

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://richmond.com
date: Mon, 07 Feb 2022 17:14:47 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 415ms
298ms XHR
application/json 185.33.221.13

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1f57ea34c9e9dc9551f9f7a0896e8e380de3a22e89677eda86bb293ddb9b1068

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 17:14:49 GMT
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d03c6923-e73a-44ae-a765-b247072c36f4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://richmond.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 356 B
1 KB 315ms
127ms XHR
application/json 2602:803:c004:200::141

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11004&site_id=369546&zone_id=2016236&size_id=15&alt_size_ids=10&eid_pubcid.org=401fdea2-76a4-4ed8-8f03-4551b3bebd58%5E1&rf=https%3A%2F%2Frichmond.com%2F&tg_i.dfp_ad_unit_code=8438%2Frichmond.com%2Fhomepage&tg_i.pbadslot=8438%2Frichmond.com%2Fhomepage&tk_flint=pbjs_lite_v4.43.0&x_source.tid=7c5320ad-70d0-4262-aeac-0d77b64d30b0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5705786000510586
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 -, , ASN (),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e50492c68666405f4431adc1cb95797575aeceae75a026f595f605ecabb0f5a2

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 17:14:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://richmond.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 356
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 b-db72251-ca52e072.js Show response
tagan.adlightning.com/leeenterprises/ Frame D5EB 83 KB
31 KB 59ms
58ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0e058c0d2e245c12a169dcbcfb3a4616dca2fb303c8770442e7b307335d08de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:24:05 GMT
content-encoding: gzip
age: 424244
x-cache: Hit from cloudfront
content-length: 31545
x-amz-meta-git_commit: db72251
last-modified: Wed, 02 Feb 2022 19:23:33 GMT
server: AmazonS3
etag: "532a04015b3fc466fbcee44a6ed756c7"
x-amz-version-id: mWZ_I6FMIgYInitSkYh9ozDq8dvcdxaw
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: oebKTxEq-yjzepF73yz_wx1OKOYaDg1gbxSKozRXlfINJnevC-8RLg==

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D5EB 123 KB
37 KB 283ms
277ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 17:14:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF59 0
0 90ms
90ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIcVsoi463VzQ754uqMP_6xAKAufJQqIzRI4EymoLMUwDGJjY_XN_cEXgGusi7hm7Aax1MfkGX66HyRaH9E6vnNlwkqEGMztFhDLnyiHRbPSSM5iStZ7sbEbXLe0eS6KuiDHKjbiQwFFgu6bmSHPMpr5ZE-O7Lr8JME-uuvv3vfGZ2X8com9KXzWVV4AwAL5fse2jcXpmwvdDqtprmrcDQjzA8pnGvyhvykyCdGaqc-mA8h7h_HaQg2cQZXxe4MxA5x7WZW9hjRsVsQuMtUaga2YKqnZjW7zrLBkK4A2Ec_C6croUI-qgg-RhsO07-aTHjvLcXBFCiT-1WVe9xQw&sai=AMfl-YTuz4acUxjxxX8lw9SzPeUqCngFTJlVnKGwVe8ajh9l28k86iTYCh-t_gtQCrSr5aqzG53kMRHucy3vUr5bN-8gidD2K1PDcpfuzCCwXPinsAwsBbA8riGhK3dmzcZ-&sig=Cg0ArKJSzO3T3b5VAScPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 07 Feb 2022 17:14:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 837C 0
0 89ms
89ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOxJo_lOgIduNHbPpexrRJQUz_geUVl70Vqs8y47ie6eF6F1MnUGofV3lD5WWHLIpu5dkLnavU8vyIBbn0q81Rd1FuBb4MH_wCaUixwF-Z8-0mez8NcwowCM_F6xr6pujqsodNEYfcb1vORbKK1bqYyk6WO3-MKLUkQ1Xe7fcr7WkA5qi3NN-GblNd1BduFD4Pbab-DVrTBLHo-Pdeee5_xBNQsi9e7AjvppdDW4I0mZXGzraiznoRUgCq_IGa2_aWcBWSHU2FKMPxmmrAktoZItHPbS6XmQp9xjon17ies5-iWItQzJ7q-ha5c-oRrIg&sai=AMfl-YRUNmp-EiH2i1aoAoTtFOvXEslsZGo2NnkoguYEloY57dXRo-U_poHpsD6EEHJ3VagofwmiY9L4qK5kxl7WaFfYQ36NzkMCV11K6ugUIWVOuApLAHKTFrCMoaMEHfCt&sig=Cg0ArKJSzChsp0x6TyndEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 07 Feb 2022 17:14:48 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 52 KB
4 KB 344ms
57ms Stylesheet
text/css 2606:4700::6810:125e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css

Requested by

Host: bloximages.newyork1.vip.townnews.com
URL: https://bloximages.newyork1.vip.townnews.com/richmond.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5182327
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3279
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hhw0b1bPUM2tDHv1Qcip0ye%2BPS925zCcZHqZlYlD4WX4YGVhhbSojE85qhXroiMSEvOMrCeiupPRC7EvZ5y%2Fru3X3yJ2RTHW8%2BhyOzunFzmI8gkK3xclCEIjjaWd5GCCgZA%2FxY%2FtppIo%2FG9uwH%2Byo1UR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d9e41b96b28770b-LHR
expires: Sat, 28 Jan 2023 17:14:49 GMT

GET
H3

200

6995408777118312465
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODg5f3zJhABGAEyCBjdPcJyKPHM
https://tpc.googlesyndication.com/simgad/6995408777118312465

79 KB
79 KB

199ms
100ms

Image
image/jpeg

2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6995408777118312465

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da4f62c7c8e392533bda2a958de53c0b86ded73e0b9bff20d7933033fea852d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:44:20 GMT
x-content-type-options: nosniff
age: 387029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80950
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 18:37:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Feb 2023 05:44:20 GMT

Redirect headers

date: Mon, 07 Feb 2022 13:50:04 GMT
x-content-type-options: nosniff
server: cafe
age: 12284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/6995408777118312465
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 09 Mar 2022 13:50:04 GMT

GET
H3

200

918769758783737280
tpc.googlesyndication.com/simgad/
Redirect Chain

https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODg5f2FfBABGAEyCBm2NHVD_6jX
https://tpc.googlesyndication.com/simgad/918769758783737280

41 KB
41 KB

155ms
55ms

Image
image/jpeg

2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/918769758783737280

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33b7156849ed2be9d86927f085f2eecdc4ae7fc3571999ee1787579392c172db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 03 Feb 2022 05:44:19 GMT
x-content-type-options: nosniff
age: 387030
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42010
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 18:37:57 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Feb 2023 05:44:19 GMT

Redirect headers

date: Mon, 07 Feb 2022 13:50:04 GMT
x-content-type-options: nosniff
server: cafe
age: 12284
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/918769758783737280
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 09 Mar 2022 13:50:04 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
29 B 114ms
56ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54716522-2&cid=1626853911.1644254089&jid=415526652&gjid=1980718280&_gid=1787454534.1644254089&_u=aHDAiUAjRAQCAE~&z=899604150

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

ac88ba62392665e9f15f5b25f55914ffe9380b91c75b5a6ac6f027bfa85f769b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Feb 2022 17:14:48 GMT
content-type: text/plain
access-control-allow-origin: https://richmond.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
29 B 108ms
57ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-34284965-3&cid=1626853911.1644254089&jid=1290320575&gjid=85537502&_gid=1787454534.1644254089&_u=aHDAiUAjRAQCAE~&z=1595489325

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

ac88ba62392665e9f15f5b25f55914ffe9380b91c75b5a6ac6f027bfa85f769b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 07 Feb 2022 17:14:48 GMT
content-type: text/plain
access-control-allow-origin: https://richmond.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 92 KB
35 KB 69ms
69ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TQ9PK73&t=gtm287&cid=1626853911.1644254089

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4f27217266d80fe11f1658ceebafe4861266be576d150f40d9b7967603a49e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36086
x-xss-protection: 0
expires: Mon, 07 Feb 2022 17:14:48 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
53ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=118054683&t=pageview&_s=1&dl=https%3A%2F%2Frichmond.com%2F&dr=http%3A%2F%2Fdmhaslam.com%2F&ul=en-us&de=UTF-8&dt=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiUAjRAQCAE~&jid=415526652&gjid=1980718280&cid=1626853911.1644254089&tid=UA-54716522-2&_gid=1787454534.1644254089&gtm=2wg220TDWDC2&cd1=desktop&cd2=richmond.com&cd3=editorial&cd4=homepage&cd6=homepage&cd14=Undefined&cd17=null&cd20=anonymous&cd23=&cg1=&cd21=Richmond&cd22=flex-editorial&cd30=40&cd31=Cloudy&cd75=0&cd76=%20%20%20%20%20%20%20%20%20&cd79=&cd80=&cd81=No&cd82=&cd85=yes&cd86=no&cd102=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F97.0.4692.71%20safari%2F537.36&cd103=Undefined&cd104=Undefined%2C%20Undefined&cd105=3&cd106=Page%20View&cd107=0&cd111=undefined&cd115=notset&cd116=No&cd117=No&cd124=dsv2&cd89=1626853911.1644254089&z=407368102

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 04:13:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46905
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
54ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 04:13:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 46905
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
162 B 62ms
61ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-F8FFLLVDEZ&gtm=2oe220&_p=118054683&sr=1600x1200&_gaz=1&ul=en-us&cid=1626853911.1644254089&_s=1&dl=https%3A%2F%2Frichmond.com%2F&dr=http%3A%2F%2Fdmhaslam.com%2F&dt=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&sid=1644254089&sct=1&seg=0&en=page_view&_fv=1&_ss=2&ep.asset_flag_array=false&ep.asset_tag_array=false&ep.domain=richmond.com&ep.page_type=homepage&ep.platform=desktop&ep.application=editorial&ep.byline=Undefined&ep.syndication_domain=null&ep.blox_sections=&ep.url_fragment=&ep.bot=no&ep.author=Undefined&ep.eedition_viewtype=Page%20View&up.user_status=anonymous&up.user_subscription=No&up.client_id=function(a)%7Bvar%20b%3Da.get(%22clientId%22)%3Ba.set(%22dimension%22%2Bc%2Cb)%3Bwindow.dataLayer.push(%7Bgoogle_client_id%3Ab%7D)%7D
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://richmond.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 82ms
56ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-F8FFLLVDEZ&cid=1626853911.1644254089&gtm=2oe220&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://richmond.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.hk/ads/ 42 B
107 B 326ms
78ms Image
image/gif 2a00:1450:4001:802::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.hk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F8FFLLVDEZ&cid=1626853911.1644254089&gtm=2oe220&aip=1&z=632462662

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1644254090512&ns_c=UTF-8&cv=3.5&c8=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C...
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1644254090512&ns_c=UTF-8&cv=3.5&c8=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2...

