cm.theadvertiser.com Open in urlscan Pro
151.101.66.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cl.exct.net/?qs=75b1271336b7c2d0a20ef71892b222d4acf996617da3af5ac0cd4d922fe487811e056ea26fb073c21cbfaa88ed86...
Effective URL:
https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&...
Submission: On January 13 via manual (January 13th 2022, 10:04:15 pm UTC) from US — Scanned from DE

Summary HTTP 42 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 42 HTTP transactions. The main IP is 151.101.66.62, located in United States and belongs to FASTLY, US. The main domain is cm.theadvertiser.com. The Cisco Umbrella rank of the primary domain is 968821.
TLS certificate: Issued by R3 on December 7th 2021. Valid for: 3 months.

This is the only time cm.theadvertiser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:6c0... 2a02:26f0:6c00:2ad::416d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	151.101.66.62 151.101.66.62	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.35.253.78 13.35.253.78	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.194.62 151.101.194.62	54113 (FASTLY) (FASTLY)
2	151.101.2.62 151.101.2.62	54113 (FASTLY) (FASTLY)
2	34.107.143.101 34.107.143.101	15169 (GOOGLE) (GOOGLE)
1	65.9.7.60 65.9.7.60	16509 (AMAZON-02) (AMAZON-02)
1 3	13.33.240.66 13.33.240.66	16509 (AMAZON-02) (AMAZON-02)
1	34.102.161.46 34.102.161.46	15169 (GOOGLE) (GOOGLE)
42	13

1 2a02:26f0:6c00:2ad::416d (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cl.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 151.101.66.62 (United States)

ASN54113 (FASTLY, US)

cm.theadvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticassets.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user.theadvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-78.fra6.r.cloudfront.net

try.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.62 (United States)

ASN54113 (FASTLY, US)

www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.62 (United States)

ASN54113 (FASTLY, US)

staticassets.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.143.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.143.107.34.bc.googleusercontent.com

dcinfos-cache.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.60 (Altamonte Springs, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.240.66 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-240-66.hel50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.161.46 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 46.161.102.34.bc.googleusercontent.com

ariane.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 444	183 KB
9	theadvertiser.com cm.theadvertiser.com — Cisco Umbrella Rank: 968821 user.theadvertiser.com — Cisco Umbrella Rank: 657636	125 KB
8	gannettdigital.com staticassets.gannettdigital.com — Cisco Umbrella Rank: 48861	524 KB
6	abtasty.com try.abtasty.com — Cisco Umbrella Rank: 9651 dcinfos-cache.abtasty.com — Cisco Umbrella Rank: 10830 ariane.abtasty.com — Cisco Umbrella Rank: 10200	69 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 124	2 KB
3	gannett-cdn.com www.gannett-cdn.com — Cisco Umbrella Rank: 5760	55 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 698	622 B
1	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2442	25 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 202	1 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 258	31 KB
1	exct.net 1 redirects cl.exct.net — Cisco Umbrella Rank: 34232	454 B
42	11

	Domain	Requested by
9	cdn.cookielaw.org	cm.theadvertiser.com cdn.cookielaw.org
8	staticassets.gannettdigital.com	cm.theadvertiser.com
8	cm.theadvertiser.com	cm.theadvertiser.com
3	sb.scorecardresearch.com	1 redirects www.gannett-cdn.com
3	www.gannett-cdn.com	cm.theadvertiser.com www.gannett-cdn.com
3	try.abtasty.com	cm.theadvertiser.com try.abtasty.com
2	dcinfos-cache.abtasty.com	try.abtasty.com
2	geolocation.onetrust.com	cdn.cookielaw.org
1	ariane.abtasty.com	try.abtasty.com
1	cdn.parsely.com	www.gannett-cdn.com
1	user.theadvertiser.com	cm.theadvertiser.com
1	cdnjs.cloudflare.com	cm.theadvertiser.com
1	ajax.googleapis.com	cm.theadvertiser.com
1	cl.exct.net	1 redirects
42	14

This site contains links to these domains. Also see Links.

Domain
www.theadvertiser.com
login.theadvertiser.com
account.theadvertiser.com
user.theadvertiser.com
subscribe.theadvertiser.com
static.theadvertiser.com
profile.theadvertiser.com
chat.theadvertiser.com
help.theadvertiser.com

Subject Issuer	Validity	Valid
theadvertiser.com R3	`2021-12-07` - `2022-03-07`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
try.abtasty.com Amazon	`2021-07-27` - `2022-08-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
usatoday.com R3	`2021-12-10` - `2022-03-10`	3 months	crt.sh
dcinfos-cache.abtasty.com R3	`2021-11-14` - `2022-02-12`	3 months	crt.sh
*.parsely.com Amazon	`2021-07-05` - `2022-08-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
ariane.abtasty.com R3	`2021-11-12` - `2022-02-10`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
Frame ID: 29E48F0F7DED77FEDC82396FA150D90F
Requests: 42 HTTP requests in this frame

Frame: https://cm.theadvertiser.com/nanobar/010422_NewYearsResolutionSale
Frame ID: 942B8A393A9DADE59192768B342B62C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Subscription Offers, Specials, and Discounts

Page URL History Show full URLs

https://cl.exct.net/?qs=75b1271336b7c2d0a20ef71892b222d4acf996617da3af5ac0cd4d922fe487811e056ea2... HTTP 302
https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2... Page URL

Detected technologies

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

42
Requests

98 %
HTTPS

38 %
IPv6

11
Domains

14
Subdomains

13
IPs

2
Countries

1015 kB
Transfer

2623 kB
Size

14
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://www.theadvertiser.com/

Search URL Search Domain Scan URL

URL: https://login.theadvertiser.com/PLAL-GUP/authenticate?success-url=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP1FS2L4-72686681
Title: Sign In

Search URL Search Domain Scan URL

URL: https://account.theadvertiser.com/
Title: Hi,

Search URL Search Domain Scan URL

URL: https://user.theadvertiser.com/PLAL-GUP/user/logout/?return-url=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP1FS2L4-72686681
Title: Sign Out

Search URL Search Domain Scan URL

URL: https://subscribe.theadvertiser.com/checkoutflow?offer=W-3K&pid=6802&type=digital&gps-source=EXEMLP1FS2L4&utm_source=exacttarget&utm_medium=email&utm_campaign=EXEMLP1FS2L4-72686681

Search URL Search Domain Scan URL

URL: https://subscribe.theadvertiser.com/checkoutflow?offer=W-3K&pid=1200009266&type=print&gps-source=EXEMLP1FS2L4&utm_source=exacttarget&utm_medium=email&utm_campaign=EXEMLP1FS2L4-72686681