0
223 B

56ms
55ms

Image
text/plain

13.32.121.21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1644254090512&ns_c=UTF-8&cv=3.5&c8=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&c7=https%3A%2F%2Frichmond.com%2F&c9=http%3A%2F%2Fdmhaslam.com%2F
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Server: 13.32.121.21 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: W2fPrw47bk2Ym_CBF0WKTvSKxQ1-vGs--YMl4ID7t-dkpWNEgejRqw==
x-cache: Miss from cloudfront

Redirect headers

date: Mon, 07 Feb 2022 17:14:48 GMT
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1644254090512&ns_c=UTF-8&cv=3.5&c8=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&c7=https%3A%2F%2Frichmond.com%2F&c9=http%3A%2F%2Fdmhaslam.com%2F
content-length: 369
x-amz-cf-id: owNQSG1XeAjw6i_0cDDGbAYtpFUlD1hILRcWvG01DeWzYMYqTGV6nw==

POST
H2 200 yy2 Show response
a.leetemplates.com/lee/ 2 B
336 B 270ms
161ms XHR
text/plain 34.102.205.239

General

Check archive.org

Show headers Download Go to

Full URL: https://a.leetemplates.com/lee/yy2
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.205.239 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.7 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
via: 1.1 google
server: akka-http/10.2.7
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://richmond.com
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
alt-svc: clear
content-length: 2

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 58ms
58ms Script
application/javascript 2600:9000:225e:c00:8:8845:1500:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:c00:8:8845:1500:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: CQKQeFXs_ero.dSxGj8yyrCkT6TzPcRS
content-encoding: gzip
etag: W/"ae5e94de938b0387eda6df8f20da811a"
last-modified: Wed, 02 Jun 2021 16:15:01 GMT
server: AmazonS3
age: 60965
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
date: Mon, 07 Feb 2022 00:18:44 GMT
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: 4gSdJUyzhuznCNJiSPRt_nOgXiXAdWh1EdsEphkejptOxPd6RdsYQw==

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 122ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.52

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: au6BcEgamdRyEPq1XwuHfavmRD6AZgzLrf2I+PvLoFRla8f8FWbJVTz5D8JfSrzpjrXrf2m+lyaJsbToT4kqPQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 07 Feb 2022 17:14:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 961211893969940 Show response
connect.facebook.net/signals/config/ 311 KB
88 KB 178ms
114ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/961211893969940?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

f52a40d9006b1650f4bd0a5b4a9751b693b99cd4fce9a9f50b05e27aef8a7148

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 90214
x-xss-protection: 0
pragma: public
x-fb-debug: 4Ibp0DnIx8ylHTfcyxqDSBtVI11x+NKrp5vgkEZtCWszVSTCo2HEBlbjaJTFL3pt1BkqK8BKc6OFOmpPsrOOOw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 07 Feb 2022 17:14:49 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 richmond.com.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/ 2 KB
2 KB 57ms
56ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/richmond.com.png?_dc=1

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ae19499f2cd0d07598e4afa827bd105cce3317a34c2896232b9b7d30a8cb22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
vary: Accept
cf-cache-status: HIT
age: 2236085
cf-polished: origFmt=png, origSize=3399
last-modified: Mon, 03 Aug 2020 22:06:08 GMT
content-disposition: inline; filename="richmond.webp"
content-length: 2228
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "5f288a50-d47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 12 Jan 2023 20:06:44 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41b84b2975d8-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 3701585313579262197
tpc.googlesyndication.com/simgad/ 272 KB
272 KB 265ms
82ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3701585313579262197?

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c6399a527c117691a6dba2e4922496428409720b574e2975927be7c565f8a45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 13:50:04 GMT
x-content-type-options: nosniff
age: 12285
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 278660
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 13:45:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 07 Feb 2023 13:50:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D5EB 0
0 89ms
88ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshbnXKQDtkQ1_LRp6L3hdw0Q-iNW_jMlb77sT1qhfhm-eW71pHM6OlOsfcugsAh9refY6COx7dv3_bg2_d5CwjwBU_SNYxSMa4KD7Hwt_cQjV7p6FhuHrG4jpw6I4jmA3ZDEV0PvA9Rk_owC1LTPpdTK-mW0MO-CwyztRlFMrhFO6aDwH5C6FhgIPKIZukhRni2yStEBM4i4HTko6lIa7VmHXfxY4l_sssMh2ixlsDPyAQiqi1OtEM8kDMv3oPkEvdN1_ChbuPhYguNuD6eH1KbJRyaii_pv9PAIXJa0hBJlQc88ihX-L7Mr7DvsvpRearzM-i2hhKq7Wi1Q&sai=AMfl-YQLNnsf4wkeJnlj7U5IMNKwn53YBsPyHy0RGTAzb2m7KTBrPNoywGubNERplN04ErMtrzqw0mAoB9TuB3hBKJkE7S7wbfqEpdd1SxVcqb9ZUN6RDGSQmOQo-cXgg4N6&sig=Cg0ArKJSzEprOLKnhjHxEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 rciv.js Show response
cdn.tynt.com/ Frame D5EB 15 KB
6 KB 180ms
65ms Script
application/javascript 104.18.29.199

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/rciv.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.29.199 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d018dfe8631f61492271d2c987e71f50805c4416ad0743d3fe1546aab43bf3de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:45 GMT
server: cloudflare
age: 204606
etag: W/"61295205-3dbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6d9e41b97ed872b4-LHR
expires: Thu, 10 Feb 2022 17:14:49 GMT

GET
H2 200 / Show response
dn1i8v75r669j.cloudfront.net/v/ 67 B
344 B 179ms
55ms Script
application/json 2600:9000:223c:9000:7:5031:dc0:21

General

Check archive.org

Show headers Download Go to

Full URL: https://dn1i8v75r669j.cloudfront.net/v/?w=i99g3gee
Requested by: Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9000:7:5031:dc0:21 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0aae37caeb1c5064881f16534e735f299658ad15ebe527cb1969e75d9ceb1c40

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:10:07 GMT
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
age: 282
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=300
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: K-uLNu-3ObT1GU7T9_-YsdFOE562wwyyJVdCDqbyUY3qw9a0pXS3nw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 837C 0
0 89ms
89ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuIB8Elq2OdSYb-lV6XmzRKk6CxBixJCzX0qo37xf2IvGZpops4LUGBn8iAciqr7rAh4t4AC00TyymVK9bdRdmZS_FJakT1qtBVSlnUTwRi6SRpF3wJr70uIi1-RJERjF8-DBi5lkeS_G6i1Nn8zWK5ev8mCvp6eLFIYBDlmLmixJxccVOxyhC8Rkuk6G6MEdnnqWjfjkYrh6NWczsV9vFQhJwOiARIKbPhY_jpLyWosHnHdwDYmy_POFGAilb0XhZPLXaBXwu6f-OIjKf6aB3hIlVbRyiz5w3GmhVlTzc5Yy6O14Xuop-i9uh-jX7C3hQiIA&sai=AMfl-YTNGwZky1y2nG4DPl7IbL1zRjkqh75UX9tzq0AVeurCEU14rUoqtmf0k10EYLo9ToH1d1uElDsnlgBz4YhXV1T28YR_m2gafWR8tFqsndt41zwyB4hy9HSMcdYmrumJ&sig=Cg0ArKJSzH3WwcP2ay_qEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 07 Feb 2022 17:14:49 GMT

GET
H2 200 620038b25338b.image.jpg
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/1/3c/13c0fdb8-12ff-580c-9203-c256de7ec0a7/ 7 KB
7 KB 59ms
59ms Image
image/jpeg 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/1/3c/13c0fdb8-12ff-580c-9203-c256de7ec0a7/620038b25338b.image.jpg?crop=1790%2C1007%2C0%2C75&resize=225%2C127&order=crop%2Cresize

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e48190856f5d6e66b7bb2916ddbbfc2d53d29a1fd836a447104296990139bb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 11471
cf-polished: degrade=85, origSize=9938, status=webp_bigger
last-modified: Sun, 06 Feb 2022 21:08:02 GMT
x-robots-tag: noarchive
x-vcache: MISS
server: cloudflare
etag: "d1d1251485c44a1f89c4808d485e45e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/jpeg
access-control-allow-origin: *
expires: Tue, 07 Feb 2023 14:00:45 GMT
cache-control: public, max-age=31536000
cf-ray: 6d9e41b91cc575d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 62006e22da81e.image.jpg
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/6/c1/6c1855c2-605f-5a8e-9ca0-a45fe4c88acd/ 2 KB
2 KB 52ms
52ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/6/c1/6c1855c2-605f-5a8e-9ca0-a45fe4c88acd/62006e22da81e.image.jpg?crop=624%2C351%2C0%2C67&resize=225%2C127&order=crop%2Cresize

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6be4f96beea75ebc4da0f8855206fc3855ddd87a654a138a6eed6162b3e1e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
vary: Accept
cf-cache-status: HIT
age: 12222
cf-polished: qual=85, origFmt=jpeg, origSize=2947
last-modified: Mon, 07 Feb 2022 00:56:02 GMT
content-disposition: inline; filename="62006e22da81e.webp"
content-length: 2000
x-robots-tag: noarchive
x-vcache: HIT
server: cloudflare
etag: "b22372f5827dbe6c2751c20842d7d6e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 07 Feb 2023 03:46:23 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41b91cc975d8-LHR
cf-bgj: imgq:85,h2pri

GET
H2 200 62007f3dda480.image.jpg
bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/c/74/c7418926-004e-5542-8427-ee34b30ab837/ 3 KB
3 KB 52ms
51ms Image
image/webp 104.18.131.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.newyork1.vip.townnews.com/richmond.com/content/tncms/assets/v3/editorial/c/74/c7418926-004e-5542-8427-ee34b30ab837/62007f3dda480.image.jpg?crop=1918%2C1079%2C1%2C0&resize=150%2C84&order=crop%2Cresize

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.131.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41148f957d6a4c46f322af4e09a27fa542e75b7fda5caf3c4c636dc76a004d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
vary: Accept
cf-cache-status: HIT
age: 28834
cf-polished: qual=85, origFmt=jpeg, origSize=6985
last-modified: Mon, 07 Feb 2022 02:09:02 GMT
content-disposition: inline; filename="62007f3dda480.webp"
content-length: 2692
x-robots-tag: noarchive
x-vcache: HIT
server: cloudflare
etag: "c8b8039e65b2cffde2f195ee41c544d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=604800
content-type: image/webp
access-control-allow-origin: *
expires: Tue, 07 Feb 2023 02:19:01 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d9e41b91ccb75d8-LHR
cf-bgj: imgq:85,h2pri

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 134ms
64ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=richmond.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 126ms
63ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=richmond.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 216ms
215ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=368414246462868&correlator=4101679561599086&output=ldjh&impl=fif&eid=31061814%2C31063821%2C31064151%2C31064711%2C31063246&vrg=2022020101&ptt=17&us_privacy=1YYN&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=8438%2Crichmond.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=pos%3Dfixed-leaderboard-top%2Catf%2CTop%2CPosition2%2C50%26density%3Dstandard%26lee_group%3D6%26lee_hours%3D17%26lee_day%3D1%26fp%3D125%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=k%3Dnews%252Cbreaking%252Cnational%252Cunited%2520states%252Ctopic%252Csports%252Cpolitics%252Centertainment%252Cbusiness%252Cculture%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie=ID%3De1f5e9499766468e-224fb32d37cd00ff%3AT%3D1644254088%3AS%3DALNI_MbfmTi_5ZeyuUGDwhSlTKIKLtN-Xw&bc=31&abxe=1&dt=1644254090719&lmt=1644252735&dlt=1644254088339&idt=897&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=277&adks=2507819855&ucis=4&ifi=4&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Frichmond.com%2F&ref=http%3A%2F%2Fdmhaslam.com%2F&vis=1&scr_x=0&scr_y=0&psz=1584x250&msz=1584x250&psts=AGkb-H_2io6bS1st9xq8ddrAA-K5cx66isRAqg38Sj24L24EYrqe3BeYvIFXrynwqPdFZWIj6Lj3pdEHNY5T92ZC%2CAGkb-H9GCsVUvxMyocPJFpKPBELSyrCFJKrKZ_e2gkoOyI58rd48R93buwhVj_-VDsWgE03nWNzO3q29AVqMigvRUbARAQrP1FEUpJlO%2CAGkb-H8YsrU7emvMSDx4Ezx6SJIF6dEzGQvzfQ-jTT2Vemvv7khaBu-WPSpmSOPajwwlUotfPxj0pV6DDdm30MXNFwKq4j8&ga_vid=1626853911.1644254089&ga_sid=1644254090&ga_hid=118054683&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js?31064711

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

f9d210c2e7d39f54447b0471255e4a49971a190e34e0af009ef0b70aceff66d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11640
x-xss-protection: 0
google-lineitem-id: 5898283624
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379231194
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://richmond.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 199ms
80ms Image
image/gif 2a00:1450:4001:810::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54716522-2&cid=1626853911.1644254089&jid=415526652&_u=aHDAiUAjRAQCAE~&z=650254538

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.hk/ads/ 42 B
501 B 112ms
78ms Image
image/gif 2a00:1450:4001:802::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.hk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54716522-2&cid=1626853911.1644254089&jid=415526652&_u=aHDAiUAjRAQCAE~&z=650254538

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 199ms
80ms Image
image/gif 2a00:1450:4001:810::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34284965-3&cid=1626853911.1644254089&jid=1290320575&_u=aHDAiUAjRAQCAE~&z=1788659808

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.hk/ads/ 42 B
107 B 113ms
79ms Image
image/gif 2a00:1450:4001:802::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.hk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-34284965-3&cid=1626853911.1644254089&jid=1290320575&_u=aHDAiUAjRAQCAE~&z=1788659808

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1644254090727&aid=a-0584&se=e30&duid=e481f3521b07--01fvajwn9ae2h233j7tky90akz&tna=v2.3.0&pu=https%3A%2F%2Frichmond.com%2F&ext__pubcid=401fdea2-76a4-4ed8-8f03-4551b3beb...
https://rp4.liadm.com/j?dtstmp=1644254090727&aid=a-0584&se=e30&duid=e481f3521b07--01fvajwn9ae2h233j7tky90akz&tna=v2.3.0&pu=https%3A%2F%2Frichmond.com%2F&ext__pubcid=401fdea2-76a4-4ed8-8f03-4551b3be...

13 B
568 B

427ms
137ms

XHR
application/json

52.2.140.242

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1644254090727&aid=a-0584&se=e30&duid=e481f3521b07--01fvajwn9ae2h233j7tky90akz&tna=v2.3.0&pu=https%3A%2F%2Frichmond.com%2F&ext__pubcid=401fdea2-76a4-4ed8-8f03-4551b3bebd58&us_privacy=1YYN&wpn=lc-bundle&refr=http%3A%2F%2Fdmhaslam.com%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlJlYWQgYnJlYWtpbmcgUmljaG1vbmQgbmV3cywgSGVucmljbyBDb3VudHksIGFuZCB0aGUgTWV0cm9wb2xpdGFuIEFyZWEgb2YgVmlyZ2luaWEuIFRoZSBsYXRlc3Qgd2VhdGhlciwgY3JpbWUsIHBvbGl0aWNzLCBhbmQgbW9yZSBmcm9tIHRoZSBSaWNobW9uZCBUaW1lcy4iPjx0aXRsZT5SaWNobW9uZCBOZXdzIHwgUmljaG1vbmQgVGltZXMtRGlzcGF0Y2ggfCBSaWNobW9uZCwgVmlyZ2luaWEgbmV3cywgYnVzaW5lc3MsIHNwb3J0cywgZW50ZXJ0YWlubWVudCwgcmVzdGF1cmFudHMsIGV2ZW50cywgYXJ0cyBhbmQgc2hvcHBpbmc8L3RpdGxlPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPjx0aXRsZT5BcnJvdzwvdGl0bGU-&i6=MmEwMTo0YTA6MmM6Ojk%3D&n3pc=true

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Server

52.2.140.242 -, , ASN (),

Reverse DNS

Software

nginx/1.18.0 /

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
x-pixel-event-id: 5b208380-1639-429e-87fc-c2ed0a5ca8a5
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
request-time: 1
vary: Origin
content-length: 13
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
x-frame-options: DENY
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: 4944b001ad211253

Redirect headers

date: Mon, 07 Feb 2022 17:14:49 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.18.0
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1644254090727&aid=a-0584&se=e30&duid=e481f3521b07--01fvajwn9ae2h233j7tky90akz&tna=v2.3.0&pu=https%3A%2F%2Frichmond.com%2F&ext__pubcid=401fdea2-76a4-4ed8-8f03-4551b3bebd58&us_privacy=1YYN&wpn=lc-bundle&refr=http%3A%2F%2Fdmhaslam.com%2F&c=PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlJlYWQgYnJlYWtpbmcgUmljaG1vbmQgbmV3cywgSGVucmljbyBDb3VudHksIGFuZCB0aGUgTWV0cm9wb2xpdGFuIEFyZWEgb2YgVmlyZ2luaWEuIFRoZSBsYXRlc3Qgd2VhdGhlciwgY3JpbWUsIHBvbGl0aWNzLCBhbmQgbW9yZSBmcm9tIHRoZSBSaWNobW9uZCBUaW1lcy4iPjx0aXRsZT5SaWNobW9uZCBOZXdzIHwgUmljaG1vbmQgVGltZXMtRGlzcGF0Y2ggfCBSaWNobW9uZCwgVmlyZ2luaWEgbmV3cywgYnVzaW5lc3MsIHNwb3J0cywgZW50ZXJ0YWlubWVudCwgcmVzdGF1cmFudHMsIGV2ZW50cywgYXJ0cyBhbmQgc2hvcHBpbmc8L3RpdGxlPjx0aXRsZT5CYWNrIEJ1dHRvbjwvdGl0bGU-PHRpdGxlPlNlYXJjaCBJY29uPC90aXRsZT48dGl0bGU-RmlsdGVyIEljb248L3RpdGxlPjx0aXRsZT5BcnJvdzwvdGl0bGU-&i6=MmEwMTo0YTA6MmM6Ojk%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://richmond.com
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 465e076aff146631
request-time: 1
content-length: 0
x-content-type-options: nosniff

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 207ms
69ms Preflight
application/json 178.250.0.157

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1136
date: Mon, 07 Feb 2022 17:14:48 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 yy2
a.leetemplates.com/lee/ Frame 0
0 392ms
163ms Preflight 34.102.205.239

General

Check archive.org

Show headers Download Go to

Full URL: https://a.leetemplates.com/lee/yy2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.205.239 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.7 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://richmond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://richmond.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-max-age: 5
server: akka-http/10.2.7
date: Mon, 07 Feb 2022 17:14:49 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 559ms
133ms Image
image/gif 54.235.123.142

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&sec=homepage&pubname=Richmond%20Times-Dispatch&ptype=homepage&metered=0%7C3&cms=townnews%2Fblox&arttype=editorial&tv=js-3.0.136&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=5&tvcfg=lee&tid=09a12a46-6c6c-485a-b805-7a31a160d8f9&pid=98a78da4-8ef2-49fa-a8f9-195b47f75baa&dtm=1644254090756&qnm=_matherq&visible=1&tabid=3a237718-3bb9-4604-9ce5-954b1f64df6e&refr=http%3A%2F%2Fdmhaslam.com%2F&url=https%3A%2F%2Frichmond.com%2F&vrefr=http%3A%2F%2Fdmhaslam.com%2F&vp=1600x1200&ds=1600x7771&tofa=1644254091&vid=1&lvidt=1644254091&duid=eab426bd00a364b9&fp=3441833202&cid=ma1527&mrk=725149342&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY0NDI1NDA4Nzc2OCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI0Ny40bWIiLCJoZWFwVCI6IjU2LjhtYiIsImZzdFBhaW50IjoiMTY1MSIsImZldGNoUyI6IjEiLCJkb21haW5TIjoiMyIsImRvbWFpbkUiOiIxMDUiLCJjb25uUyI6IjEwNSIsImNvbm5FIjoiMzM5Iiwic3NsUyI6IjIxNiIsInJlcXVTIjoiMzQwIiwicmVzcFMiOiI1NjIiLCJyZXNwRSI6IjY3NSIsImRvbUxvYWQiOiI1NzEiLCJkb21JbnRlciI6IjIxMDciLCJkb21Mb2FkUyI6IjIxMTIiLCJkb21Mb2FkRSI6IjIxMzAifSwia2V5d29yZHMiOlsibmV3cyIsImJyZWFraW5nIiwibmF0aW9uYWwiLCJ1bml0ZWQgc3RhdGVzIiwidG9waWMiLCJzcG9ydHMiLCJwb2xpdGljcyIsImVudGVydGFpbm1lbnQiLCJidXNpbmVzcyIsImN1bHR1cmUiLCJzdG9jayBtYXJrZXQiLCJtaWxpdGFyeSIsImhlYWRsaW5lcyIsIkhvbGx5d29vZCIsIm11c2ljIiwiY2VsZWJyaXRpZXMiLCJLaWNrZXJzIiwiRmx5aW5nIFNxdWlycmVscyIsImNhcGl0YWwiLCJSaWNobW9uZCIsIlZBIiwiVmlyZ2luaWEiLCJIZW5yaWNvIENvdW50eSIsIlJpY2htb25kIE1ldHJvIiwiUmljaG1vbmQgTWV0cm9wb2xpdGFuIEFyZWEiXSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiIxNjI2ODUzOTExIiwicmVmVGltZSI6IjE2NDQyNTQwOTA3NTUifV19
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.123.142 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:14:49 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 588ms
588ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=368414246462868&correlator=3469474261255110&output=ldjh&impl=fif&eid=31061814%2C31063821%2C31064151%2C31064711%2C31063246&vrg=2022020101&ptt=17&us_privacy=1YYN&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=8438%2Crichmond.com%2Chomepage&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C300x250&prev_scp=pos%3Dfixed-big-ad-top%2Catf%2CRight%2C50%26density%3Dstandard%26lee_group%3D3%26lee_hours%3D17%26lee_day%3D1%26fp%3D125%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=k%3Dnews%252Cbreaking%252Cnational%252Cunited%2520states%252Ctopic%252Csports%252Cpolitics%252Centertainment%252Cbusiness%252Cculture%26sub%3Dno%26page%3Dhomepage%252Capp-editorial%252Cmd_screen%26browser%3DChrome&cookie=ID%3De1f5e9499766468e-224fb32d37cd00ff%3AT%3D1644254088%3AS%3DALNI_MbfmTi_5ZeyuUGDwhSlTKIKLtN-Xw&bc=31&abxe=1&dt=1644254090766&lmt=1644252735&dlt=1644254088339&idt=897&frm=20&biw=1600&bih=1200&oid=2&adxs=1180&adys=818&adks=3018502619&ucis=5&ifi=5&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Frichmond.com%2F&ref=http%3A%2F%2Fdmhaslam.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x600&msz=300x600&psts=AGkb-H_2io6bS1st9xq8ddrAA-K5cx66isRAqg38Sj24L24EYrqe3BeYvIFXrynwqPdFZWIj6Lj3pdEHNY5T92ZC%2CAGkb-H9GCsVUvxMyocPJFpKPBELSyrCFJKrKZ_e2gkoOyI58rd48R93buwhVj_-VDsWgE03nWNzO3q29AVqMigvRUbARAQrP1FEUpJlO%2CAGkb-H8YsrU7emvMSDx4Ezx6SJIF6dEzGQvzfQ-jTT2Vemvv7khaBu-WPSpmSOPajwwlUotfPxj0pV6DDdm30MXNFwKq4j8&ga_vid=1626853911.1644254089&ga_sid=1644254090&ga_hid=118054683&ga_fc=true&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js?31064711