Search URL Search Domain Scan URL

URL: https://subscribe.theadvertiser.com/checkoutflow?offer=W-3K&pid=1200009313&type=print&gps-source=EXEMLP1FS2L4&utm_source=exacttarget&utm_medium=email&utm_campaign=EXEMLP1FS2L4-72686681

Search URL Search Domain Scan URL

URL: https://static.theadvertiser.com/mobile-apps/
Title: View our apps

Search URL Search Domain Scan URL

URL: https://user.theadvertiser.com/user/enewspaper/
Title: View eNewspaper

Search URL Search Domain Scan URL

URL: https://profile.theadvertiser.com/newsletters/manage/
Title: Sign up now

Search URL Search Domain Scan URL

URL: https://login.theadvertiser.com/PLAL-GUP-SAM-ACCTACT/authenticate/?authenticated-url=https%3A%2F%2Faccount.theadvertiser.com%2Flink%3Fnewauth%3DTrue%26onSuccessRedirectURL%3Dhttp%3A%2F%2Fwww.theadvertiser.com%2F
Title: ALREADY A SUBSCRIBER, BUT DON'T HAVE A LOGIN? Activate your digital access

Search URL Search Domain Scan URL

URL: https://chat.theadvertiser.com/
Title: NEED HELP? CHAT NOW

Search URL Search Domain Scan URL

URL: http://help.theadvertiser.com/
Title: Help

Search URL Search Domain Scan URL

URL: http://www.theadvertiser.com/subscriberguide/#apps
Title: Mobile Apps

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cl.exct.net/?qs=75b1271336b7c2d0a20ef71892b222d4acf996617da3af5ac0cd4d922fe487811e056ea26fb073c21cbfaa88ed86a59d9c2ab1eae3090e972461c70d1108ce86 HTTP 302
https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://sb.scorecardresearch.com/b?c1=2&c2=6035223&name=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP1FS2L4-72686681&ns__t=1642111451560&ns_c=UTF-8&cv=3.5&c8=Subscription%20Offers%2C%20Specials%2C%20and%20Discounts&c7=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP1FS2L4-72686681&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035223&name=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP1FS2L4-72686681&ns__t=1642111451560&ns_c=UTF-8&cv=3.5&c8=Subscription%20Offers%2C%20Specials%2C%20and%20Discounts&c7=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP1FS2L4-72686681&c9=

42 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request channeloffer Show response
cm.theadvertiser.com/
Redirect Chain

https://cl.exct.net/?qs=75b1271336b7c2d0a20ef71892b222d4acf996617da3af5ac0cd4d922fe487811e056ea26fb073c21cbfaa88ed86a59d9c2ab1eae3090e972461c70d1108ce86
https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681

51 KB
13 KB

96ms
25ms

Document
text/html

151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f44c66937a6613bd7f3d19594eb7d40495e2d5d891bfbd41042638f1b8a176f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
cache-control: max-age=3600
accept-ranges: bytes
date: Thu, 13 Jan 2022 22:04:10 GMT
age: 2876
x-cache: HIT
x-timer: S1642111451.724112,VS0,VE3
vary: Origin, Accept-Encoding,X-AbVariant
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-length: 12146

Redirect headers

Content-Type: text/html; charset=utf-8
Location: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
Content-Length: 323
Expires: Thu, 13 Jan 2022 22:04:10 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 13 Jan 2022 22:04:10 GMT
Connection: keep-alive

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 49ms
11ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: cm.theadvertiser.com
URL: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 17:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jan 2023 17:34:25 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 54ms
19ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 22:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dMq6iJthjOyg56NOUFVpHQ==
age: 6194
vary: Accept-Encoding
content-length: 6508
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jan 2022 12:53:10 GMT
server: cloudflare
etag: 0x8D9D43827C9A0F5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2cce3451-501e-0105-4130-066acc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cd1eb3778074339-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 54ms
19ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c020f54c248a55614e1dbe7002ac03e4a6ed263a6e9d460621b4894add76efcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 22:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kdqkvU4KECv4erbHaj7Yfg==
age: 6194
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 21 Dec 2021 17:26:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 36d2f147-001e-011d-1395-f64759000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6cd1eb37780a4339-FRA

GET
H2 200 moment-with-locales.min.js Show response
cm.theadvertiser.com/node_modules/moment/min/ 345 KB
73 KB 35ms
29ms Script
text/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.theadvertiser.com/node_modules/moment/min/moment-with-locales.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f1dea4239710130a1f91999a3d345b2a0c83ef418de660e94d834ff585a14e52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
age: 2875
date: Thu, 13 Jan 2022 22:04:10 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=3600
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1642111451.773887,VS0,VE4
content-length: 74595

GET
H2 200 moment-timezone-with-data.min.js Show response
cm.theadvertiser.com/node_modules/moment-timezone/builds/ 180 KB
27 KB 31ms
24ms Script
text/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.theadvertiser.com/node_modules/moment-timezone/builds/moment-timezone-with-data.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

31b9bea01ffef2e8f311eafdbbcdd944a12194fa216d8f54489e15a7188d47dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 05 Apr 2017 04:18:56 GMT
age: 2875
date: Thu, 13 Jan 2022 22:04:10 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=3600
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1642111451.773959,VS0,VE3
content-length: 27453

GET
H2 200 fetch.umd.js Show response
cm.theadvertiser.com/node_modules/whatwg-fetch/dist/ 14 KB
4 KB 34ms
28ms Script
text/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.theadvertiser.com/node_modules/whatwg-fetch/dist/fetch.umd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
age: 2875
date: Thu, 13 Jan 2022 22:04:10 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=3600
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1642111451.774054,VS0,VE4
content-length: 3954

GET
H2 200 polyfill.min.js Show response
cm.theadvertiser.com/node_modules/promise-polyfill/dist/ 3 KB
1 KB 33ms
27ms Script
text/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.theadvertiser.com/node_modules/promise-polyfill/dist/polyfill.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8ee7479fa6c7392aa1840f78b8295acfed0f07a372d0d987eed2563a49938e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Sun, 12 Aug 2018 19:28:53 GMT
age: 2875
date: Thu, 13 Jan 2022 22:04:10 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=3600
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1642111451.774110,VS0,VE3
content-length: 1168

GET
H2 200 polyfill.js Show response
cm.theadvertiser.com/node_modules/custom-event-polyfill/ 1 KB
766 B 27ms
22ms Script
text/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.theadvertiser.com/node_modules/custom-event-polyfill/polyfill.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1a0b225188931108f495d6a291af4bbbadc9255d972690bbc60c2e6913699f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Fri, 27 Jul 2018 08:18:39 GMT
age: 2875
date: Thu, 13 Jan 2022 22:04:10 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=3600
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1642111451.774178,VS0,VE1
content-length: 652

GET
H2 200 url-search-params.js Show response
cm.theadvertiser.com/node_modules/url-search-params/build/ 7 KB
2 KB 31ms
27ms Script
text/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.theadvertiser.com/node_modules/url-search-params/build/url-search-params.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bc0e68d47465158820ae7d321bee9b286967967f5f5b18b84bd72fce8e8594ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
age: 2875
date: Thu, 13 Jan 2022 22:04:10 GMT
vary: Origin, Accept-Encoding,X-AbVariant
x-cache: HIT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=3600
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
accept-ranges: bytes
x-timer: S1642111451.774268,VS0,VE3
content-length: 2035

GET
H2 200 8b8431c55803cbf1363e80a44304c7dc.js Show response
try.abtasty.com/ 185 KB
51 KB 50ms
13ms Script
application/javascript 13.35.253.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/8b8431c55803cbf1363e80a44304c7dc.js
Requested by: Host: cm.theadvertiser.com
URL: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-78.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: d39319e439f87637e9ea6c2d1285e8b6ddbcf952d97fee56a89a1a7c09e5f8dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 04:06:29 GMT
content-encoding: gzip
last-modified: Mon, 03 Jan 2022 20:36:37 GMT
server: CloudFront
age: 64662
etag: W/"315eac56726106069f9a66bbd994a6a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 6e432daa93321d42e8840614082fcdc2.cloudfront.net (CloudFront)
cache-control: s-maxage=86400,max-age=30
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: t7Gmh5eommSjyN-tRHFOMDuCuWIivJvv2W94u62NQs910M-l53B1lA==

GET
H2 200 logo-default.svg
www.gannett-cdn.com/gannett-web/properties/theadvertiser/logos-and-branding/ 8 KB
3 KB 22ms
21ms Image
image/svg+xml 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gannett-web/properties/theadvertiser/logos-and-branding/logo-default.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

47d9c920e1979df2c381206e206482446015d6ee4c0656e80ebe6381ee09622c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=SL2cZg==, md5=kEusR3nKm6uhGDfAgG4DFA==
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "904bac4779ca9baba11837c0806e0314"
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1162661
x-amz-meta-goog-reserved-file-mtime: 1521733027
x-guploader-uploadid: ADPycdsNM6CSQ37vQs4qwvl9OmgOfsMXiAs7lDCABheMtxi2OPyMSh3dNcRODfruQ8EO-RBCk4M6JrvS6v4RCql6Itg1P6bflg
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 2695
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5145-BWI, cache-mxp6932-MXP
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.260_19-f724c527f8e516f72b9c4601dd282ab3
last-modified: Mon, 18 Feb 2019 22:02:26 GMT
server: UploadServer
x-timer: S1642111451.867479,VS0,VE2
date: Thu, 13 Jan 2022 22:04:10 GMT
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/svg+xml
access-control-allow-origin: *
expires: Tue, 23 Nov 2021 09:50:13 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1 KB 84ms
28ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cm.theadvertiser.com/
Origin: https://cm.theadvertiser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 22:04:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6672523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 591
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HEKTH%2BTa%2BnQlZXWy8Zghif70y8B3VwLAR%2FJKDhSLURsJ6aIKpum3p6Yn0s5upvKJgXOiHUqJIK2eb2%2BkmWeVG20yTy7lhxTjmveK3RONk7icGtBIH1%2BbXHGV8G1msCsEpjg5J5MkhkwVtFTNS%2Bs5Cpx9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cd1eb380dcf59fb-MXP
expires: Tue, 03 Jan 2023 22:04:10 GMT

GET
H2 200 offer-default.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/ 7 KB
8 KB 46ms
21ms Image
image/png 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/offer-default.png
Requested by: Host: cm.theadvertiser.com
URL: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 79759fba4324b44884086263b681262191ccd9dc6634022db6f0c4b23e90c6ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 22:04:10 GMT
via: 1.1 varnish
age: 101483
x-amz-meta-goog-reserved-file-mtime: 1631212412
x-guploader-uploadid: ADPycds-uilwKLT0qSUCpIZgyhIL7PhVuosIpZ3s96vQeONeBY_1kE5q0TbNkbsxmbssYq4nq9oClqN3euvYlUVDrl0
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 7618
x-served-by: cache-mxp6932-MXP
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:33:59 GMT
server: UploadServer
x-timer: S1642111451.890128,VS0,VE1
etag: "c701e540ac8ce92a3742996fc2c284ea"
x-goog-hash: crc32c=80/vLQ==, md5=xwHlQKyM6So3QplvwsKE6g==
content-type: image/png
access-control-allow-origin: *
expires: Wed, 12 Jan 2022 17:52:48 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 5

GET
H2 200 benefits-1.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/ 127 KB
128 KB 47ms
23ms Image
image/png 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/benefits-1.png
Requested by: Host: cm.theadvertiser.com
URL: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a6233fd94cfc29fa571fea33e7dc16418dd89e369d618866449faf76a5943746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 22:04:10 GMT
via: 1.1 varnish
age: 101482
x-amz-meta-goog-reserved-file-mtime: 1631212413
x-guploader-uploadid: ADPycdvXx6cpeEdFWaSdz6bD61iL_KaLg14RX4EVIKvjjIXQ6pWtVFA_N9KqK4P7KuqWuxuENIWc8rvHtaxadm-8h8M
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 130419
x-served-by: cache-mxp6932-MXP
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:34:00 GMT
server: UploadServer
x-timer: S1642111451.890416,VS0,VE2
etag: "54bab8ff84ad0c7120eda80c143acea3"
x-goog-hash: crc32c=DXtxkA==, md5=VLq4/4StDHEg7agMFDrOow==
content-type: image/png
access-control-allow-origin: *
expires: Wed, 12 Jan 2022 17:52:48 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 benefits-2.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/ 122 KB
123 KB 78ms
53ms Image
image/png 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/benefits-2.png
Requested by: Host: cm.theadvertiser.com
URL: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: df0b018622c8c31a9b7490cdc160369751f33a557d1346a67308bb04df5ee463