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

62108630400647fc95e9562fb1ff5152c5f934b855935a9166ea66ff4c0deb7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11621
x-xss-protection: 0
google-lineitem-id: 5898283624
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138379216589
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://richmond.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D5EB 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9096f0cf5f0290bd6f2835c8dcd1cdbd2a2f6d1078cbbf334eaf2a0e6e05f01

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame FF59 0
0 88ms
88ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuijevBa4tK82QF9J4vFPfElFCjVaUBR8Ku82is4iiGW-BwA2MMs1pjdgjhUBTujJy3yCgLgLxOPZS3sJYfhiiO3sU3L8VW9R8dDIkZfjc0nl4t7IVlQyf0a_ko8nTza4nzc1v9gz07ZfwXrMHj_eke7_GwqJF7blxgVkafOJ1Livu-AvBrLLLaE0OxHkJ2rGG3CRkJdJrLJhbELmzsU7XWgm3DSOSeuZZuD64ElsVygXVuhDoo_puRvBdZNTYjNI9r-LqyhIfPBcOhLHhjTNKWkR6avsK9UlQuHuHfGV56R6jagPwTxz5CXXFgdlAQPdJCKA&sai=AMfl-YQGFmIErXixg70reNzkSXG7nfWYtDFsu_oefnnOsvgJilW8kw7PDmTr9G7vapx4z_pC_ilK47mm31sJ_6iXdBtr4oI0HIMkJfdtOUX2JL7W65vGSi0EjHO9T5oA8NPx&sig=Cg0ArKJSzI1XqdrbJHLhEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 07 Feb 2022 17:14:49 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7AFE 15 KB
6 KB 57ms
56ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160516
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=84240
expires: Tue, 08 Feb 2022 16:38:49 GMT
date: Mon, 07 Feb 2022 17:14:49 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 96D9 0
0 393ms
126ms Document
text/plain 67.202.105.23

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bYLXQOKxGr65fKaKjGFx_2&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 -, , ASN (),
Reverse DNS
Software: 33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/

Response headers

x-33x-status: 2000208
server: 33XP005
date: Mon, 07 Feb 2022 17:14:49 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5E41 52 KB
17 KB 259ms
60ms Document
text/html 2.18.232.130

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 -, , ASN (),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 08 Feb 2022 17:14:51 GMT
Date: Mon, 07 Feb 2022 17:14:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 1B29 281 B
554 B 197ms
58ms Document
text/html 104.109.78.125

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 07 Feb 2022 17:14:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame CA10 52 KB
17 KB 257ms
59ms Document
text/html 2.18.232.130

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 -, , ASN (),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 08 Feb 2022 17:14:51 GMT
Date: Mon, 07 Feb 2022 17:14:49 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 0FAC 15 KB
6 KB 56ms
56ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160516
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160516/4167/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/

Response headers

last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=84240
expires: Tue, 08 Feb 2022 16:38:49 GMT
date: Mon, 07 Feb 2022 17:14:49 GMT
vary: Accept-Encoding

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 9DA4 70 B
260 B 55ms
54ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 /
www.facebook.com/tr/ 44 B
159 B 183ms
58ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=961211893969940&ev=Domain&dl=https%3A%2F%2Frichmond.com%2F&rl=http%3A%2F%2Fdmhaslam.com%2F&if=false&ts=1644254090876&cd[custom_param]=richmond.com&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1644254090850.656531961&it=1644254090550&coo=false&exp=p0&rqm=GET

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 07 Feb 2022 17:14:49 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 1396 0
218 B 166ms
58ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://richmond.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://richmond.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Mon, 07 Feb 2022 17:14:49 GMT

GET
H2 200 a7842Ebmir64XXaKlId8sQ.js Show response
sc.tynt.com/script/sc/ Frame D5EB 964 B
901 B 77ms
58ms Script
text/javascript 104.18.29.199

General

Check archive.org

Show headers Download Go to

Full URL

https://sc.tynt.com/script/sc/a7842Ebmir64XXaKlId8sQ.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.29.199 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

9a0b1a9690f04a4edb73f001e803459e087d362f93d261b5135a74e3f03f2ed7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 374517
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 56dc248a-61e5-4115-89bc-3359f8ac1fd3
x-runtime: 0.002997
x-content-digest: 28527c61c78a7115c0d6807ab2a364b5fb8765bc
last-modified: Wed, 02 Feb 2022 15:08:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600, public, s-maxage=172800
cf-ray: 6d9e41ba78c872b4-LHR
x-rack-cache: fresh
expires: Wed, 02 Feb 2022 17:45:24 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 397ms
130ms Image
text/plain 67.202.105.33

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=a7842Ebmir64XXaKlId8sQ&lm=6&ts=1644254090899&dn=RCIV&iso=0&us_privacy=1YYN&img=https%3A%2F%2Fbloximages.newyork1.vip.townnews.com%2Frichmond.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2F73769e9c-c54c-11ea-9ace-179ea39eeb22.jpg%3Fcrop%3D630%252C630%252C285%252C0%26resize%3D200%252C200%26order%3Dcrop%252Cresize&ct=richmond.com%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&r=http%3A%2F%2Fdmhaslam.com%2F&t=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&cu=https%3A%2F%2Frichmond.com%2F
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 i99g3gee_content_config_1627585676199.js Show response
dkpklk99llpj0.cloudfront.net/ 845 B
1 KB 175ms
54ms Script
application/javascript 2600:9000:225e:1000:e:98bf:5f00:21

General

Check archive.org

Show headers Download Go to

Full URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_content_config_1627585676199.js
Requested by: Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1000:e:98bf:5f00:21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c564ab82eab3ab608280194eefcee40765ab7872e8ed349e806e3c3170c4631

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 06:45:03 GMT
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jul 2021 19:07:57 GMT
server: AmazonS3
age: 11701787
etag: "139043e0f27d6df6fda9a9005cd5c871"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 845
x-amz-cf-id: xhgb_zJQipq1MUB6pcbfHn4ux1sjjMtBGEnt2iQ_r8zy9vjtCW1eqQ==

GET
H2 200 i99g3gee_1606137453919.js Show response
dkpklk99llpj0.cloudfront.net/ 48 KB
15 KB 184ms
63ms Script
application/javascript 2600:9000:225e:1000:e:98bf:5f00:21

General

Check archive.org

Show headers Download Go to

Full URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Requested by: Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:1000:e:98bf:5f00:21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 24 Jul 2021 12:51:13 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 13:17:46 GMT
server: AmazonS3
age: 17123017
etag: W/"c1157a2d0ff0aa862fb2fbffb06ab4d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: kfnZbPwTYbcW8-cck-9xsxXm1kDAC4trPisLTSbRf2xsiyUrUzSWSg==

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7AFE 2 KB
3 KB 201ms
58ms Script
text/html 185.64.190.78

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43901956&p=160516&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YYN
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160516
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 434da5b019488e0b6c5e4a02d63bd76b04dff6a13fe7a9555ba53830b5c16cf9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 b-db72251-ca52e072.js Show response
tagan.adlightning.com/leeenterprises/ Frame 206B 83 KB
31 KB 60ms
59ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0e058c0d2e245c12a169dcbcfb3a4616dca2fb303c8770442e7b307335d08de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:24:05 GMT
content-encoding: gzip
age: 424245
x-cache: Hit from cloudfront
content-length: 31545
x-amz-meta-git_commit: db72251
last-modified: Wed, 02 Feb 2022 19:23:33 GMT
server: AmazonS3
etag: "532a04015b3fc466fbcee44a6ed756c7"
x-amz-version-id: mWZ_I6FMIgYInitSkYh9ozDq8dvcdxaw
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 6sEgPSuZKWfcidqhfekKkRYBBvKgr0DmXF-S-0LmkLKFz91SRsaHnQ==

GET
H3 200 10288582209657271386
tpc.googlesyndication.com/simgad/ Frame 206B 207 KB
207 KB 57ms
56ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10288582209657271386

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bab87ba9077b5d9b655247a392de467273ca8b8d5edd75b873b848a879adce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 04:47:59 GMT
x-content-type-options: nosniff
age: 131210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 211499
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 15:23:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 Feb 2023 04:47:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 206B 2 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 17:05:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 206B 123 KB
37 KB 217ms
153ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 17:14:49 GMT

GET
H2 200 sic.js Show response
cdn-sic.33across.com/1/javascripts/ Frame D5EB 420 KB
113 KB 196ms
69ms Script
application/javascript 104.18.14.222

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.222 -, , ASN (),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 807530ddc6711e3c4022758b3774303545e5d12ab081f5a3a34dac59a76b67e5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Feb 2022 18:12:00 GMT
server: cloudflare
age: 426246
x-powered-by: Love
etag: W/"61f977f0-69060"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600
cf-ray: 6d9e41bc7be171e4-LHR
expires: Mon, 07 Feb 2022 18:14:49 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1B29 32 KB
10 KB 60ms
60ms Script
text/html 104.109.78.125

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c86126948dcef8cd3021987de9ee4065bdfe007d182d7448b696b5dc09410e0a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:14:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=40349
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Tue, 08 Feb 2022 04:27:18 GMT

POST
H2 200 /
richmond.com/tncms/tracking/tncms-dmp/audience-extraction/ 0
154 B 115ms
113ms Ping
application/octet-stream 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://richmond.com/tncms/tracking/tncms-dmp/audience-extraction/?d=%7B%22name%22%3A%22client%22%2C%22value%22%3A6881%7D&rd=dmhaslam.com&i=1644254089898,
Requested by: Host: richmond.com
URL: https://richmond.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

real-hostname: richmond.com
x-vcache: MISS
age: 0
date: Mon, 07 Feb 2022 17:14:49 GMT
content-type: application/octet-stream
cache-control: s-maxage=0, private, no-cache
accept-ranges: bytes
content-length: 0