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 22:04:10 GMT
via: 1.1 varnish
age: 101481
x-amz-meta-goog-reserved-file-mtime: 1631212413
x-guploader-uploadid: ADPycdu1_kING5JRTMxgWslExPI7A7WkM1F9K5gqLHBsFFwHTfTQxZPs7X87Q9xOINLB4LLfd4T34nb9moYVcdTo1e8JFA_kUA
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 125335
x-served-by: cache-mxp6932-MXP
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:34:00 GMT
server: UploadServer
x-timer: S1642111451.890588,VS0,VE3
etag: "8fb9488c7e44c03d21cb7393d831105f"
x-goog-hash: crc32c=Hx76XA==, md5=j7lIjH5EwD0hy3OT2DEQXw==
content-type: image/png
access-control-allow-origin: *
expires: Wed, 12 Jan 2022 17:52:49 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 benefits-3.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/ 111 KB
111 KB 70ms
46ms Image
image/png 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/benefits-3.png
Requested by: Host: cm.theadvertiser.com
URL: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 784ae837d6e9e378b9ea968c162d63f5e89930ef939a5dca6b8e5701efcb6002

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 22:04:10 GMT
via: 1.1 varnish
age: 101481
x-amz-meta-goog-reserved-file-mtime: 1631212413
x-guploader-uploadid: ADPycdu4fSlSu1MOlnN8a_OyUpPIrLTH0hPcYSEyl6CeHYysjevUYZVdlN-3o-GJydVYqJGtTug-0C1clwivoOahDbE
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 113719
x-served-by: cache-mxp6932-MXP
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:34:00 GMT
server: UploadServer
x-timer: S1642111451.890463,VS0,VE3
etag: "29d3d0d7054803c6cf8d16cb04f03fcb"
x-goog-hash: crc32c=488c4g==, md5=KdPQ1wVIA8bPjRbLBPA/yw==
content-type: image/png
access-control-allow-origin: *
expires: Wed, 12 Jan 2022 17:52:49 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 benefits-4.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/ 117 KB
117 KB 78ms
54ms Image
image/png 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/usat-offers/benefits-4.png
Requested by: Host: cm.theadvertiser.com
URL: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0f9487771b00549f6a2350d2649053e7f25f457fca025b65ebf9165353f6f2d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 22:04:10 GMT
via: 1.1 varnish
age: 101481
x-amz-meta-goog-reserved-file-mtime: 1631212413
x-guploader-uploadid: ADPycdtjdMxY34rLaxCq7VMFDBTfgV4NtL4593yGvp-_sMVnamqMAeeM3pslAZYkzcxczrATBgeQf-cKZXeg62kGtDnDcdzRuw
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 119671
x-served-by: cache-mxp6932-MXP
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:34:01 GMT
server: UploadServer
x-timer: S1642111451.890322,VS0,VE3
etag: "56305e4c922cf783a10e6292f265fed2"
x-goog-hash: crc32c=fyvsgQ==, md5=VjBeTJIs94OhDmKS8mX+0g==
content-type: image/png
access-control-allow-origin: *
expires: Wed, 12 Jan 2022 17:52:49 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 main.js Show response
www.gannett-cdn.com/dcjs/prod/ 143 KB
45 KB 22ms
22ms Script
application/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcjs/prod/main.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

eed34f745674fca23c42b437583b37cbcf382d636a232e934ad6357862e4f92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=EcK7sg==, md5=OgsJC4I7/SOg5CArmTDzPQ==
date: Thu, 13 Jan 2022 22:04:10 GMT
content-encoding: gzip
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 620
x-amz-meta-goog-reserved-file-mtime: 1642107199
x-guploader-uploadid: ADPycdvlcasqFJXTTwVrHexFUN6atv18rC5Erw3afQs6byjSJmKzd1tiHBnXxcZOFCAbOrHkkUVggHf5aJeP9jbB_KA
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 45327
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kcgs7200123-IAD, cache-mxp6932-MXP
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.260_19-f724c527f8e516f72b9c4601dd282ab3
last-modified: Thu, 13 Jan 2022 20:53:47 GMT
server: UploadServer
x-timer: S1642111451.843961,VS0,VE0
etag: "3a0b090b823bfd23a0e4202b9930f33d"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Thu, 13 Jan 2022 20:53:50 GMT
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2, 4

GET
H2 200 645051c7-3b50-404a-8071-97e6728c3680.json Show response
cdn.cookielaw.org/consent/645051c7-3b50-404a-8071-97e6728c3680/ 4 KB
2 KB 67ms
27ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/645051c7-3b50-404a-8071-97e6728c3680/645051c7-3b50-404a-8071-97e6728c3680.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0f558e1975eb43715fa8de7c1ec8e929feed50048ad42dd3a1db2bc17db8880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 22:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: aafFb19vzYJ8TRWFb+VpMQ==
age: 2875
vary: Accept-Encoding
content-length: 1590
x-ms-lease-status: unlocked
last-modified: Wed, 29 Sep 2021 08:42:41 GMT
server: cloudflare
etag: 0x8D983251990706F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7f1f77ed-a01e-0132-0fc2-08c663000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cd1eb3809b63754-MXP
expires: Fri, 14 Jan 2022 02:04:10 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 191 B
224 B 102ms
52ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd429b95adc1755ffb3f7d831ac7e33dad31379239750f32c49c98f7019e45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 22:04:10 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cd1eb383ed63746-MXP

GET
H2 200 010422_NewYearsResolutionSale Show response
cm.theadvertiser.com/nanobar/ Frame 942B 4 KB
3 KB 22ms
22ms Document
text/html 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.theadvertiser.com/nanobar/010422_NewYearsResolutionSale

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ccc0bd3f7037091207b64f81e11bd101fe42ff15008226ae250234c90ca02448

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors https://theadvertiser.com https://.theadvertiser.com https://.gannettdigital.com https://.usatodaynetworkservice.com https://.usatodaynetwork.com 'self';default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';worker-src 'none';style-src-elem 'unsafe-inline';connect-src https://reporting-api.gannettinnovation.com https://api.parsely.com;font-src https://.theadvertiser.com https://.gannettdigital.com https://.gannett-cdn.com data: 'self';img-src https://.theadvertiser.com https://.gannettdigital.com https://.gannett-cdn.com https://images.parsely.com data: 'self';prefetch-src https://.theadvertiser.com https://.gannettdigital.com https://.gannett-cdn.com data: 'self';form-action https://.theadvertiser.com 'self' 'unsafe-hashes';sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-sample;report-uri https://reporting-api.gannettinnovation.com;report-to default
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681

Response headers

expires: Thu, 13 Jan 2022 21:16:15 GMT
last-modified: Sat, 01 Jan 2022 19:22:32 GMT
etag: "efbb7bba061d0c7c57c2a4e261972308"
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: gzip
accept-ranges: bytes
date: Thu, 13 Jan 2022 22:04:10 GMT
age: 2875
x-cache: HIT
x-timer: S1642111451.873159,VS0,VE2
vary: Accept-Encoding,X-AbVariant
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-security-policy: upgrade-insecure-requests;frame-ancestors https://theadvertiser.com https://*.theadvertiser.com https://*.gannettdigital.com https://*.usatodaynetworkservice.com https://*.usatodaynetwork.com 'self';default-src 'none';script-src 'unsafe-inline';style-src 'unsafe-inline';worker-src 'none';style-src-elem 'unsafe-inline';connect-src https://reporting-api.gannettinnovation.com https://api.parsely.com;font-src https://*.theadvertiser.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';img-src https://*.theadvertiser.com https://*.gannettdigital.com https://*.gannett-cdn.com https://images.parsely.com data: 'self';prefetch-src https://*.theadvertiser.com https://*.gannettdigital.com https://*.gannett-cdn.com data: 'self';form-action https://*.theadvertiser.com 'self' 'unsafe-hashes';sandbox allow-scripts allow-popups allow-popups-to-escape-sandbox allow-forms;report-sample;report-uri https://reporting-api.gannettinnovation.com;report-to default
x-content-type-options: nosniff
x-xss-protection: 1;mode=block
strict-transport-security: max-age=63072000;includeSubDomains;preload
feature-policy: autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
permissions-policy: autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
referrer-policy: strict-origin-when-cross-origin
cross-origin-resource-policy: same-site
origin-agent-cluster: ?1
timing-allow-origin: *
x-robots-tag: noindex
content-length: 1613

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 193 B
398 B 54ms
52ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 22:04:10 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cd1eb383edb3746-MXP

GET
H2 200 PLAL-TEALIUM-CMSP.json Show response
www.gannett-cdn.com/dcc/prod/ 40 KB
7 KB 58ms
17ms XHR
application/json 151.101.194.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcc/prod/PLAL-TEALIUM-CMSP.json

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a27f8347c320d4e04ba322503241db5e6a46df728ba68f457809b88c809b6a87

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=y+i7sw==, md5=DNbsmrpzlHoJ/G2cHCL0Ww==
content-security-policy: upgrade-insecure-requests
content-encoding: gzip
etag: "0cd6ec9aba73947a09fc6d9c1c22f45b"
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 6019
x-amz-meta-goog-reserved-file-mtime: 1641912299
x-guploader-uploadid: ADPycds7VgbPVioXdNzObNIMwVMVOIRDlDLprb7xA-qw855DILMVMHLaJzT6ySD5eESOhCWFC9B4v3qQL485qgtib-hUrxk8-g
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 6565
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-iad-kjyo7100153-IAD, cache-mxp6940-MXP
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.260_19-f724c527f8e516f72b9c4601dd282ab3
last-modified: Tue, 11 Jan 2022 15:04:49 GMT
server: UploadServer
x-timer: S1642111451.968566,VS0,VE1
date: Thu, 13 Jan 2022 22:04:10 GMT
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: *
expires: Thu, 13 Jan 2022 20:23:51 GMT
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 / Show response
user.theadvertiser.com/PLAL-GUP/user/ 680 B
2 KB 484ms
455ms Fetch
application/json 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://user.theadvertiser.com/PLAL-GUP/user/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

510e36cd057964772efee52a0c47b1d7d12afbdf0882493be38a0711f083a44e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
via: 1.1 varnish
x-content-type-options: nosniff
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache: MISS
x-cache-hits: 0
content-length: 680
x-served-by: cache-mxp6932-MXP
referrer-policy: same-origin
server: nginx
x-frame-options: DENY
date: Thu, 13 Jan 2022 22:04:11 GMT
vary: Origin
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: https://cm.theadvertiser.com
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 13 Jan 2022 22:04:11 GMT

GET
H2 200 UnifySans_W_Rg.woff2
staticassets.gannettdigital.com/gci-static-assets/assets/global/digital-renovation/fonts/ 16 KB
16 KB 60ms
21ms Font
application/octet-stream 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/digital-renovation/fonts/UnifySans_W_Rg.woff2
Requested by: Host: cm.theadvertiser.com
URL: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9

Request headers

Referer: https://cm.theadvertiser.com/
Origin: https://cm.theadvertiser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 22:04:10 GMT
via: 1.1 varnish
age: 108599
x-amz-meta-goog-reserved-file-mtime: 1631212412
x-guploader-uploadid: ADPycdte96rbyKq6r651pzeq_cUoD1CWWHIMxOzTKKnOxl1mJOTPrgD24bOwalCeuFrcsLO_0Ymu_SFEIft_MdZhALk
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 16620
x-served-by: cache-cdg20735-CDG
x-clacks-overhead: GNU Terry Pratchett
expires: Wed, 12 Jan 2022 15:54:11 GMT
last-modified: Thu, 09 Sep 2021 18:33:48 GMT
server: UploadServer
x-timer: S1642111451.970951,VS0,VE2
etag: "3813aba0274244941c060a0cba29c5a2"
x-goog-hash: crc32c=0TAa6g==, md5=OBOroCdCRJQcBgoMuinFog==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 UnifySans_W_SBd.woff2
staticassets.gannettdigital.com/gci-static-assets/assets/global/digital-renovation/fonts/ 17 KB
18 KB 55ms
17ms Font
application/octet-stream 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/digital-renovation/fonts/UnifySans_W_SBd.woff2
Requested by: Host: cm.theadvertiser.com
URL: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a

Request headers

Referer: https://cm.theadvertiser.com/
Origin: https://cm.theadvertiser.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 22:04:10 GMT
via: 1.1 varnish
age: 108599
x-amz-meta-goog-reserved-file-mtime: 1631212412
x-guploader-uploadid: ADPycdvpXQlHF8YqiptbVtKOGq5Jf77b0nAmMbWYYffqol-kMEG7MixZRnAEZo9w1qEsk_vGo1WzxITdzjRtJd4XIyP6AGCzUQ
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 17876
x-served-by: cache-cdg20735-CDG
x-clacks-overhead: GNU Terry Pratchett
expires: Wed, 12 Jan 2022 15:54:12 GMT
last-modified: Thu, 09 Sep 2021 18:33:48 GMT
server: UploadServer
x-timer: S1642111451.971117,VS0,VE2
etag: "eec61fc37ea7dff16e6503e33ab66949"
x-goog-hash: crc32c=p0JC6w==, md5=7sYfw36n3/FuZQPjOrZpSQ==
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 analytics.14e66f4c971666761221.js
try.abtasty.com/shared/ 0
8 KB 8ms
8ms Other
application/javascript 13.35.253.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/shared/analytics.14e66f4c971666761221.js
Requested by: Host: try.abtasty.com
URL: https://try.abtasty.com/8b8431c55803cbf1363e80a44304c7dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-78.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:44:26 GMT
content-encoding: gzip
last-modified: Thu, 06 Jan 2022 12:44:18 GMT
server: CloudFront
age: 638385
etag: W/"96aef2a12ced68d78e98c5e04a326ffd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 6e432daa93321d42e8840614082fcdc2.cloudfront.net (CloudFront)
cache-control: s-maxage=31536000,max-age=31536000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: OOtzXXu9w6OOJDQ74bpzA3qE4CDEb9wTmG_qNHPe_c805XZYLk6BfA==