POST
H2 200 /
richmond.com/tncms/tracking/classifieds/featured/ 0
154 B 115ms
114ms Ping
application/octet-stream 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://richmond.com/tncms/tracking/classifieds/featured/?rd=dmhaslam.com&i=a9cf8483-3e00-5fce-8307-6f505ed73e49,05c97b6c-7c2a-5fda-9538-7581471ef589,575c281e-d51b-5d8f-a9b6-138bbae71633,73ed8529-8b56-5410-a650-d2682045e49d,
Requested by: Host: richmond.com
URL: https://richmond.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

real-hostname: richmond.com
x-vcache: MISS
age: 0
date: Mon, 07 Feb 2022 17:14:49 GMT
content-type: application/octet-stream
cache-control: s-maxage=0, private, no-cache
accept-ranges: bytes
content-length: 0

POST
H2 200 /
richmond.com/tncms/tracking/business/block/ 0
154 B 115ms
114ms Ping
application/octet-stream 192.104.183.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://richmond.com/tncms/tracking/business/block/?rd=dmhaslam.com&i=ac8463f6-8cf1-5d1c-be4e-b623676552e3,53bef399-7bb3-574c-a01a-623fed3c3de5,3fff837f-437a-5205-8192-40d704da5a08,
Requested by: Host: richmond.com
URL: https://richmond.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 192.104.183.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.newyork1.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://richmond.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

real-hostname: richmond.com
x-vcache: MISS
age: 0
date: Mon, 07 Feb 2022 17:14:49 GMT
content-type: application/octet-stream
cache-control: s-maxage=0, private, no-cache
accept-ranges: bytes
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5E41 0
731 B 57ms
57ms Script
text/html 185.33.221.13

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 17:14:49 GMT
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 23652a51-f6d4-4480-a3ed-111dd8d069b3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 206B 0
0 92ms
92ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5zsXjM3c8orXKxouJgSo_MZvex0bGkl15o2biZHltSe_1c4WjWvG9hetKEDftjMUHoRdZOxPDw-ZpDINxD-otDM4nCHzYkWmyg04uavS_pNyBpgjIfYupG0AgI34wCK0rEvToQApQ2AF9Pxyi6wmWQULeR3kQddVArNf_eCesNIfNz-6zI9u-V2LDHdA1klh88OUqv6b5_LD8sZ4AjyUj4QHgPb8NXImgiB4FX00EiVvSTcMgshdymEjxvvu0cWqvpEQ089es3pZDvkQ8IKnuF2aSNgk4jaLqZEPJ1gIq-HO3gFiaL2TNHPrNLqc&sig=Cg0ArKJSzLdGhLq-LXPWEAE&uach_m=[UACH]&adurl=

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame CA10 0
731 B 70ms
70ms Script
text/html 185.33.221.13

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 -, , ASN (),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 17:14:49 GMT
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 412eb895-b80c-4bc0-ad69-3ff68a44aa34
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 43B7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=E1F1F024-61F0-4B39-ADA4-B5F41BC98123
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E1F1F024-61F0-4B39-ADA4-B5F41BC98123

35 B
467 B

72ms
72ms

Document
image/gif

37.157.3.30

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E1F1F024-61F0-4B39-ADA4-B5F41BC98123

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160516

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 07 Feb 2022 17:14:49 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Mon, 07 Feb 2022 17:14:49 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=E1F1F024-61F0-4B39-ADA4-B5F41BC98123
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame AA43
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1701617817024180129

42 B
209 B

58ms
57ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1701617817024180129
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160516
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 07 Feb 2022 17:14:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug010:0:470
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1701617817024180129
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 571F
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4dec6201-5389-4700-bec5-ebd3546aa977&gdpr=0&gdpr_consent=

42 B
342 B

134ms
59ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4dec6201-5389-4700-bec5-ebd3546aa977&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160516
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 07 Feb 2022 17:14:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug029:0:548
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Mon, 07 Feb 2022 17:14:49 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master zrh-pixel-x31 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4dec6201-5389-4700-bec5-ebd3546aa977&gdpr=0&gdpr_consent=
Expires: Mon, 07 Feb 2022 17:14:48 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame A260 43 B
362 B 181ms
57ms Document
image/gif 178.250.0.163

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160516

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 07 Feb 2022 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 570651
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame DA4B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7062017538590636183

42 B
211 B

58ms
57ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7062017538590636183
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160516
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Mon, 07 Feb 2022 17:14:49 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug013:0:571
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Mon, 07 Feb 2022 17:14:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7062017538590636183

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7AFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=4fHwJGHwSzmtpLX0G8mBIw%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

15 KB
15 KB

63ms
63ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=84240
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5549
expires: Tue, 08 Feb 2022 16:38:49 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 7AFE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e7266201-5389-4e00-a8e3-01507dd90c4c

0
260 B

186ms
56ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e7266201-5389-4e00-a8e3-01507dd90c4c
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Mon, 07 Feb 2022 17:14:49 GMT
Server: MT3 4133 baa842e master zrh-pixel-x14 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=e7266201-5389-4e00-a8e3-01507dd90c4c
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 07 Feb 2022 17:14:48 GMT

GET

tp=CLOD
sync.crwdcntrl.net/map/c=8587/ Frame 7AFE
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=E1F1F024-61F0-4B39-ADA4-B5F41BC98123
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=566e419ccae4e19d8746d38b4d18470c
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D

0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7AFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RTFGMUYwMjQtNjFGMC00QjM5LUFEQTQtQjVGNDFCQzk4MTIz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
111 B

57ms
57ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:357
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7AFE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEE4U1_09iy3oOgqejEqzgM&google_cver=1

42 B
282 B

58ms
58ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEE4U1_09iy3oOgqejEqzgM&google_cver=1
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:794
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEE4U1_09iy3oOgqejEqzgM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 7AFE 43 B
612 B 174ms
52ms Image
image/gif 169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 06 Feb 2022 17:14:49 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7AFE
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1118248356666793168

42 B
390 B

58ms
58ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1118248356666793168
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:50 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug021:0:462
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:49 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1118248356666793168
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7AFE
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2e6c390c-3ec6-4220-bae3-c39c7ed5b0ee

42 B
602 B

192ms
58ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2e6c390c-3ec6-4220-bae3-c39c7ed5b0ee
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug027:0:577
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:49 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=2e6c390c-3ec6-4220-bae3-c39c7ed5b0ee
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 7AFE
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8046412152946258786&gdpr=0&gdpr_consent=

42 B
544 B

194ms
58ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8046412152946258786&gdpr=0&gdpr_consent=
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug019:0:444
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Mon, 07 Feb 2022 17:14:49 GMT
X-Proxy-Origin: 82.199.130.43; 82.199.130.43; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7b04c38d-6d4a-470f-a46d-436045f57362
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8046412152946258786&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
am.freshrelevance.com/tpc/ Frame 1528 5 KB
5 KB 179ms
55ms Document
text/html 63.35.102.46

General

Check archive.org

Show headers Download Go to

Full URL: https://am.freshrelevance.com/tpc/
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.102.46 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5857473a57aa96dfbcdcfcdb4b374c53ee05ee35f35d97c5fee6713b68eb1721

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
content-length: 4662
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate

GET
H2 200 / Show response
c8.dycdn.net/i99g3gee/s/Temporary-Stop-Reminder/ 114 B
443 B 216ms
95ms XHR
application/json 2600:9000:223c:9e00:16:f02f:46c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://c8.dycdn.net/i99g3gee/s/Temporary-Stop-Reminder/?k=huymc65&format=full&user_state=anonymous&d=ltlinyfkjm&url=https%3A%2F%2Frichmond.com%2F&sbr=richmond&curr=USD&lang=en
Requested by: Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9e00:16:f02f:46c0:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3ac1ce74d996fd1d5eb2f34feae5f87a3afa267474dc38308bf28a2f2462b9a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=20, must-revalidate, stale-while-revalidate=40, stale-if-error=40
content-length: 114
x-amz-cf-id: uVcCtlXI-nIh-ltQwj2X3HTl0oouNODoV5s__vqRGs9Hy-HjReJ1Aw==

GET
H2 200 / Show response
c8.dycdn.net/i99g3gee/s/Recently-Cancelled-90-Days-Ago/ 121 B
450 B 460ms
341ms XHR
application/json 2600:9000:223c:9e00:16:f02f:46c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://c8.dycdn.net/i99g3gee/s/Recently-Cancelled-90-Days-Ago/?k=huymc65&format=full&user_state=anonymous&d=ltlinyfkjm&url=https%3A%2F%2Frichmond.com%2F&sbr=richmond&curr=USD&lang=en
Requested by: Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9e00:16:f02f:46c0:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e4515f504b3f855b5fa765e6201f1adc54882fdea7717665d5f86252937c40d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=20, must-revalidate, stale-while-revalidate=40, stale-if-error=40
content-length: 121
x-amz-cf-id: 2iTY4BK4AuHRbY-x4JuwcdfFlUa5DjtpWxNPPzYCIAy0ti0kY1Kc1g==

GET
H2 200 / Show response
c8.dycdn.net/i99g3gee/s/New-Subscribers-Who-Are-Not-Digitally-Activated-Yet/ 142 B
473 B 214ms
98ms XHR
application/json 2600:9000:223c:9e00:16:f02f:46c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://c8.dycdn.net/i99g3gee/s/New-Subscribers-Who-Are-Not-Digitally-Activated-Yet/?k=huymc65&format=full&user_state=anonymous&d=ltlinyfkjm&url=https%3A%2F%2Frichmond.com%2F&sbr=richmond&curr=USD&lang=en
Requested by: Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9e00:16:f02f:46c0:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7dd5e1772037fc42030a3f4102640364b8cc6ad696c549fa95f3d7f13041cb0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=20, must-revalidate, stale-while-revalidate=40, stale-if-error=40
content-length: 142
x-amz-cf-id: hzIpJvwUSNUkB10ZlRpHffsGp0PglJYH7JDTukM-hV8VsGqraUnCuQ==

GET
H2 200 / Show response
c8.dycdn.net/i99g3gee/s/Update-account-to-EZ-Pay/ 115 B
445 B 218ms
103ms XHR
application/json 2600:9000:223c:9e00:16:f02f:46c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://c8.dycdn.net/i99g3gee/s/Update-account-to-EZ-Pay/?k=huymc65&format=full&user_state=anonymous&d=ltlinyfkjm&url=https%3A%2F%2Frichmond.com%2F&sbr=richmond&curr=USD&lang=en
Requested by: Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9e00:16:f02f:46c0:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28c34bd50c348323ceb8c44c6cbf5d3b5efdfcfa54b7fe00cbb7f5d0ea708bbf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=20, must-revalidate, stale-while-revalidate=40, stale-if-error=40
content-length: 115
x-amz-cf-id: DdS_IFQBbF999Lc2Oxt4bClApLQkISc_FkVVg4ldrFpZZtvLUhB60w==