GET
H2 200 analytics.14e66f4c971666761221.js Show response
try.abtasty.com/shared/ 32 KB
8 KB 7ms
7ms Script
application/javascript 13.35.253.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/shared/analytics.14e66f4c971666761221.js
Requested by: Host: try.abtasty.com
URL: https://try.abtasty.com/8b8431c55803cbf1363e80a44304c7dc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.253.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-253-78.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: df3c8c7d6b6bfe22cd661e8892848d98f916e08c82309a683e3d48d8cdc14c24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 12:44:26 GMT
content-encoding: gzip
last-modified: Thu, 06 Jan 2022 12:44:18 GMT
server: CloudFront
age: 638385
etag: W/"96aef2a12ced68d78e98c5e04a326ffd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 6e432daa93321d42e8840614082fcdc2.cloudfront.net (CloudFront)
cache-control: s-maxage=31536000,max-age=31536000
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: PRsF34znJgFtTYyAy6bPfQaGxxA1X8YEaJqK6_Dq1VHy7jW2-HjXBA==

POST
H2 200 geoip Show response
dcinfos-cache.abtasty.com/v1/ 416 B
436 B 78ms
28ms Fetch
application/json 34.107.143.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/geoip

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/8b8431c55803cbf1363e80a44304c7dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.143.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.143.107.34.bc.googleusercontent.com

Software

- /

Resource Hash

a670957aba6368e2ec2eaa4a038ffb95d30662e973effbda10c9c31734ef53f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cm.theadvertiser.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 13 Jan 2022 22:04:11 GMT
content-encoding: gzip
x-envoy-decorator-operation: -
age: 0
grpc-metadata-date: Thu, 13 Jan 2022 22:04:10 GMT
x-cache: miss uncacheable
x-restart: 0
x-envoy-upstream-service-time: 13
grpc-metadata-server: envoy
grpc-metadata-content-type: application/grpc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
grpc-metadata-grpc-accept-encoding: gzip
access-control-allow-origin: *
server: -
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
via: 1.1 google
grpc-metadata-x-envoy-upstream-service-time: 3
cache-control: private, max-age=600
accept-ranges: bytes

POST
H2 200 ua-parser Show response
dcinfos-cache.abtasty.com/v1/ 118 B
527 B 65ms
16ms Fetch
application/json 34.107.143.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dcinfos-cache.abtasty.com/v1/ua-parser

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/8b8431c55803cbf1363e80a44304c7dc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.143.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.143.107.34.bc.googleusercontent.com

Software

- /

Resource Hash

96d604464c440048253e409670b96113badf4ef4a14054e75f7488f796fee8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cm.theadvertiser.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 13 Jan 2022 12:37:04 GMT
content-encoding: gzip
x-envoy-decorator-operation: -
age: 34026
grpc-metadata-date: Thu, 13 Jan 2022 12:37:04 GMT
x-cache: hit cached
x-restart: 0
x-envoy-upstream-service-time: 0
grpc-metadata-server: envoy
grpc-metadata-content-type: application/grpc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111
access-control-allow-origin: *
server: -
vary: Accept-Encoding,User-Agent
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
via: 1.1 google
grpc-metadata-x-envoy-upstream-service-time: 1
cache-control: public, max-age=86400
accept-ranges: bytes

GET
H2 200 white-chat-icon.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/ 2 KB
2 KB 58ms
58ms Image
image/png 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/static-web/white-chat-icon.png
Requested by: Host: cm.theadvertiser.com
URL: https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a62238516566121bc6728cf24407e1705d43f61044ee02c5ffef99edb2a11e1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 22:04:11 GMT
via: 1.1 varnish
age: 101480
x-amz-meta-goog-reserved-file-mtime: 1631212413
x-guploader-uploadid: ADPycduuEQ2x5lwa0sKDUrS7KT0Y3YeLzppLD6RTqHOvzGMtFX4c2TjfO1uM7Q4AY3wOMNhNxIajD3L6MNvTi8tkg_k
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
content-length: 1849
x-served-by: cache-mxp6932-MXP
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:34:02 GMT
server: UploadServer
x-timer: S1642111451.000593,VS0,VE39
etag: "7f876d837b7424505e1e334ba6d1fe76"
x-goog-hash: crc32c=2gFSiA==, md5=f4dtg3t0JFBeHjNLptH+dg==
content-type: image/png
access-control-allow-origin: *
expires: Wed, 12 Jan 2022 17:52:51 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.24.0/ 317 KB
76 KB 18ms
17ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: V5hcbF1dEgrls6P2M61C9g==
age: 6195
vary: Accept-Encoding
content-length: 77260
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:37 GMT
server: cloudflare
etag: 0x8D983BB67EEBDFE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3b1553aa-a01e-00fa-485b-001101000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cd1eb38dc7b4339-FRA

GET
H2 200 p.js Show response
cdn.parsely.com/keys/theadvertiser.com/ 71 KB
25 KB 51ms
16ms Script
application/javascript 65.9.7.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/theadvertiser.com/p.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.60 Altamonte Springs, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9205701182379e8b6962ee24e841bd4f0beff7c607c18637525bfb8136aec1d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: public
date: Thu, 13 Jan 2022 03:03:28 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 16:32:33 GMT
server: nginx
age: 68443
etag: W/"602bf3a1-11dac"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9_HTnOOTB9I252FxhCo68kUHC9eJvHSWp7B90sRjheTPVztPLFOZQA==
expires: Fri, 14 Jan 2022 03:03:28 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/645051c7-3b50-404a-8071-97e6728c3680/2a0c61d2-1191-420c-a4e2-c1b469d21a35/ 195 KB
32 KB 51ms
50ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/645051c7-3b50-404a-8071-97e6728c3680/2a0c61d2-1191-420c-a4e2-c1b469d21a35/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76901d8740498864b0520cb766f2335d4d96102d32b61d48061de9b146de6873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uAg2Thtw9Y5SN/4MuzHI7w==
age: 2876
vary: Accept-Encoding
content-length: 32507
x-ms-lease-status: unlocked
last-modified: Wed, 29 Sep 2021 08:43:44 GMT
server: cloudflare
etag: 0x8D983253F46C094
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 359e97c8-501e-0089-59c2-0861c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cd1eb392c1c3754-MXP
expires: Fri, 14 Jan 2022 02:04:11 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 272 KB
38 KB 35ms
35ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

071834074743fccbae50391626cfccd28b97489d7c0abde6dd6d2d879147e7b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: erBVM3W6QEaJqc9rm4vo3A==
age: 2876
vary: Accept-Encoding
content-length: 38535
x-ms-lease-status: unlocked
last-modified: Thu, 13 Jan 2022 13:00:43 GMT
server: cloudflare
etag: 0x8D9D694B578410A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f24fd6f1-201e-0063-6fc2-089ec3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cd1eb392c213754-MXP

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.24.0/ 68 KB
15 KB 18ms
18ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YWYJyC7v39x7IuEj8ZuoGA==
age: 7509399
vary: Accept-Encoding
content-length: 14952
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:39 GMT
server: cloudflare
etag: 0x8D983BB68F56316
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e8523671-201e-0101-2a6c-c49f4e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cd1eb391d074339-FRA

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 9 KB
3 KB 29ms
28ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: FNyxpIt5ExRRMGYfAjVUrQ==
age: 2875
vary: Accept-Encoding
content-length: 2584
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:29 GMT
server: cloudflare
etag: 0x8D983BB6347FB45
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cbab4e69-b01e-000b-67c2-08c092000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cd1eb3a2e9b3754-MXP

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.24.0/assets/ 20 KB
4 KB 56ms
56ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.24.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.24.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 13 Jan 2022 22:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 2875
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 30 Sep 2021 02:38:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: d7f2035f-701e-001d-29c2-08010c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6cd1eb3a2ea03754-MXP

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 132ms
40ms Script
application/javascript 13.33.240.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.240.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-240-66.hel50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 05:00:05 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 66935
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0375bed1ba39e96b4d60160b81be6096.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: 3I9wOeNfEHqzrbALYhfV__hErA52Nb8b0e5_zbB0PvyMRainXRa2eg==

POST
H2 200 / Show response
ariane.abtasty.com/ 43 B
423 B 54ms
17ms Fetch
image/gif 34.102.161.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ariane.abtasty.com/

Requested by

Host: try.abtasty.com
URL: https://try.abtasty.com/shared/analytics.14e66f4c971666761221.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.161.46 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

46.161.102.34.bc.googleusercontent.com

Software

- /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cm.theadvertiser.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-decorator-operation: -
server: -
access-control-allow-headers: Content-Type,Origin,Accept,Set-Cookie,X-ABTasty-CrossDomain
date: Thu, 13 Jan 2022 22:04:11 GMT
access-control-allow-methods: GET,HEAD,POST
content-type: image/gif
access-control-allow-origin: https://cm.theadvertiser.com
cache-control: must-revalidate, no-cache, private
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
via: 1.1 google

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035223&name=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_med...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035223&name=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_me...

0
223 B

56ms
56ms

Image
text/plain

13.33.240.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035223&name=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP1FS2L4-72686681&ns__t=1642111451560&ns_c=UTF-8&cv=3.5&c8=Subscription%20Offers%2C%20Specials%2C%20and%20Discounts&c7=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP1FS2L4-72686681&c9=
Protocol: H2
Server: 13.33.240.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-240-66.hel50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cm.theadvertiser.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 22:04:11 GMT
via: 1.1 0375bed1ba39e96b4d60160b81be6096.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: eo9dbv6DWIE93eL65OkcnaXzZknFB7alS1tLtkfpNayrzTc09qKDrA==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 13 Jan 2022 22:04:11 GMT
via: 1.1 0375bed1ba39e96b4d60160b81be6096.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035223&name=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP1FS2L4-72686681&ns__t=1642111451560&ns_c=UTF-8&cv=3.5&c8=Subscription%20Offers%2C%20Specials%2C%20and%20Discounts&c7=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP1FS2L4-72686681&c9=
content-length: 621
x-amz-cf-id: rx-wzJxyOKWVthCgt5UA0kcEQKdPmrCT8UMLLsn5fqMzVn5PEnWlVA==

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theadvertiser.com/	1970-01-20 08:54:07	Name: gnt_ub Value: 54
.theadvertiser.com/	1970-01-20 08:54:07	Name: gnt_sb Value: 11
.theadvertiser.com/	1970-01-20 00:08:53	Name: gnt_cz Value: 91541
.theadvertiser.com/	1970-01-20 00:08:53	Name: gnt_cc Value: rothenburg ob der tauber
.theadvertiser.com/	1970-01-20 00:51:43	Name: gnt_eu Value: true
.theadvertiser.com/	1970-01-20 09:27:14	Name: ABTasty Value: uid=11y0bpnxtf0a40tq&fst=1642111450986&pst=-1&cst=1642111450986&ns=1&pvt=1&pvis=1&th=
cm.theadvertiser.com/	1970-01-20 08:54:07	Name: usprivacy Value: 1---
.theadvertiser.com/	1970-01-20 00:08:33	Name: ABTastySession Value: mrasn=&sen=0&lp=https%253A%252F%252Fcm.theadvertiser.com%252Fchanneloffer%253Foffer%253DW-3K%2526bar%253Dtop%2526barBuild%253Datoms-pid6802%2526gps-source%253DEXEMLP1FS2L4%2526utm_medium%253Demail%2526utm_source%253Dexacttarget%2526utm_campaign%253DEXEMLP1FS2L4-72686681
.theadvertiser.com/	1970-01-20 00:08:33	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://cm.theadvertiser.com/channeloffer?offer=W-3K&bar=top&barBuild=atoms-pid6802&gps-source=EXEMLP1FS2L4&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLP1FS2L4-72686681%22%2C%22sref%22:%22%22%2C%22sts%22:1642111451099%2C%22slts%22:0}
.theadvertiser.com/	1970-01-20 04:27:43	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Thu+Jan+13+2022+22%3A04%3A11+GMT%2B0000+(GMT)&version=6.24.0&hosts=&consentId=315a4b29-ac6b-4900-9a29-e0a218203e62&interactionCount=0&landingPath=https%3A%2F%2Fcm.theadvertiser.com%2Fchanneloffer%3Foffer%3DW-3K%26bar%3Dtop%26barBuild%3Datoms-pid6802%26gps-source%3DEXEMLP1FS2L4%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLP1FS2L4-72686681&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0%2CSTACK1%3A0%2CSTACK24%3A0
.theadvertiser.com/	1970-01-20 08:54:07	Name: gup_lng Value: %7B%22ret-usr%22%3A%20false%2C%20%22ret-sub%22%3A%20false%2C%20%22auth%22%3A%20false%2C%20%22name%22%3A%20%22%22%2C%20%22hma%22%3A%20false%2C%20%22lic%22%3A%20%22none%22%2C%20%22lpf%22%3A%20false%2C%20%22pjwt%22%3A%20null%2C%20%22updated%22%3A%201642111451%2C%20%223PID%22%3A%20null%2C%20%22ips%22%3A%20false%7D
.theadvertiser.com/	1970-01-20 08:54:07	Name: gup_anonid Value: bce34a0a-74bc-11ec-9154-76088cc56234
.theadvertiser.com/	1970-01-20 08:54:07	Name: gup_clientid Value: bce4c6be-74bc-11ec-9154-76088cc56234
.scorecardresearch.com/	1970-01-20 17:25:19	Name: UID Value: 1RXWZJXYOKWVTHCGT5UA0Kg1642111452