GET
H2 200 / Show response
c8.dycdn.net/i99g3gee/s/Registered-Not-Subscribed-Special-Offer/ 130 B
459 B 211ms
98ms XHR
application/json 2600:9000:223c:9e00:16:f02f:46c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://c8.dycdn.net/i99g3gee/s/Registered-Not-Subscribed-Special-Offer/?k=huymc65&format=full&user_state=anonymous&d=ltlinyfkjm&url=https%3A%2F%2Frichmond.com%2F&sbr=richmond&curr=USD&lang=en
Requested by: Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:9e00:16:f02f:46c0:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f216ada54fdf038b59f1a7ce80cc58cec13915002dacab7cfea2add06d3b420d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=20, must-revalidate, stale-while-revalidate=40, stale-if-error=40
content-length: 130
x-amz-cf-id: Ine_KckWBbgQJFp742Svf4TV8mto1UIUKkR1x2uos9AUp24dVgFRFA==

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 397ms
131ms Script
application/javascript 67.202.105.31

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=a7842Ebmir64XXaKlId8sQ&dn=RCIV&cc=1&r=http%3A%2F%2Fdmhaslam.com%2F&us_privacy=1YYN
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Tue, 08 Feb 2022 17:14:49 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 130ms
129ms Image
text/plain 67.202.105.33

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=a7842Ebmir64XXaKlId8sQ&lm=6&ts=1644254090899&dn=RCIV&iso=0&us_privacy=1YYN&img=https%3A%2F%2Fbloximages.newyork1.vip.townnews.com%2Frichmond.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2F73769e9c-c54c-11ea-9ace-179ea39eeb22.jpg%3Fcrop%3D630%252C630%252C285%252C0%26resize%3D200%252C200%26order%3Dcrop%252Cresize&ct=richmond.com%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&r=http%3A%2F%2Fdmhaslam.com%2F&t=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&cu=https%3A%2F%2Frichmond.com%2F
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 206B 0
0 91ms
90ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0_bdd0uShZtrM5xAlLO85KQsDjfF1cESt26eXXIwCgEB9jVnaNqXt5XWYLtxoDLzP7hbgGcM7OiMqg3JBecOFexqBCTqqf88IsyN5EKy58Cn_bC3OSP-Q_Hn5F9ZPP2AbyVjdzkrQjN4Hf5Qk9dats5Osz7fNdlqP8XNO7XcIdwfzPFK4HqY5N3wU9wjgeX58-x2Y_e9K3ddFpp4XPfIKiPq8nTmMvX7Owf_d1wKmMjXQwhNBtH0L-myhA_yUPq-QtEB1_NIIPqtgl-e8rSZEm2MIJip8g8-KHFFCC3MwvoKgWEomnmQwFN8nNm_87Q&sig=Cg0ArKJSzBPDrSsqjsIqEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 07 Feb 2022 17:14:49 GMT

GET
DATA 200
OK truncated
/ Frame 206B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4364d51a7a4d8381fe45c651f701b1bc37b4b073f82e94fce108bb74c3b1317f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 b-db72251-ca52e072.js Show response
tagan.adlightning.com/leeenterprises/ Frame A110 83 KB
31 KB 59ms
57ms Script
application/javascript 18.66.139.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-db72251-ca52e072.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-100.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0e058c0d2e245c12a169dcbcfb3a4616dca2fb303c8770442e7b307335d08de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 19:24:05 GMT
content-encoding: gzip
age: 424245
x-cache: Hit from cloudfront
content-length: 31545
x-amz-meta-git_commit: db72251
last-modified: Wed, 02 Feb 2022 19:23:33 GMT
server: AmazonS3
etag: "532a04015b3fc466fbcee44a6ed756c7"
x-amz-version-id: mWZ_I6FMIgYInitSkYh9ozDq8dvcdxaw
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: b0x_IEqg9mnL_liqHzZAcwKv9-3GGwwM5z9zaK6OrvKCABkpcRqsiw==

GET
H3 200 4610852914791193831
tpc.googlesyndication.com/simgad/ Frame A110 85 KB
85 KB 56ms
55ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4610852914791193831

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d69f6bb6e48ffcf2c2eebcc151ed97827069b91025c264f36b6fe31a7cda55b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 08:34:04 GMT
x-content-type-options: nosniff
age: 31245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87438
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 15:23:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 07 Feb 2023 08:34:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame A110 2 KB
1 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:05:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 556
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Feb 2022 17:05:33 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A110 123 KB
37 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38146
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643806174374025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 07 Feb 2022 17:14:49 GMT

GET

tap.php
pixel.rubiconproject.com/ Frame 1B29
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1YYN
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1YYN&_test=YgFTigAEd_Cd2wBB
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgFTigAEd_Cd2wBB&us_privacy=1YYN&_test=YgFTigAEd_Cd2wBB

0
0

GET

tap.php
pixel.rubiconproject.com/ Frame 1B29
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YYN
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGaKI1Dv5GQnWE71GrD9GOw&google_cver=1

0
0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 1B29
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1YYN
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4dec6201-5389-4700-bec5-ebd3546aa977&expires=28

0
239 B

228ms
55ms

Image
image/gif

69.173.144.139

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4dec6201-5389-4700-bec5-ebd3546aa977&expires=28
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: HTTP/1.1
Server: 69.173.144.139 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Date: Mon, 07 Feb 2022 17:14:49 GMT
Server: MT3 4133 baa842e master zrh-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4dec6201-5389-4700-bec5-ebd3546aa977&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 07 Feb 2022 17:14:48 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 1B29 0
0 181ms
63ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?us_privacy=1YYN
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET

v1
ads.yahoo.com/cms/ Frame 1B29
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1YYN
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZCYFIQ8-1O-IYU9&sigv=1&esig=2~96e939ebec454e2af30b440d24fe7a956156ec0c&us_privacy=1YYN

0
0

GET

oTYNrvhw7aiUmFo_Crr5VMn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 1B29
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YYN
https://pr-bh.ybp.yahoo.com/sync/rubicon/oTYNrvhw7aiUmFo_Crr5VMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1YYN

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1B29
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1YYN
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pDWUZJUTgtMU8tSVlVOQ==&us_privacy=1YYN

170 B
188 B

65ms
65ms

Image
image/png

172.217.18.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pDWUZJUTgtMU8tSVlVOQ==&us_privacy=1YYN

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Server

172.217.18.98 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pDWUZJUTgtMU8tSVlVOQ==&us_privacy=1YYN
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 1B29 70 B
264 B 54ms
54ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YYN
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:14:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET v2
de.tynt.com/deb/ 0
0

OPTIONS identify
identity.mparticle.com/v1/ Frame 0
0

POST identify
identity.mparticle.com/v1/ 0
0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 129ms
129ms Image
text/plain 67.202.105.33

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=a7842Ebmir64XXaKlId8sQ&lm=6&ts=1644254090899&dn=RCIV&iso=0&us_privacy=1YYN&img=https%3A%2F%2Fbloximages.newyork1.vip.townnews.com%2Frichmond.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2F73769e9c-c54c-11ea-9ace-179ea39eeb22.jpg%3Fcrop%3D630%252C630%252C285%252C0%26resize%3D200%252C200%26order%3Dcrop%252Cresize&ct=richmond.com%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&r=http%3A%2F%2Fdmhaslam.com%2F&t=Richmond%20News%20%7C%20Richmond%20Times-Dispatch%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 0851 0
18 B 116ms
58ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://richmond.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://richmond.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0
date: Mon, 07 Feb 2022 17:14:50 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D5EB 0
0 89ms
88ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoKXdK0UXEu9NTb3SCnlLb8MiLgUNxJ1hsflVQMrh1caPpA3TqKU3U5zgHTZnwLXPyMT19RQ0ugwnWT68-VfsJGneVSSBhrWqlpZUCI8EhI-hSCgBM4UuzBCWbjE9L9PiM1dwgm_AlBbbvWcD1eJfrzSVcV0YZqRY4XRv8T3rs80RnVPtLQ6Ys8iFG-EIYk5jvGY4Gy0fqn7kj90cwqr5PrmZ_Rde8gHdt0QX92gCTzUmL2MW-QWeoYB3pgnf8AHI14LFVzJX3RFxyCeFunoLXeiE554RX8iaPkkYc3wz-UE5mlFCOod1Qvy7FOqU4Pg&sai=AMfl-YShXEc5ISCupxHLDZW3k0mdpXG0oEoej6L5ubzdwQopVwnbD9TqX6GHu4BKyX222yoZNiCR5f9qAjbN2ydJOg0b0cBsdgA2IP_OZ8HoHIATYx-gDzMYjVNbIb5rGf6l&sig=Cg0ArKJSzKXzku3aqUKlEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 07 Feb 2022 17:14:50 GMT

GET
H2 200 sic.css
cdn-sic.33across.com/1/stylesheets/ 7 KB
2 KB 57ms
56ms Stylesheet
text/css 104.18.14.222

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.14.222 -, , ASN (),
Reverse DNS
Software: cloudflare / Love
Resource Hash: 4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 01 Feb 2022 18:12:00 GMT
server: cloudflare
age: 426247
x-powered-by: Love
etag: W/"61f977f0-1c90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3600
cf-ray: 6d9e41be88e671e4-LHR
expires: Mon, 07 Feb 2022 18:14:50 GMT

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ Frame B2D7 90 KB
32 KB 67ms
67ms Script
application/javascript 2.18.232.130

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a876f7590c4f5401126a7f86a487411e1edb22b7750b8d7e10dbc2fe1178939d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 07 Feb 2022 17:14:50 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 15:43:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61b0d28a-169ff"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 32042
Expires: Tue, 08 Feb 2022 17:14:52 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 5C01 134 KB
36 KB 60ms
60ms Script
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH
content-encoding: gzip
etag: 8d3665a9b316600491247ca6d78c204c
age: 674
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1SPQK1P0DJWDS4RTQB1R
date: Mon, 07 Feb 2022 17:03:37 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: w5EVNHto7Gr2C_yQ0sWpOxCz5sr6vFUxIKm7CbkX40SEWGRJXAiEdQ==

GET authorize
sic.33across.com/ 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A110 0
0 89ms
88ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuryIbw-ntGOoMlrKFS67gX-BUaiCwWLPmrDAjg-_TQqkaefJwBRtlheh_41y-wWHEEGb3lMzZ5UQfRUUHYC1s8-UYmrtuCWC5_IiWJ0r6FFAyw_TVBst8CX_ZC0XYwSRZNfTiAwlxCdtVkwoUGAno93BuOT_jdOa-4_3D3qKVcF2KjXwlEmV6sfDKjiz_s-ZN_PDB_9TghyEDAW-6SPy-xN0U5M92426ym260OVEZeufqYngT3NhnxSimIHlE2zw0dx4IUsgg5psNnZVMSeLotTA2AOiCZrLjTwyazuBLcY7cjO5H-wAA_B0dxAQc&sig=Cg0ArKJSzE8tY6qo9pKJEAE&uach_m=[UACH]&adurl=

Requested by

Host: richmond.com
URL: https://richmond.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A110 0
0 88ms
88ms Fetch
image/gif 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKQmeeviO-4s2Mb6YzqXk5aop7zPKtPpgc6ndv5RYGfTYo4NxqUU-UsCH7gNzrJS5lPDntP3ggPICDmk7WrvogkyS7yT5XXtbTDlYCFw4gQvciNC_LF_MPiaAgJMTTWgcti7JhPLT8ZHY7Mh74H9q3l9338gPYxphn7pgBG_edlZIN5Qh-MpsYHhomPaFJdRqd_IAGfaqqvI6d4mKyY1XhsB0h5aS2EbA2pL_CIa_QleLzdptn6tMMHXsAfQlfAoebrCV2728j93qgXaRMhoeoRz-VrgNlWps8ITYAMozySgy54ciut_ATe778fnm2PQ&sig=Cg0ArKJSzIOcuORkCwRIEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 07 Feb 2022 17:14:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 07 Feb 2022 17:14:50 GMT