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: autoplay, camera, display-capture, encrypted-media, fullscreen, geolocation, microphone, midi, payment, picture-in-picture, publickey-credentials-get, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
security	error	URL: https://cm.theadvertiser.com/nanobar/010422_NewYearsResolutionSale#o=https://cm.theadvertiser.com&p=1-800-259-8852&n=The%20Daily%20Advertiser Message: Unrecognized Content-Security-Policy directive 'report-sample'.
other	warning	URL: https://cm.theadvertiser.com/nanobar/010422_NewYearsResolutionSale#o=https://cm.theadvertiser.com&p=1-800-259-8852&n=The%20Daily%20Advertiser Message: The page requested an origin-keyed agent cluster using the Origin-Agent-Cluster header, but could not be origin-keyed since the origin 'https://cm.theadvertiser.com' had previously been placed in a site-keyed agent cluster. Update your headers to uniformly request origin-keying for all pages on the origin.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
ariane.abtasty.com
cdn.cookielaw.org
cdn.parsely.com
cdnjs.cloudflare.com
cl.exct.net
cm.theadvertiser.com
dcinfos-cache.abtasty.com
geolocation.onetrust.com
sb.scorecardresearch.com
staticassets.gannettdigital.com
try.abtasty.com
user.theadvertiser.com
www.gannett-cdn.com
13.33.240.66
13.35.253.78
151.101.194.62
151.101.2.62
151.101.66.62
2606:4700:10::6814:b944
2606:4700::6810:135e
2606:4700::6810:9540
2a00:1450:4001:810::200a
2a02:26f0:6c00:2ad::416d
34.102.161.46
34.107.143.101
65.9.7.60
02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9
071834074743fccbae50391626cfccd28b97489d7c0abde6dd6d2d879147e7b1
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
0f9487771b00549f6a2350d2649053e7f25f457fca025b65ebf9165353f6f2d6
0fd429b95adc1755ffb3f7d831ac7e33dad31379239750f32c49c98f7019e45f
1a0b225188931108f495d6a291af4bbbadc9255d972690bbc60c2e6913699f2c
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
31b9bea01ffef2e8f311eafdbbcdd944a12194fa216d8f54489e15a7188d47dc
47d9c920e1979df2c381206e206482446015d6ee4c0656e80ebe6381ee09622c
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4f44c66937a6613bd7f3d19594eb7d40495e2d5d891bfbd41042638f1b8a176f
510e36cd057964772efee52a0c47b1d7d12afbdf0882493be38a0711f083a44e
76901d8740498864b0520cb766f2335d4d96102d32b61d48061de9b146de6873
784ae837d6e9e378b9ea968c162d63f5e89930ef939a5dca6b8e5701efcb6002
79759fba4324b44884086263b681262191ccd9dc6634022db6f0c4b23e90c6ad
8592cb7471c1b07f3e828af105858e795e1122adfce21be5e6ec43054d5be2fa
9205701182379e8b6962ee24e841bd4f0beff7c607c18637525bfb8136aec1d7
96d604464c440048253e409670b96113badf4ef4a14054e75f7488f796fee8b7
9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92
a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a27f8347c320d4e04ba322503241db5e6a46df728ba68f457809b88c809b6a87
a62238516566121bc6728cf24407e1705d43f61044ee02c5ffef99edb2a11e1e
a6233fd94cfc29fa571fea33e7dc16418dd89e369d618866449faf76a5943746
a670957aba6368e2ec2eaa4a038ffb95d30662e973effbda10c9c31734ef53f2
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b0f558e1975eb43715fa8de7c1ec8e929feed50048ad42dd3a1db2bc17db8880
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
bc0e68d47465158820ae7d321bee9b286967967f5f5b18b84bd72fce8e8594ac
c020f54c248a55614e1dbe7002ac03e4a6ed263a6e9d460621b4894add76efcd
ccc0bd3f7037091207b64f81e11bd101fe42ff15008226ae250234c90ca02448
d39319e439f87637e9ea6c2d1285e8b6ddbcf952d97fee56a89a1a7c09e5f8dd
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
df0b018622c8c31a9b7490cdc160369751f33a557d1346a67308bb04df5ee463
df3c8c7d6b6bfe22cd661e8892848d98f916e08c82309a683e3d48d8cdc14c24
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ee7479fa6c7392aa1840f78b8295acfed0f07a372d0d987eed2563a49938e8
ec2f6762f857fdc509ffa369c2b398982af1fa6cd2c0298d6088046fa757b852
eed34f745674fca23c42b437583b37cbcf382d636a232e934ad6357862e4f92e
f1dea4239710130a1f91999a3d345b2a0c83ef418de660e94d834ff585a14e52

cm.theadvertiser.com Open in urlscan Pro 151.101.66.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

98 %HTTPS

38 %IPv6

11 Domains

14 Subdomains

13 IPs

2 Countries

1015 kBTransfer

2623 kBSize

14 Cookies

14 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cm.theadvertiser.com Open in urlscan Pro
151.101.66.62 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

98 %
HTTPS

38 %
IPv6

11
Domains

14
Subdomains

13
IPs

2
Countries

1015 kB
Transfer

2623 kB
Size

14
Cookies

42 HTTP transactions
1 data transactions