GET
DATA 200
OK truncated
/ Frame A110 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4c9da147f2c1764047604983461ff316388f978402113a24c868e6e022ed50c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET a-0584
i.liadm.com/s/c/ Frame 9DC9 0
0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 130ms
130ms Image
text/plain 67.202.105.33

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=a7842Ebmir64XXaKlId8sQ&lm=6&ts=1644254090899&dn=RCIV&iso=0&us_privacy=1YYN&img=https%3A%2F%2Fbloximages.newyork1.vip.townnews.com%2Frichmond.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2F73769e9c-c54c-11ea-9ace-179ea39eeb22.jpg%3Fcrop%3D630%252C630%252C285%252C0%26resize%3D200%252C200%26order%3Dcrop%252Cresize&ct=richmond.com%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping&r=http%3A%2F%2Fdmhaslam.com%2F
Requested by: Host: richmond.com
URL: https://richmond.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.33 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:14:50 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5C01 6 KB
3 KB 59ms
58ms XHR
application/javascript 18.66.109.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-109-174.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://richmond.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 62214
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 21 Jan 2022 02:54:57 GMT
server: AmazonS3
date: Sun, 06 Feb 2022 23:57:57 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 d4744f6f4cb683596fb4a26e59b2aba8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: 5J_yIfkL4LZ0pw6JMB0uboZecv4SRS-6tcguEpQq_JOpR5w4Ux_99A==

GET get
am.freshrelevance.com/ 0
0

GET p
ic.tynt.com/b/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.crwdcntrl.net
URL: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgFTigAEd_Cd2wBB&us_privacy=1YYN&_test=YgFTigAEd_Cd2wBB

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGaKI1Dv5GQnWE71GrD9GOw&google_cver=1

Domain: ads.yahoo.com
URL: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZCYFIQ8-1O-IYU9&sigv=1&esig=2~96e939ebec454e2af30b440d24fe7a956156ec0c&us_privacy=1YYN

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/rubicon/oTYNrvhw7aiUmFo_Crr5VMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1YYN

Domain: de.tynt.com
URL: https://de.tynt.com/deb/v2?m=xch&id=a7842Ebmir64XXaKlId8sQ&dn=RCIV&cc=1&r=http%3A%2F%2Fdmhaslam.com%2F&us_privacy=1YYN

Domain: identity.mparticle.com
URL: https://identity.mparticle.com/v1/identify

Domain: identity.mparticle.com
URL: https://identity.mparticle.com/v1/identify

Domain: sic.33across.com
URL: https://sic.33across.com/authorize?usPrivacy=1YYN&version=3.21.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&product=inview&userId=&lexId=&sessionId=&publisherURL=https%3A%2F%2Frichmond.com%2F&referrerURL=http%3A%2F%2Fdmhaslam.com%2F&publisherId=a7842Ebmir64XXaKlId8sQ&publisher=BHMedia_RON_Desktop&maxTouchPoints=0&navigatorPropsCount=61&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=7894&_=1644254091591&callback=_tynt_jp.aajk2k3gv

Domain: i.liadm.com
URL: https://i.liadm.com/s/c/a-0584?s=&cim=&ps=true&ls=true&duid=e481f3521b07--01fvajwn9ae2h233j7tky90akz&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&us_privacy=1YYN&

Domain: am.freshrelevance.com
URL: https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%22ltlinyfkjm%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36%22%2C%22w%22%3A%22i99g3gee%22%7D%7D

Domain: ic.tynt.com
URL: https://ic.tynt.com/b/p?id=a7842Ebmir64XXaKlId8sQ&lm=6&ts=1644254090899&dn=RCIV&iso=0&us_privacy=1YYN&img=https%3A%2F%2Fbloximages.newyork1.vip.townnews.com%2Frichmond.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2F73769e9c-c54c-11ea-9ace-179ea39eeb22.jpg%3Fcrop%3D630%252C630%252C285%252C0%26resize%3D200%252C200%26order%3Dcrop%252Cresize&ct=richmond.com%20%7C%20Richmond%2C%20Virginia%20news%2C%20business%2C%20sports%2C%20entertainment%2C%20restaurants%2C%20events%2C%20arts%20and%20shopping

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 05:07:45	Name: NID Value: 511=pBB69StDag-pr8_q-t0Z3OfAPycE7LX77J-akFGNHfs9LRQMtJ1OJ_gc6yweSfanxaoeYlDIiDH18Fh4WU30wFDIHSOrlSkYgv-dD_4bS5viZL9RAdxxofOkbt3Mxpw_KaxPf1JxDsVdBT6Twkr8kY2m2MUHTHsFIF8lsVXBKnI
richmond.com/	1970-01-20 09:29:50	Name: usprivacy Value: 1YYN
.richmond.com/	1970-01-20 00:44:17	Name: AMP_TOKEN Value: %24NOT_FOUND
.richmond.com/	1970-01-20 00:45:40	Name: _gid Value: GA1.2.1787454534.1644254089
.richmond.com/	1970-01-20 00:44:14	Name: _dc_gtm_UA-54716522-7 Value: 1
.richmond.com/	1970-01-20 18:15:26	Name: _ga_NFTGWT90ER Value: GS1.1.1644254089.1.0.1644254089.0
.richmond.com/	1970-01-20 09:29:50	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Mon+Feb+07+2022+17%3A14%3A49+GMT%2B0000+(GMT)&version=6.6.0&hosts=&landingPath=https%3A%2F%2Frichmond.com%2F&groups=C0002%3A1%2CC0001%3A1
.richmond.com/	1970-01-20 18:15:26	Name: _ga Value: GA1.2.1626853911.1644254089
.doubleclick.net/	1970-01-20 00:44:14	Name: test_cookie Value: CheckForPermission
richmond.com/	1970-01-20 01:27:26	Name: _pbjs_userid_consent_data Value: 3524755945110770
.richmond.com/	1970-01-20 05:03:26	Name: _pubcid Value: 401fdea2-76a4-4ed8-8f03-4551b3bebd58
.richmond.com/	1970-01-20 10:05:50	Name: __gads Value: ID=e1f5e9499766468e-224fb32d37cd00ff:T=1644254088:S=ALNI_MbfmTi_5ZeyuUGDwhSlTKIKLtN-Xw

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://richmond.com/(Line 242) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/survey?site=_3goyquncnmlbmo6yzmnbgykxvm&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088642, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://richmond.com/(Line 242) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/survey?site=_3goyquncnmlbmo6yzmnbgykxvm&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088642, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://survey.g.doubleclick.net/survey?site=_3goyquncnmlbmo6yzmnbgykxvm&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088642(Line 88) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/insights/consumersurveys/static/441284884201057529/prompt_embed_static.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://survey.g.doubleclick.net/survey?site=_3goyquncnmlbmo6yzmnbgykxvm&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088642(Line 88) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/insights/consumersurveys/static/441284884201057529/prompt_embed_static.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://survey.g.doubleclick.net/survey?site=_3goyquncnmlbmo6yzmnbgykxvm&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088642(Line 81) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adservice.google.com.hk/adsid/integrator.sync.js?domain=richmond.com, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://survey.g.doubleclick.net/survey?site=_3goyquncnmlbmo6yzmnbgykxvm&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088642(Line 89) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/gk/prompt?site=_3goyquncnmlbmo6yzmnbgykxvm&t=1&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088916&ref=http%3A%2F%2Fdmhaslam.com%2F&token=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://survey.g.doubleclick.net/survey?site=_3goyquncnmlbmo6yzmnbgykxvm&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088642(Line 89) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/gk/prompt?site=_3goyquncnmlbmo6yzmnbgykxvm&t=1&url=https%3A%2F%2Frichmond.com%2F&cid=everything&random=1644254088916&ref=http%3A%2F%2Fdmhaslam.com%2F&token=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://id.rlcdn.com/709414.gif?us_privacy=1YYN Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.leetemplates.com
acdn.adnxs.com
ad.crwdcntrl.net
ads.pubmatic.com
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
adservice.google.com.hk
am.freshrelevance.com
ampcid.google.com
analytics.google.com
b-code.liadm.com
bloximages.chicago2.vip.townnews.com
bloximages.newyork1.vip.townnews.com
c.amazon-adsystem.com
c1.adform.net
c8.dycdn.net
c8a7c89b7eb4316383b2dbee3f32b34c.safeframe.googlesyndication.com
cdn-sic.33across.com
cdn.cookielaw.org
cdn.tynt.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contributor.google.com
d1eoo1tco6rr5e.cloudfront.net
d5p.de17a.com
d81mfvml8p5ml.cloudfront.net
de.tynt.com
dis.criteo.com
dkpklk99llpj0.cloudfront.net
dmhaslam.com
dn1i8v75r669j.cloudfront.net
dsp.adfarm1.adition.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
geolocation.onetrust.com
gum.criteo.com
hbopenbid.pubmatic.com
i.liadm.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
identity.mparticle.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
js.matheranalytics.com
jssdkcdns.mparticle.com
match.adsrvr.org
mug.criteo.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
qnhtg9kbqjgw2izax.ay.delivery
richmond.com
rp.liadm.com
rp4.liadm.com
sb.scorecardresearch.com
sc.tynt.com
securepubads.g.doubleclick.net
sic.33across.com
simage2.pubmatic.com
ssc-cms.33across.com
ssc.33across.com
stats.g.doubleclick.net
storage.googleapis.com
survey.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
tagan.adlightning.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.hk
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
ads.yahoo.com
am.freshrelevance.com
de.tynt.com
i.liadm.com
ic.tynt.com
identity.mparticle.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
sic.33across.com
sync.crwdcntrl.net
104.109.78.125
104.18.131.43
104.18.14.222
104.18.29.199
107.178.250.234
13.32.121.21
142.250.185.226
15.197.193.217
169.50.137.182
172.217.18.98
178.250.0.157
178.250.0.163
18.66.109.174
18.66.123.144
18.66.139.100
18.66.97.9
185.29.132.241
185.33.221.13
185.64.189.112
185.64.190.78
185.64.190.80
192.104.183.109
198.47.127.20
2.18.232.130
2.18.233.180
213.155.156.165
2600:1f18:730:b130:4896:6298:98c:bff0
2600:9000:223c:9000:7:5031:dc0:21
2600:9000:223c:9e00:16:f02f:46c0:93a1
2600:9000:223e:7400:2:36a1:2f40:21
2600:9000:225e:1000:e:98bf:5f00:21
2600:9000:225e:c00:8:8845:1500:93a1
2602:803:c004:200::141
2606:4700:10::6814:b944
2606:4700:3032::ac43:bb58
2606:4700::6810:125e
2606:4700::6810:9440
2a00:1450:4001:802::2003
2a00:1450:4001:808::2010
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82a::2011
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9d
2a02:2638::1c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42::645
34.102.205.239
34.149.20.76
35.244.174.68
37.157.3.30
50.116.93.126
52.2.140.242
52.208.103.128
54.235.123.142
63.35.102.46
67.202.105.23
67.202.105.31
67.202.105.33
69.173.144.139
69.173.144.165
85.114.159.118
0155b0aeedb84b8410bf7adc50bd0a5a0fc8e622b577051a51018aaa0d64fcd1
059bc42513157b8af9033f063157dffd7a9a1c6bbc9e4f2b3bc75d52be38863d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a2e3bdef9b21ae30a64ad7a0fef8212092cbb190364e80add18c7b1dee51a00
0aae37caeb1c5064881f16534e735f299658ad15ebe527cb1969e75d9ceb1c40
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0ae19499f2cd0d07598e4afa827bd105cce3317a34c2896232b9b7d30a8cb22a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c564ab82eab3ab608280194eefcee40765ab7872e8ed349e806e3c3170c4631
0e31a93a1a74cfe390ad49058c112eb5649d9f4eb31e8f583ede95f51b76f768
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
134482ec36c8980c2c7a3f2454c76546abcd612c9ae596d011251a7cd1d0fcbb
137c2e35b0f2696fca4a369b73d5b894abb70b7b366074fb295548c06c100d0f
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293
1ddd466f2537ff1e7c620b9f5d3c50229baa530655c61abbdc412cf7b6c7fd5e
1f57ea34c9e9dc9551f9f7a0896e8e380de3a22e89677eda86bb293ddb9b1068
2466456c79fbed650d0e4d2da97ed06714702090c112c645fddc4cfa8d478f5f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28c34bd50c348323ceb8c44c6cbf5d3b5efdfcfa54b7fe00cbb7f5d0ea708bbf
2c6bb7266d40c841cb0a88d47ecd032b961e5376220de35116657f71a8ce5371
2f5bf5edcefe950e16d287cdcb9c28690952439098ee0639f4a960fe268ae231
2ff30298cb08600b21e18d99439aab14c6616c4436c5183aeeb1b47f68994448
321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2
33b7156849ed2be9d86927f085f2eecdc4ae7fc3571999ee1787579392c172db
35c36630f1e586dc25af700184ee7ad4d2f0a1b3cb199f80f52367fa487a6515
3991138664f8a2717cd6fd5d4394c3cdeff54b01e001b9c128d67511e8a1900b
3a16f3da7062338d2534bf13f292376ac6af6b80600d59d5bc28b6c40000eef7
3bab87ba9077b5d9b655247a392de467273ca8b8d5edd75b873b848a879adce7
3c6399a527c117691a6dba2e4922496428409720b574e2975927be7c565f8a45
3c9a2d086d47148ae23b40fb16fa13a5bd578e40aa7ee5acabd1ad9d3c958ecf
3d2dd4469f84eee0b4a7fc1791a51c9fe3544bf4b26df414af78a2fddbe5938d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4515f504b3f855b5fa765e6201f1adc54882fdea7717665d5f86252937c40d
3e5d9f3b6226d8da686e31f39402f803d1bf63da4885179c059cde073188847c
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ae042209b780c8ad81b963e999db977294b255b03bb26de7d113d366d9b52e
41148f957d6a4c46f322af4e09a27fa542e75b7fda5caf3c4c636dc76a004d21
434da5b019488e0b6c5e4a02d63bd76b04dff6a13fe7a9555ba53830b5c16cf9
4364d51a7a4d8381fe45c651f701b1bc37b4b073f82e94fce108bb74c3b1317f
45782508a28c1f03ebbfd53a3f172c85e77877a18b612b6dd23819cdc35dc54f
499ad3f3d7f86fcd79f14e77641d39b3ed38951e64abce67f1401acabc20be23
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
4f808368b7d46fb5ca2841964ebb52519e57a058455eb1e50f90a25aecd2346f
503e7e9a5cc0973e6e47ec2e87702631a1e972f0d0a932da8ae26b9280f7049d
52e60d9d73f638113d96ea4e17081c27c11c407c37789fa18f870036c8375f69
579a8a3bde7b9e027be8efdd1cf190b619765d363150064cf33e647c14d9b972
5857473a57aa96dfbcdcfcdb4b374c53ee05ee35f35d97c5fee6713b68eb1721
587358e353a326b4dd31335a33506558f4b03d04b9524680e8f744417e8d5c8e
5893bd080d50d15706acc7a4a216160ed89641c7f7ef286418a57ca2d684d744
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
592c6269cdbcc73b062691371a686b601eb4f644602817ee681172b085910f33
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
5e0289e282d90153dd5a7c7a7ee92f7419e8e297f235d57b9bfd6fff03650050
5f7ec4799d60efabc6801a4e439ce3c0b942bbc1e8c0dc1e4624697a1059c207
5fefa6bc00a2fca4d3ca705862d42dfdbb8f69124b2f0cc0896d3c7c2c05890a
62108630400647fc95e9562fb1ff5152c5f934b855935a9166ea66ff4c0deb7b
644304fe15c7f17a6ab07588fa14318ebce8730a85eb17b3a0fddca16fe9bae6
698a43653cc49979ec65cfc87395e4d71494605e707232a5922aa52b5b9a8c95
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d629212eace0da98c37230c3940e8240b3189b35542ed19b6a586fb58f5a29c
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
807530ddc6711e3c4022758b3774303545e5d12ab081f5a3a34dac59a76b67e5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cd704cd6cc7d0c9195db1d31dd3498e8ba08ade15abad26a2dfacb187c5559
8bf8e1f69f84e16d7c0b046cc032f092ed72c54438dea02e49b01e3f4a536ef7
8d69f6bb6e48ffcf2c2eebcc151ed97827069b91025c264f36b6fe31a7cda55b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
8e69c64655718315422d63e22bc7dddaacd2fe1e1ceb20a6758287a76b9c6f66
8ea9df9aa296a2eac3fe1a8b6972fecea49c7295f723cf9c93356ff9301a09ec
8f26d9c6080c218b83e75705e3781a8bc4ebc6ebf002be219c9fa2cd6f248301
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
9471f5693561c824313f9961666fcc0ceff062ee2c3c1518fd0316d82a845a1e
977c5b3e25e233cc516fc25b80ce3b17280de37be1fcdc52158e6e8bca057146
9a0b1a9690f04a4edb73f001e803459e087d362f93d261b5135a74e3f03f2ed7
9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a620bac688a40959ef695f33580021704d33ff350c7a1af32e75d8b3875a503a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a769d4bf461200d7c95adb57e300810ce0c5e61951f031755e91aad1329c4691
a876f7590c4f5401126a7f86a487411e1edb22b7750b8d7e10dbc2fe1178939d
ac88ba62392665e9f15f5b25f55914ffe9380b91c75b5a6ac6f027bfa85f769b
ae46c76588381b83efbff222c63eeb3f83a26af9e5afdbec0137875be47a6b43
b03dcb0dc1251b1aa5c7e7fce51c3dcb20932cfe970d8ee777233a289a40af08
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b140866a13c2eeca9a0ad91f4bf8e505a0fa237279f9d6616c3c21329139f1de
b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba
b2bedb8d9b818971c16b394180d1decd7e9993d6d6bcc0656637fa4a2e0ef191
b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8
b40d1ba6824e021fa643232f388290e7cd4f5839ec849e2011281c4afda892f0
b4f27217266d80fe11f1658ceebafe4861266be576d150f40d9b7967603a49e0
ba3830a5f35beb0359305242c7b5805c591ec629484014f0eb68be11c1dcc21b
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c020f54c248a55614e1dbe7002ac03e4a6ed263a6e9d460621b4894add76efcd
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
c7426aeff151d2fdfb04dd358dbb59dce9a28886ed66e6ac3f2eb72cc95fdfd9
c7dd5e1772037fc42030a3f4102640364b8cc6ad696c549fa95f3d7f13041cb0
c7f09763510e015db838fca43073af1ccae9916f8caaafb25420a97b4d6c7a14
c86126948dcef8cd3021987de9ee4065bdfe007d182d7448b696b5dc09410e0a
c9096f0cf5f0290bd6f2835c8dcd1cdbd2a2f6d1078cbbf334eaf2a0e6e05f01
ca03dbe1c023b4686015bc45773bc4e7442bfece719b59ce9120aaffbde37bda
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccabc3a051bce551711144d9616f09fba7f44362c08bde4376f28eb22a55868d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d018dfe8631f61492271d2c987e71f50805c4416ad0743d3fe1546aab43bf3de
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
d3ac1ce74d996fd1d5eb2f34feae5f87a3afa267474dc38308bf28a2f2462b9a
d4c9da147f2c1764047604983461ff316388f978402113a24c868e6e022ed50c
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d7c352e1ba053704a4c464da3ab9ab2562b5986a4ef42c6e88e8c362da5d6ef8
da46bc766028c67f94e34c39ecf0c36513fd5ffffe1e126ce09908ebcd671eb6
da4f62c7c8e392533bda2a958de53c0b86ded73e0b9bff20d7933033fea852d2
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48190856f5d6e66b7bb2916ddbbfc2d53d29a1fd836a447104296990139bb38
e50492c68666405f4431adc1cb95797575aeceae75a026f595f605ecabb0f5a2
e6be4f96beea75ebc4da0f8855206fc3855ddd87a654a138a6eed6162b3e1e1d
e7fe7dc5b6979e94fd97ed5593d31c69f3b0b29b1354fd00100bfe9d38f515d2
eb0a8d5efdae10d100a7b7cae77892bc88915033f7d55da0ac843ec39215586b
eb399a9bad20f3b1492350696544ea96bad5c0ba489db220928b04d165edeee4
eb88c63564f3f922d34da97ea59e6f5dbf7f03aa436998d122a83beab3982189
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f0e058c0d2e245c12a169dcbcfb3a4616dca2fb303c8770442e7b307335d08de
f216ada54fdf038b59f1a7ce80cc58cec13915002dacab7cfea2add06d3b420d
f404338a16a4d0697ab276ffcf2a3ff0e363d720f04ebc4a3f9a621c4c1671b8
f52a40d9006b1650f4bd0a5b4a9751b693b99cd4fce9a9f50b05e27aef8a7148
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f5ec567cf8be00ed763cfe83ec5d8729a3287e4139897df9644fd261c6ca1bed
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
f9d210c2e7d39f54447b0471255e4a49971a190e34e0af009ef0b70aceff66d7
fa30e9720dd284ac00b9938f95e1a82fa508a18e420f7704ef74cd749149ae93
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

richmond.com Open in urlscan Pro 192.104.183.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

238 Requests

86 %HTTPS

41 %IPv6

44 Domains

84 Subdomains

65 IPs

5 Countries

3881 kBTransfer

9134 kBSize

12 Cookies

12 Outgoing links

Page URL History

Redirected requests

238 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

richmond.com Open in urlscan Pro
192.104.183.109 Public Scan

Screenshot
Live screenshot

Full Image

238
Requests

86 %
HTTPS

41 %
IPv6

44
Domains

84
Subdomains

65
IPs

5
Countries

3881 kB
Transfer

9134 kB
Size

12
Cookies

238 HTTP transactions
0 data transactions